Cyber Bites

Google has pulled three malicious apps from Google Play, one of which exploits a recently patched kernel privilege escalation bug in Android (CVE-2019-2215) to install the app aimed at spying on users. The existence of CVE-2019-2215 was discovered in late 2019 when it was spotted being exploited in the wild. Researchers with Google’s Threat Analysis Group and other external parties believe that the exploit originated with NSO Group, an Israel-based company that specializes in lawful surveillance software...

Iranian state-sponsored hackers have deployed a new strain of data-wiping malware on the network of Bapco, Bahrain's national oil company, ZDNet has learned from multiple sources. The incident took place on December 29. The attack did not have the long-lasting effect hackers might have wanted, as only a portion of Bapco's computer fleet was impacted, with the company continuing to operate after the malware's detonation. Source: ZD Net

Recent US military action in Baghdad could prompt retaliatory attacks against US organizations, it says. Concerns about an Iranian cyber response to the recent American military strike in Baghdad grew this week with the US Department of Homeland Security urging organizations to be on heightened alert for denial-of-service and other more destructive attacks. Source: Dark Reading

The personal and medical information of 49,351 patients was exposed following a security incident involving two employees' email accounts as disclosed by Minnesota-based Alomere Health. Alomere Health is a community-owned and non-profit general medical and surgical hospital with 127 beds that has been twice named as one of the Top 100 Hospitals by Thompson Reuters. Source: Bleeping Computer

Facebook is rolling out a new set of rules aimed at curbing the spread of manipulated media as the specter of highly convincing deepfake videos looms large over not only the US presidential elections. An announcement by the platform’s vice president of global policy management Monika Bickert reveals that Facebook is deploying a multi-pronged approach to deal with the growing threat of manipulated media that are created to spread disinformation and sway public opinion. Source: We Live...

Police are investigating hackers holding Travelex's computers for ransom, forcing the company's staff to resort to using pen and paper to record transactions. The firm initially said it had discovered the attack on New Year's Day and immediately took its systems down, with its early investigations suggesting that no personal or customer data has been compromised. Source: Sky News

An attacker is attempting to take advantage of the recent warnings about possible Iranian cyberattacks by using it as a theme for a phishing attack that tries to collect Microsoft login credentials. With the rising escalations between the United States and Iran, the U.S. government has been issuing warnings about possible cyberattacks by Iran and potential attacks on critical U.S. infrastructure. Source: Bleeping Computer

The Federal Depository Library Program (FDLP) website was attacked by a group of hackers claiming to represent the government of Iran. An obscure US federal website was attacked and vandalized on January 4, resulting in the site being taken down for more than 24 hours. Source: Dark Reading

The Federal Trade Commission (FTC) finalized a settlement with a Utah-based tech company that got hacked and had the personal info of over a million clients stolen following a series of more than 20 undetected network intrusions. InfoTrax Systems, a provider of back-end operations systems and online distributor of MLM software for the Direct Sales industry, only detected the security breach after "it was alerted that its servers had reached maximum capacity." Source: Bleeping Computer

The Austrian State Department's IT systems were under a 'serious attack' suspected to be carried out by a state-backed threat group according to a joint statement from the Foreign Ministry (BMEIA) and the Ministry of the Interior (BMI). "A coordination committee has been set up on the basis of the Network and Information System Security Act, and all relevant federal agencies are already active," the press release says. "The problem was recognized very quickly and countermeasures were taken...