Ransomware accounted for one tenth of 1% of all malicious email content in Q4, according to a new threat report from Proofpoint. It’s Q4 threat report found that banking trojans accounted for 56% of all malicious payloads in email in Q4, while remote access trojans (RATs) accounted for 8.4%. Proofpoint claimed that this marked a “significant change” for RATs, as in previous years they were rarely used by attackers. Source: Infosecurity Magazine
Read moreWhatsApp says it is deleting 2m accounts per month as part of an effort to blunt the use of the world’s most popular messaging app to spread fake news and misinformation. The Facebook-owned service published the data as part of a white paper on “stopping abuse” that was launched on Wednesday in India, the biggest market for the company with more than 200m users. Source: The Guardian
Read moreCyber-criminal groups are using Google Translate to hide the real domain of their phishing sites, security researchers have discovered. Phishing emails that use this technique have already been spotted in the wild. The trick isn't complex at all. The idea is that phishing groups send their normal phishing emails, but instead of linking directly to their phishing page's domain, they pass the phishing page URL through Google Translate and use the newly generated Google Translate...
Read moreGoogle has uncovered a new method to hack Android smartphones using malicious PNG files. The problem was disclosed this week in Google's Android security bulletin. A serious flaw in the operating system's framework can let a remote attacker execute computer code on an Android device by using a "specially crafted PNG file," the notice said. Source: PC Mag UK
Read moreThe latest quarterly report on Australia's Notifiable Data Breaches (NDB) scheme has revealed around 269,621 separate cases of individuals having their personal information impacted as a result of a human error. The report says that during the period covering October 1, through to December 31, 2018, 262 notifications of data breaches were received by the Office of the Australian Information Commissioner (OAIC), with 85 being put down to human error. Source: ZDNet
Read moreMany major companies, like Air Canada, Hollister and Expedia, are recording every tap and swipe you make on their iPhone apps. In most cases you won’t even realize it. And they don’t need to ask for permission. You can assume that most apps are collecting data on you. Some even https://techcrunch.com/2018/09/07/a-dozen-popular-iphone-apps-caught-quietly-sending-user-locations-to-monetization-firms/ without your knowledge. But TechCrunch has found several popular iPhone apps, from hoteliers, travel sites, airlines, cell phone carriers, banks and financiers, that don’t ask or make...
Read moreHackers have compromised the GitHub account of the Denarius cryptocurrency project lead and have backdoored the Windows client with the AZORult infostealer malware. The compromised Denarius cryptocurrency client --which node operators run on their servers to support the Denarius blockchain-- was spotted earlier today by a security researcher named Misterch0c. Source: ZDNet
Read moreA proposed $3.1 million settlement has been reached in a data breach class action lawsuit against Community Health Systems stemming from a 2014 cyberattack that affected 4.5 million individuals. The settlement awaits final approval by a federal court in Alabama, which will hold a hearing on the matter in August, according to a statement on the settlement's claims administrator website. Source: Bank Info Security
Read moreGoogle has rolled out two new tools to help the password-challenged beef up their security game. The first is a Chrome extension called Password Checkup that can identify if you’re using a password that’s been exposed in a third-party data breach. The second is a feature called Cross Account Protection, which helps protect apps you’ve signed into with your Google account. Source: Gizmodo
Read moreMore and more mobiles are coming pre-installed with malware from the factory. Forty-two low-cost smartphone models had the Triada Banking Trojan. Meanwhile, millions of devices from a variety of manufacturers like Huawei, Xiaomi, Vivo, and Samsung had RottenSys, mobile adware disguised as a secure Wi-Fi service, already on their devices. Source: Brian Madden
Read more