Cyber Bites

Stalkerware called Monitor Minor gives users the ability to creep on a target’s missives swapped via Instagram, Skype and Snapchat. Researchers are sending up a red flag over the distribution of an aggressive stalkerware app called Monitor Minor. In a report released Monday, researchers said the Android version of the app gives stalkers near absolute control of targeted devices, going so far as allowing them to capture the unlock pattern or unlock code of phones....

Threat researchers at security company RiskIQ have identified a cyber-attack against blender vendor NutriBullet that has successfully installed credit card stealing malware on the international nutribullet.com website. Not just once, but three times within three weeks. Source: Forbes

 In the midst of the global emergency caused by the Coronavirus pandemic, the Argentine government confirmed on March 14 that they suffered a hack on the website of their official gazette (Boletin Official) based on blockchain technology, where false statements regarding the coronavirus were spread. Source: Cointelegraph  

  Cyber-attackers have hacked the US Health and Human Services Department as America works hard to minimize the impact of the COVID-19 virus.  The intrusion occurred on Sunday night and is thought to have been motivated by a desire to slow the agency down and spread misinformation among the public. After compromising the department's system, attackers circulated a false claim that the American government planned to introduce a nationwide lockdown. Source: Info Security

  The web-development browser Blisk suffered a data breach leaking more than 2.9 million records through an open Elasticsearch database that was left open and that bypassed the security put in place by its users. The browser has been compromised in a way that it now leaks the data it was designed to gather from web development teams, UX designers and web engineers, according to Noam Rotem and Ran Locar, leaders of VPNMentor’s security team,...

An Illinois college is offering nearly free credit monitoring to over 1,700 current and former employees following a recent data breach. Officials at the College of DuPage confirmed on Monday that a cybersecurity incident had taken place recently. College president Brian Caputo said that personal and tax information belonging to 1,755 staff had been compromised. Data exposed in the incident included 2018 W-2 tax forms. Source: InfoSecurity

Each day, as the novel coronavirus multiplies and spreads, so do cyber scams capitalizing on users’ fears and thirst for knowledge concerning this pandemic. The perpetrators, and their victims, are based all over the world, as evidenced by two recently discovered global APT-style campaigns designed to spread remote access trojans. Source: SC Magazine

Princess Cruises has reported a data breach where an unsanctioned third party gained unauthorised access to some employee email accounts that contained personal information regarding its employees, crew, and guests. The company identified suspicious activity on its network in late May 2019, and has identified that the data breach happened between 11 April and 23 July 2019. Source: Marketing Interactive

A coronavirus tracking application is actually infecting Android devices with ransomware, with owners then asked to pay a $100 ransom to have their smartphones unlocked. Coronavirus trackers are particularly popular these days, as many users look for such apps to keep an eye on the virus outbreak, so it’s not necessarily a surprise that malicious actors are trying to use this growing demand for such apps for their own benefit. Source: Softpedia

Researchers at cybersecurity firm Kaspersky have discovered two new Android malware modifications that, when combined, can steal cookies collected by the browser and app of popular social networking sites and then allow the thieves to discreetly gain control of the victim’s account in order to send various ill-intentioned content. Source: Express Computer