Top 10 Stories

New Mac malware is mysteriously pushing the Signal private-messaging app onto victims' mobile devices as part of a scheme to steal their banking credentials. View Full Story ORIGINAL SOURCE: Graham Cluley

Researcher Graham Cluley is warning of bogus ‘WhatsApp subscription ending’ emails and texts. View Full Story ORIGINAL SOURCE: Security Affairs

One in four workers have hidden cyber security incidents from their employers in order to avoid punishment, according to a new report exploring the human side of security. View Full Story ORIGINAL SOURCE: Dof Online

Wikileaks published another set of documents Thursday. The latest release of files purportedly from the U.S. Central Intelligence Agency (CIA) details a piece of malicious software for Android devices. The malware, referred to as Highrise, can redirect or intercept text messages sent to a target’s phone, allowing a CIA agent to access it before it lands in the inbox of the person it was intended for. View Full Story ORIGINAL SOURCE: IB Times

Flaws have been found and fixed in Kaspersky Lab's security software for cash machines and other embedded systems. Hackers can exploit the bugs to circumvent anti-malware defenses in ATMs. Although Kaspersky responded promptly to the discovery and developed and released a patch, one wonders how long it will take for the updates to be installed in equipment around the world, if ever. View Full Story ORIGINAL SOURCE: The Register

Researchers found changes in malware behavior when Petya detected certain security products, but experts are unsure why these features might exist. View Full Story ORIGINAL SOURCE: Search Security

Malwarebytes has discovered a new cyberattack modus operandi that has hackers incorporating legitimate apps into their malware to make it stronger and accomplish specific tasks. Although the cybersecurity firm did not name the malware used as an example in its report, the company did note that this hacking methodology is representative of what is happening in the wild and becoming more prevalent. View Full Story ORIGINAL SOURCE: SC Magazine

Instances of ransomware attacks are only increasing. It seems like every week recently, news breaks of a new cyber attack, and each one has more serious ramifications than its predecessors. In many such attacks, either the hackers themselves or cybersecurity experts manage to trace the origin of the hack. View Full Story ORIGINAL SOURCE: Security Zap

Smart-home controllers from German company AGFEO have adopted best practice internet things security by offering an unsecured Web admin interface. The now-patched attack vectors included unauthenticated access to some services, authentication bypass, cross-site scripting (XSS) vulns, and hard-coded cryptographic keys. View Full Story ORIGINAL SOURCE: The Register

Botnets distributing FlokiBot point-of-sale malware have awoken from months of slumber and are back in business spewing a new malware dubbed LockPoS. Researchers say the malware is still flying under the radar of many antivirus and intrusion detection systems because it’s so new. View Full Story ORIGINAL SOURCE: ThreatPost