Users tend to think it’s safe to install apps from Google Play. After all, it’s the most official of all official stores for Android, and all apps there are thoroughly vetted by Google moderators, right? Bear in mind, however, that Google Play is home to more than three million unique apps, most of which get updated regularly, and to vet all of them thoroughly — that is, really … [Read more...] about Google Play malware clocks up more than 600 million downloads in 2023
Million
StripedFly Malware Operated Unnoticed for 5 Years, Infecting 1 Million Devices
An advanced strain of malware masquerading as a cryptocurrency miner has managed to fly the radar for over five years, infecting no less than one million devices around the world in the process. That's according to findings from Kaspersky, which has codenamed the threat StripedFly, describing it as an "intricate modular framework that supports both Linux and Windows." The … [Read more...] about StripedFly Malware Operated Unnoticed for 5 Years, Infecting 1 Million Devices
North Korea’s Lazarus Group Launders $900 Million in Cryptocurrency
Oct 06, 2023NewsroomCyber Crime / Cryptocurrency As much as $7 billion in cryptocurrency has been illicitly laundered through cross-chain crime, with the North Korea-linked Lazarus Group linked to the theft of roughly $900 million of those proceeds between July 2022 and July of this year. "As traditional entities such as mixers continue to be subject to seizures and sanctions … [Read more...] about North Korea’s Lazarus Group Launders $900 Million in Cryptocurrency
North Korea’s Lazarus Group Suspected in $31 Million CoinEx Heist
Sep 17, 2023THNCryptocurrency / Cyber Attack The North Korea-affiliated Lazarus Group has stolen nearly $240 million in cryptocurrency since June 2023, marking a significant escalation of its hacks. According to multiple reports from Certik, Elliptic, and ZachXBT, the infamous hacking group is said to be suspected behind the theft of $31 million in digital assets from the … [Read more...] about North Korea’s Lazarus Group Suspected in $31 Million CoinEx Heist
TikTok Faces Massive €345 Million Fine Over Child Data Violations in E.U.
Sep 16, 2023THNPrivacy / Technology The Irish Data Protection Commission (DPC) slapped TikTok with a €345 million (about $368 million) fine for violating the European Union's General Data Protection Regulation (GDPR) in relation to its handling of children's data. The investigation, initiated in September 2021, examined how the popular short-form video platform processed … [Read more...] about TikTok Faces Massive €345 Million Fine Over Child Data Violations in E.U.
Two Spyware Apps on Google Play with 1.5 Million Users Sending Data to China
Jul 08, 2023Swati KhandelwalMobile Security / Spyware Two file management apps on the Google Play Store have been discovered to be spyware, putting the privacy and security of up to 1.5 million Android users at risk. These apps engage in deceptive behaviour and secretly send sensitive user data to malicious servers in China. Pradeo, a leading mobile security company, has … [Read more...] about Two Spyware Apps on Google Play with 1.5 Million Users Sending Data to China
New Vulnerability in Popular WordPress Plugin Exposes Over 2 Million Sites to Cyberattacks
May 06, 2023Ravie Lakshmanan Users of Advanced Custom Fields plugin for WordPress are being urged to update version 6.1.6 following the discovery of a security flaw. The issue, assigned the identifier CVE-2023-30777, relates to a case of reflected cross-site scripting (XSS) that could be abused to inject arbitrary executable scripts into otherwise benign websites. The plugin, … [Read more...] about New Vulnerability in Popular WordPress Plugin Exposes Over 2 Million Sites to Cyberattacks
Over a Dozen PHP Packages with 500 Million Compromised
May 05, 2023Ravie LakshmananProgramming / Software Security PHP software package repository Packagist revealed that an "attacker" gained access to four inactive accounts on the platform to hijack over a dozen packages with over 500 million installs to date. "The attacker forked each of the packages and replaced the package description in composer.json with their own message … [Read more...] about Over a Dozen PHP Packages with 500 Million Compromised
Over 1 Million WordPress Sites Infected by Balada Injector Malware Campaign
Apr 10, 2023Ravie LakshmananWeb Security / Malware Over one million WordPress websites are estimated to have been infected by an ongoing campaign to deploy malware called Balada Injector since 2017. The massive campaign, per GoDaddy's Sucuri, "leverages all known and recently discovered theme and plugin vulnerabilities" to breach WordPress sites. The attacks are known to play … [Read more...] about Over 1 Million WordPress Sites Infected by Balada Injector Malware Campaign
Massive HTTP DDoS Attack Hits Record High of 71 Million Requests/Second
Feb 14, 2023Ravie Lakshmanan Web infrastructure company Cloudflare on Monday disclosed that it thwarted a record-breaking distributed denial-of-service (DDoS) attack that peaked at over 71 million requests per second (RPS). "The majority of attacks peaked in the ballpark of 50-70 million requests per second (RPS) with the largest exceeding 71 million," the company said, … [Read more...] about Massive HTTP DDoS Attack Hits Record High of 71 Million Requests/Second