Malicious Apps In Play Store

ClickSSL Monthly InfoSec Snipper August 28, 2017

This entry is part 147 of 147 in the series Weekly Infosec Snipper

Enigma Suffered From Hacking, Cost It $471,000 Cryptocurrency

A cryptocurrency investment platform named Enigma has been hacked and a hacker was able to steal $470,000 Cryptocurrency. The hacker created fake page and fake ETH address to send money and spread it via website newsletter that pushed victims to enter funds into hacker’s ETH address. Even, users are still sending money even after the page was marked as compromised. It is not clear that how hackers compromised the platform.

Google Removed Around Malicious 500 Apps From Play Store

Lookout Security Company explained Google about around malicious 500 apps that were integrated ad software allowed cybercriminals to install malware and spy on users activities. Google has removed all apps and users who have installed these apps should scan their devices with security software. Google has now introduced Google play protect that scans the app before they are installed.

The NHS System Faced Data Breach, Exposed 1.2 Million Records

The NHS system has been again in news relating to data breach of its appointment booking system. This breach has exposed 1.2 million records of patients. SwiftQueue that handles appointments of eight NHS trustshad confirmed the hacking and believed that only 32,500 admin records were exposed. The details included patients personal details like phone number, date of birth, phone numbers and email addresses. However, encrypted passwords and medical records were untouched and remained safe.

Chrome Popular Extensions Hijacked, Put Users At Risk

Chrome popular extensions were being hijacked and around 4.7 million users put at risk. Few of them are Web developr, CopyFish, TouchVPN, Chrometana, BetterNet, etc. were hijacked in this incident as hackers were able to compromise developer accounts & inject code into these extensions. Hackers were in mood to replace legitimate extension with services that were adult in nature so hackers can make profit from them.

Rise In Email Malware Seems Concern, Says Symantec Intelligence Report

Symantec July Intelligence report has shown a rise in email malware rate, which was highest in the last seven months as it increased from 359 mails to 451 per one email. The most affected industries were Agriculture, Forestry, and Fishing that recorded one email in 152 emails. However, the new malware variants were decreased from 66.3 million to 58.7 million. The global spam rate was increased by 0.6% and reached 54.9% mark. The phishing rate also increased slightly to one in 1968 emails.

CheapRapidSSL certificate

DigiCert Acquired Symantec Web Security And PKI Solutions

Symantec announced about the takeover of web security business of Symantec and its PKI solutions by DigiCert. Symantec believes that customers will have benefit from this takeover as DigiCert is solely focused on leading identity and encryption. Once this transaction is complete, Symantec will transit customers to new platform to meet industry standards and browser requirements. DigiCert is also a top leader in SSL industry that focus on customer support, groundbreaking market solutions, and follows industry best practices.

Google Is Going To Launch Phishing Security For iOS App

Google has now introduced security measure to iOS Gmail app that will help users to identify and remove phishing emails. This security measure will warn users when they click on suspicious link in a mail. If users intentionally or mistakenly ignore warning, then there will be second warning with in-depth details of suspicious link.

Mozilla Send Service Will Allow Users To Store Encrypted File On Remote Server

Mozilla came up with experimental service named “Send Service” that allows users to store local file on remote server with encryption and can share to a single receiver. Once the file copy is stored, the data will be removed from the server. The Send service is in testing mode and made for Firefox browser. The service works on the Web Cryptography JavaScript API with the AES-GCM algorithm. The method to use this service is simple as users just need to select local file, the application will encrypt it on client side and upload it to AWS (Amazon Web Services).

DDoS Attacks Are On rise, Says Akamai Report

According to Akamai report, DDoS attack is on rise in second quarter in a year as new techniques were developed like Mirai, Domain Generation Algorithm (DGA) and PBot. The data was collected from around 230,000 servers across 1600 networks. The report has shown 28% rise in DDoS attack since first quarter. Organizations were being hit average 32 times during the period. Attackers are using old techniques like PBot malware, DGA method and Mirai botnet to make organizations victim. Egypt was on first rank in source of DDoS traffic while the UK was out of first five positions.

Series Navigation<< ClickSSL Monthly InfoSec Snipper July 27, 2017