US is top target for mobile cybercrime

The US is the top target for cyber-attacks focusing on mobile devices and those connected by the Internet of Things (IoT) plus the operational technology (OT) systems than run facilities such as power plants.

According to cybersecurity firm Zscaler’s ThreatLabz 2024 Mobile, IoT, and OT Threat Report, mobile remains a top threat vector, with 111% growth in spyware and 29% growth in banking malware. Technology (18 percent), education (18 percent) and manufacturing (14 percent) continue to be the sectors most targeted by mobile malware. The education sector saw the most dramatic rise in blocked transactions, with a 136 percent increase on the previous year.

Editorial Team

Big Tech News Vulnerability

0

22

Microsoft accused of major security gaps

Microsoft is accused of failing to implement some basic security controls on its hugely popular Visual Studio Code (VSCode) extensions marketplace. An open letter from independent researchers published on Medium reports “an incredible number of security design flaws implemented by Microsoft that provide amazing ways for threat actors to gain credibility and access.”

The researchers say the biggest security design flaw with VSCode extensions is the lack of any permission model. For example, a theme extension that should only change the colors of the user’s integrated development environment (IDE) may execute code and read or write files without any visibility or explicit authorization from the user. The researchers have also published research evidencing the security flaws highlighted in the open letter.

Editorial Team

cybercrime Malware News

0

15

TeaBot banking malware infects 70k smartphones

TeaBot, a highly sophisticated type of malware, is increasingly infecting Android smartphones. Cybersecurity firm Zscaler’s ThreatLabz reported a sharp rise in malicious activity leveraging TeaBot this week.

TeaBot, also known as “Anatsa,” is designed to impersonate seemingly harmless applications such as PDF and WR code readers. Once installed on an Android smartphone, it acts as a Trojan horse containing numerous financial scams.

“[TeaBot] is a known Android banking malware that targets applications from over 650 financial institutions, primarily in Europe. We observed Anatsa actively targeting banking applications in the US and UK. However, recent observations indicate that threat actors have expanded their targets to include banking applications in Germany, Spain, Finland, South Korea, and Singapore,” explains Zscaler ThreatLabz.

admin

News One Minute Roundup

0

20

Zscaler Clarifies, Only The Test Server Was Compromised – May 14th

In conclusion, in its investigations on hacking claims, Zscaler found that only an isolated test environment was compromised.

The investigation arrived after a hacker named ‘IntelBroker’ confirmed that he breached Zscaler, offering to sell their data for $20K. The incident investigation is now also being conducted with Europol.

admin

News One Minute Roundup

0

14

Skype, Google Meet, and Zoom were used in the New Trojan Campaign – March 7th

Zscaler discovered a new remote access trojan (RAT) campaign that lures victims through fake online meeting links.

Once the victims are lured into downloading the RAT through the meeting links impersonating Skype, Google Meet, and Zoom, the RAT payload may enable threat actors to steal sensitive information.

Blog Post

US is top target for mobile cybercrime

Microsoft accused of major security gaps

TeaBot banking malware infects 70k smartphones

Zscaler Clarifies, Only The Test Server Was Compromised – May 14th

Skype, Google Meet, and Zoom were used in the New Trojan Campaign – March 7th