Our handpicked selection of the most recent infosec articles from around the web, including vulnerabilities found in Siemens and WhatsApp. The ACSC published an informative password spraying attacks advisory. Also, Android ransomware AND malware.
For more articles, check out our #onpatrol4malware blog.
Android ransomware is back
Source: ESET
ESET researchers discover a new Android ransomware family that attempts to spread to victims’ contacts and deploys some unusual tricks. Read more.
Sharpening the Machete
Source: ESET
ESET research uncovers a cyberespionage operation targeting Venezuelan government institutions. Read more.
Ransomware Soars 365% Year-on-Year in Q2
Source: Infosecurity
Ransomware detections soared by 365% year-on-year in the second quarter of 2019, according to the latest report from Malwarebytes. Read more.
ACSC Releases Advisory on Password Spraying Attacks
Source: CISA
he Australian Cyber Security Centre (ACSC) has released an advisory on password spraying attacks. This technique allows the actor to remain undetected by avoiding rapid or frequent account lockouts. Read more.
The Evolution of Aggah: From Roma225 to the RG Campaign
Source: Yoroi
The attack attribution is still unclear but the large scale of the malicious activities has also been confirmed by Unit42, who reported attack attempt against government verticals too. Read more.
Vectra: Ransomware attacks are spreading to cloud, datacenter, and enterprise infrastructure
Source: Venturebeat
But these types of attacks are now spreading to wider targets, such as cloud, datacenter, and enterprise infrastructure, according to a report by security firm Vectra. Read more.
Cryptolocking WordPress Plugin Locks Up Blog Posts
Source: Threatpost
A new type of malicious plugin has been spotted in the wild with the capability of targeting individual blog posts. Read more.
Android malware that comes preinstalled is a massive threat
Source: CNET
Keeping your Android device safe from malware is difficult enough as it is — but it’s an entirely different threat when the harmful apps come with your device. Read more.
Black Hat 2019: WhatsApp Users Still Open to Message Manipulation
Source: Threatpost
Researchers at Black Hat USA 2019 demoed how known vulnerabilities in WhatsApp could still be exploited in several attacks that manipulate chats. Read more.
Backdoors are a security vulnerability
Source: Malwarebytes
Cybersecurity researchers, to put it lightly, disagreed. To many, the idea of installing backdoors into encryption is antithetical to encryption’s very purpose—security. Read more.
Vulnerabilities in Siemens’ most secure industrial PLCs can lead to industrial havoc
Source: Helpnet Security
Critical vulnerabilities in the Siemens S7 Simatic have been discovered by cybersecurity researchers. Read more.