Dec 29, 2022Ravie LakshmananOnline Security / Malvertising Users searching for popular software are being targeted by a new malvertising campaign that abuses Google Ads to serve trojanized variants that deploy malware, such as Raccoon Stealer and Vidar. The activity makes use of seemingly credible websites with typosquatted domain names that are surfaced on top of Google … [Read more...] about New Malvertising Campaign via Google Ads Targets Users Searching for Popular Software
Users
Google to Pay $391 Million Privacy Fine for Secretly Tracking Users’ Location
Internet giant Google has agreed to pay a record $391.5 million to settle with 40 states in the U.S. over charges the company misled users about the collection of personal location data. "Google misled its users into thinking they had turned off location tracking in their account settings, when, in fact, Google continued to collect their location information," Oregon Attorney … [Read more...] about Google to Pay $391 Million Privacy Fine for Secretly Tracking Users’ Location
New TikTok Privacy Policy Confirms Chinese Staff Can Access European Users’ Data
Popular short-form video-sharing service TikTok is revising its privacy policy for European users to make it explicitly clear that user data can be accessed by some employees from across the world, including China. The ByteDance-owned platform, which currently stores European user data in the U.S. and Singapore, said the revision is part of its ongoing data governance efforts … [Read more...] about New TikTok Privacy Policy Confirms Chinese Staff Can Access European Users’ Data
Experts Find Malicious Cookie Stuffing Chrome Extensions Used by 1.4 Million Users
Five imposter extensions for the Google Chrome web browser masquerading as Netflix viewers and others have been found to track users' browsing activity and profit of retail affiliate programs. "The extensions offer various functions such as enabling users to watch Netflix shows together, website coupons, and taking screenshots of a website," McAfee researchers Oliver Devane and … [Read more...] about Experts Find Malicious Cookie Stuffing Chrome Extensions Used by 1.4 Million Users
Chinese Hackers Backdoored MiMi Chat App to Target Windows, Linux, macOS Users
A pair of reports from cybersecurity firms SEKOIA and Trend Micro sheds light on a new campaign undertaken by a Chinese threat actor named Lucky Mouse that involves leveraging a trojanized version of a cross-platform messaging app to backdoor systems. Infection chains leverage a chat application called MiMi, with its installer files compromised to download and install HyperBro … [Read more...] about Chinese Hackers Backdoored MiMi Chat App to Target Windows, Linux, macOS Users
Researchers Warn of Raspberry Robin’s Worm Targeting Windows Users
Cybersecurity researchers are drawing attention to an ongoing wave of attacks linked to a threat cluster tracked as Raspberry Robin that's behind a Windows malware with worm-like capabilities. Describing it as a "persistent" and "spreading" threat, Cybereason said it observed a number of victims in Europe. The infections involve a worm that propagates over removable USB … [Read more...] about Researchers Warn of Raspberry Robin’s Worm Targeting Windows Users
New Privacy Framework for IoT Devices Gives Users Control Over Data Sharing
A newly designed privacy-sensitive architecture aims to enable developers to create smart home apps in a manner that addresses data sharing concerns and puts users in control over their personal information. Dubbed Peekaboo by researchers from Carnegie Mellon University, the system "leverages an in-home hub to pre-process and minimize outgoing data in a structured and … [Read more...] about New Privacy Framework for IoT Devices Gives Users Control Over Data Sharing
10 Most Prolific Banking Trojans Targeting Hundreds of Financial Apps with Over a Billion Users
10 of the most prolific mobile banking trojans have set their eyes on 639 financial applications that are available on the Google Play Store and have been cumulatively downloaded over 1.01 billion times. Some of the most targeted apps include Walmart-backed PhonePe, Binance, Cash App, Garanti BBVA Mobile, La Banque Postale, Ma Banque, Caf - Mon Compte, Postepay, and BBVA … [Read more...] about 10 Most Prolific Banking Trojans Targeting Hundreds of Financial Apps with Over a Billion Users
How phishers prey on Wise / TransferWise users
Attackers often send phishing e-mails in the name of well-known companies to extract credentials for users’ personal accounts, phone numbers and other information that can be useful for scams or account takeovers. Of course, among the most attractive targets for phishers are clients of financial organizations such as banks, cryptoexchanges, payment systems and the like. This … [Read more...] about How phishers prey on Wise / TransferWise users
Cytrox’s Predator Spyware Targeted Android Users with Zero-Day Exploits
Google's Threat Analysis Group (TAG) on Thursday pointed fingers at a North Macedonian spyware developer named Cytrox for developing exploits against five zero-day (aka 0-day) flaws, four in Chrome and one in Android, to target Android users. "The 0-day exploits were used alongside n-day exploits as the developers took advantage of the time difference between when some critical … [Read more...] about Cytrox’s Predator Spyware Targeted Android Users with Zero-Day Exploits