Our handpicked selection of the most recent infosec articles from around the web, including vulnerabilities found in Siemens and WhatsApp. The ACSC published an informative password spraying attacks advisory. Also, Android ransomware AND malware.

For more articles, check out our #onpatrol4malware blog.

install ransomware

Android ransomware is back

Source: ESET

ESET researchers discover a new Android ransomware family that attempts to spread to victims’ contacts and deploys some unusual tricks. Read more.

install ransomware

Sharpening the Machete

Source: ESET

ESET research uncovers a cyberespionage operation targeting Venezuelan government institutions. Read more.

phishing

Ransomware Soars 365% Year-on-Year in Q2

Source: Infosecurity

Ransomware detections soared by 365% year-on-year in the second quarter of 2019, according to the latest report from Malwarebytes. Read more.

disseminate ransomware

ACSC Releases Advisory on Password Spraying Attacks

Source: CISA

he Australian Cyber Security Centre (ACSC) has released an advisory on password spraying attacks. This technique allows the actor to remain undetected by avoiding rapid or frequent account lockouts. Read more.

vulnerabilities

The Evolution of Aggah: From Roma225 to the RG Campaign

Source: Yoroi

The attack attribution is still unclear but the large scale of the malicious activities has also been confirmed by Unit42, who reported attack attempt against government verticals too. Read more.

install ransomware

Vectra: Ransomware attacks are spreading to cloud, datacenter, and enterprise infrastructure

Source: Venturebeat

But these types of attacks are now spreading to wider targets, such as cloud, datacenter, and enterprise infrastructure, according to a report by security firm Vectra. Read more.

vulnerabilities

Cryptolocking WordPress Plugin Locks Up Blog Posts

Source: Threatpost

A new type of malicious plugin has been spotted in the wild with the capability of targeting individual blog posts. Read more.

vulnerabilities

Android malware that comes preinstalled is a massive threat

Source: CNET

Keeping your Android device safe from malware is difficult enough as it is — but it’s an entirely different threat when the harmful apps come with your device. Read more.

vulnerabilities

Black Hat 2019: WhatsApp Users Still Open to Message Manipulation

Source: Threatpost

Researchers at Black Hat USA 2019 demoed how known vulnerabilities in WhatsApp could still be exploited in several attacks that manipulate chats. Read more.

vulnerabilities

Backdoors are a security vulnerability

Source: Malwarebytes

Cybersecurity researchers, to put it lightly, disagreed. To many, the idea of installing backdoors into encryption is antithetical to encryption’s very purpose—security. Read more.

vulnerabilities

Vulnerabilities in Siemens’ most secure industrial PLCs can lead to industrial havoc

Source: Helpnet Security

Critical vulnerabilities in the Siemens S7 Simatic have been discovered by cybersecurity researchers. Read more.