Security researchers have discovered the second-biggest outbreak to ever hit Google’s platform, with as many as 21.1 million infections. The malware’s been dubbed ExpensiveWall after hiding inside wallpaper apps. The researchers warned it sent fraudulent premium SMS messages and charged for fake services. In the latest outbreak detected by Check Point, ExpensiveWall infected at least 50 apps, which together were downloaded between 1 million and 4.2 million times, according to data straight from Google Play.
A new phishing campaign has been spotted hitting LinkedIn users via direct messages and the LinkedIn InMail feature. They are sent from legitimate LinkedIn Premium accounts that have been hijacked by the phishers, thus increasing the likelihood that recipients will trust the message and click on the link.
News broke this week about a new security threat, Bashware, which can enable any malware to step over security solutions. Check Point researchers uncovered the attack technique and suggest that Bashware may potentially affect any of the 400 million computers currently running Windows 10 PC globally. Bashware makes use of Windows’ in-built Linux shell to make any malware essentially undetectable to security products.
It has been found by security researchers that more apps carrying the malicious BankBot Android banking malware have made their way into Google’s Play Store. The malware, which surfaced back in January, targets legitimate banking apps and uses fake overlay screens to trick unsuspecting users into providing their credentials. The malware is even able to hijack and intercept SMS messages, allowing it to bypass the SMS-based two-factor authentication security feature.
In an effort to stay ahead of attackers, some organisations have reported deploying more than 50 security solutions to address each unique challenge or threat. According to Marc Willebeek-Lemair, Alert Logic CSO (who previously founded and served as CTO of Tipping Point and several other security industry pioneers/innovators), this dated approach of implementing a variety of best of breed security technologies to solve very specific issues, has actually created environments that are inherently less secure than organisations that take a more balanced, integrated approach.
The cyber security industry is ripe for machine learning applications. Cyber security solutions need to analyse huge amounts of data in the form of alerts, and machine learning when applied correctly excels at aggregating it and presenting it in a way that cyber security professionals get an intuitive picture of what is happening and can act quickly to improve the security posture of their organization. Bearing this in mind, it becomes apparent why machine learning solutions could provide a sustainable solution. Whether direct cyberattacks or insider threats, machine learning’s ability to analyze complex and large data sets is invaluable, especially when considering the current cyber skills shortage which is being felt globally.
Additionally, we saw the global debut of the new Discovery SVX. As the most extreme and powerful Land Rover yet, with go-anywhere capability, it has increased ground clearance, body and suspension lifts, more wheel articulation and large all-terrain tyres. This SUV really showcase the power, performance and elegance of an incredible and powerful car.
Yesterday, a new survey revealed that retailers are responding to cyber attacks on average twice a week. 16% of retailers said they experienced an attack or attempted attack every day, 11% said they responded 2-3 times per week, and 64% said once a month. The incidence of cyber attacks was found to be especially high in the grocery industry, with 29% of respondents dealing with attempted security breaches every day, and 55% every week. In other retail verticals, 65% of respondents in the sports and outdoor sector said they responded once a week, as did 49% of fashion retailers and 40% of department stores.