The dynamic cyber world reports incidents of data theft, vulnerabilities in applications, and other attacks almost every day. But with the right cybersecurity tools, one can stay ahead of threat actors and prevent their confidential information from falling into the wrong hands. To this end, here are the headlines of the latest cyberattacks.
Eight Malicious Apps Brought Down From Google Play Store
Have you downloaded any of these apps (Fast Magic SMS, Super Message, Auxiliary Message, Go Messages, Super SMS, Free CamScanner, Element Scanner, and Travel Wallpapers) from Google Play Store lately? If yes, then you have perhaps given the malware Joker access to all your sensitive data, OTPs, contacts, etc. A recent notification by the cybersecurity firm Quick Heal Technologies Ltd confirmed that these eight spyware-infected apps were listed on Play Store and downloaded over 50k times.
Once downloaded, the Joker-managed apps seek notification access on the device and work in the background as a document scanner. It then downloads two payloads to steal the user’s confidential data. The infected apps use malicious ads to subscribe victims to paid premium services without their knowledge, ultimately costing them money.
Once notified, Google took the necessary ransomware protection measures and removed these eight apps from the Play Store. However, users are advised to be a little more careful and verify an app’s authenticity by reading the reviews before downloading it. Further, allow only those permissions to an app required for its functioning. All extra permissions must be denied at all times.
Google’s Android App Was With Major Vulnerability For Years
What if somebody were to come and tell you that the apps your Android device came pre-installed with had vulnerabilities that could allow adversaries to access your files and control your device? Well, the mobile app security startup Oversecured has recently found a similar vulnerability in the Google App.
With over 5 billion installs, this Android app relies on code libraries pre-installed on Android phones to reduce required storage space and the download size. Consequently, any flaw in the Google app’s code can be used to grant full access to users’ files. The adversaries can then access all of a user’s search history, texts, call history, emails, and even microphone and camera regulations. Even if a user removes the infected app, the malicious components will remain on the Google app.
Google claims to have taken the necessary cybersecurity measures to secure this vulnerability and says that there is no proof of this flaw being exploited.
New Data Privacy Act For Coloradans Promises Better Security
The Centennial State on 8th June unanimously approved the Colorado Privacy Act, which promises to provide better cybersecurity for Coloradoans. Once signed by the state governor Jared Polis, the Act is set to become law from 1st July 2023.
With the new Data Privacy Act in place, Colorado will have the same privacy legislation as Virginia and California, and consumers will have the following five rights:
- Right to opt-out of selling personal data for targeted advertising.
- Right to access personal data in possession of a data controller.
- Right to correct personal data in case of inaccuracies.
- Right to receive personal data in a ready-to-use format.
- Right to get personal data erased.
This Privacy Act will apply to the data controllers in Colorado, businesses controlling or processing the personal data of resident consumers. The law will impose further norms on collecting and processing data, including notifying consumers why their data is being collected or sold/used. The law would limit the data collection and need data controllers to adopt robust cybersecurity measures before collecting data for their stated purpose. In addition, PII (Personally Identifiable Information) such as religion, ethnicity, citizenship status, physical or mental health, biometric data, etc., cannot be collected without consumers’ consent.
26 Vulnerabilities Patched In NVIDIA Products
After Frédéric Perriot (who works for Apple Media Products) identified 26 vulnerabilities in the U.S. graphics chip specialist NVIDIA, it has released updates to fix the same. The vulnerabilities tracked from CVE‑2021‑34372 to CVE‑2021‑34397 affected NVIDIA’S Jetson system-on-module (SOM) series and could lead to denial-of-service and data leaks. All Jetson Linux versions before 32.5.1 were vulnerable, and therefore users are advised to get the software update immediately to ensure ransomware protection.
CVE‑2021‑34372 vulnerability was marked with a CVSS score of 8.2 and was found in the Trusty trusted execution environment (TEE). Eight other major vulnerabilities in the TEE were detected, leading to DoS, information disclosure, memory corruption, code execution, and stack overflows.
FIN7 Gang’s Phishing Emails Prove That Innovation Never Dies
On 17th June, U.S. prosecutors filed a case against the notorious hacker group FIN7 gang to impersonate angry restaurant customers and send out phishing emails to targeted individuals. FIN7 has around 70 members deployed in separate teams in its fake cybersecurity testing company Combi Security. FIN7 has been operating like this since 2015 and targeted countless U.S. companies, including the department store Saks Fifth Avenue and the burrito chain Chipotle.
One of the FIN7 gang members Andrii Kolpakov who pleaded guilty in November, shared valuable insights into the working of the hacker group. Kolpakov was sentenced to 7 years in prison.
In the current phishing innovation, a FIN7 member pretended to be an unsatisfied customer by the name of Oliver Palmer and emailed the manager of an unnamed restaurant chain. Palmer claimed that the entire group fell ill with diarrhea after eating at the restaurant. Attached to the email was the lawsuit against the restaurant for causing financial loss to the company. This attached document was a malicious .rtf attachment. FIN7 used other similar strategies to spread malware, and the use of Microsoft and Google logos made its emails look all the more credible. The information stolen from such attacks was then sold on the dark web.
Scripps Health Patients File Lawsuit Against The Healthcare Provider
We often hear the other side of the story in case of cyberattacks on organizations. All updates end with ‘free credit monitoring was offered to the victims of the attack.’ But this time, some current and former patients of Scripps Health, San Diego, have filed a lawsuit against the health care system stating that the preventive measures taken after an attack are never enough.
The plaintiffs argue that Scripps wasn’t implementing necessary email security measures to protect patients’ PHI. Earlier this month, Scripps had notified 147,000 people of a data breach and mentioned that there was no evidence of the data being used by adversaries for malicious purposes. The lawsuit argues against this claim and states that attacks are imminent (since adversaries hold on to the stolen data long after the preventive measures diminish).