Security

An email with a "winky face" for a subject line has helped a malware campaign become one of the most widespread in the world. It's a scam to expand the reach of the Phorpiex botnet which distributes spam and malware from infected machines to others ... online the Internet. According to researchers at security company Check Point, Phorpiex jumped from the 13th most detected malware campaign in May to the number two slot last month. It reports that one in 50 organizations suffered at least one attempted breach from Phorpiex last month. (Source: zdnet.com ) Ransomware, Botnets and Blackmail The ... (view more)

Windows 7 computers running the Zoom videoconferencing tool are at risk from a "zero day" vulnerability. It's a reminder of the dangers of an outdated operating system. The problem will be fixed in a patch by Zoom itself rather than from Microsoft. ... Microsoft dropped support for Windows 7 on January 14 this year, meaning it doesn't offer security updates or fix any bugs. A zero day vulnerability is one that is known by somebody other than the developer or manufacturer before a fix is ready. In effect, the developers have "zero days" of head start distributing the fix before people can start ... (view more)

Google has removed 25 malicious Android apps which tried to steal user Facebook logins. As always, it's worth checking devices to see if these apps are installed, because they won't automatically uninstall from phones even being ousted from the Play ... Store. This particular batch of apps didn't have a common subject, but each promised to carry out a basic function, including: a flashlight, file cleaner, or card game. Hidden deep inside each app was malicious software that ran behind the scenes. The malware came alive each time an app was opened on the phone, specifically checking to see if the ... (view more)

An Android app with 40 million downloads has been linked to large-scale fraud against phone and tablet users. The "SnapTube" app reportedly tricks users with a free trial that leads to an expensive and unwanted subscription. The operators of the app ... say they were previously victims of illegal activity by an advertising partner but have now fixed the problem. SnapTube is a tool that was downloaded from the Google Play Store 40 million times before being removed. It was billed as a way to download videos from Facebook and YouTube, something that's not possible with those services own ... (view more)

Android users should check for 31 rogue beauty-related apps that Google has deleted from the Play Store, but could still be installed onto phones. They can unleash unwanted advertising and open web pages without permission. The apps all have ... different names, but largely offer filters to supposedly enhance self-portrait photographs. Suspicious Typos According to White Ops, which identified the apps, the full list is as follows. Note that many of the app names include apparent spelling and typographical errors: Beauty & Filters Camera Beauty Camera & Photo Editor Pro Beauty Camera ... (view more)

A new form of ransomware named after a Marvel super villain has some particularly evil features. The Thanos malware uses an approach more reminiscent of "physical world" blackmail. Despite the name, the malware thankfully doesn't imitate the ... character Thanos by - spoiler alert - deleting half the files in the entire universe. That said, it's still quite scary thanks to a couple of features beyond the usual tactic of encrypting files and demanding a ransom. Instead, the ransomware also seeks to spread across an entire local network and encrypt all the computers it can reach. This is especially ... (view more)

A security company has warned that a free tool claiming to remove ransomware is in fact ransomware itself. Sophos has also reported that businesses that pay ransoms end up with double the financial costs of those who don't. The company's Paul ... Ducklin examined a tool called "Decrypter DJVU". It's promoted as a way to undo the damage of a strain of ransomware that encrypts files, adds the extension ".djvu" to the name, and demands a payment to decrypt and restore access. (Source: sophos.com ) The tool asks users to type in a personal ID and a file extension, though it appears it doesn't take ... (view more)

Apple has paid $100,000 reward to a security researcher who discovered a simple but potentially damaging bug. Until it was fixed, the bug could have let hackers take over a user's account. The problem was with "Sign in with Apple" - a system that ... lets users sign up to websites via their Apple account rather than having to create specific login details for each site, or go through an email confirmation process it. As with similar systems from Facebook and Google, it only works on websites that support the "Sign in with Apple" feature. When the user visits the third-party site, it ... (view more)

Background "wallpaper" can cause Android phones to crash thanks to a bug with the system. At the moment it appears to be an unfortunate glitch but it could be open to abuse. The image in question is viewable at twitter.com , and features a scene ... with a forest in the foreground, a lake in the midground, and mountains in the background beneath a cloudy sky at sunset. The problem is that once set as the default wallpaper, the image causes the phone to crash. The phone then goes into a loop of restarting and crashing, with the only solution being a factory reset. That's not only time consuming ... (view more)