Reading Time: ~ 2 min.
Android Apps Riddled with Adware
Another 85 photo and gaming apps have been removed from the Google
Play store after they were discovered to have been distributing adware to
the roughly 8 million users who had downloaded the fake apps. The adware itself
is rather tricky: by sitting dormant on devices for at least 30 minutes to avoid
detection, they are then able to display a steady stream of full-screen ads
that make users wait through each in its entirety before allowing continued use
of the app.
Texas Hit by Multiple Ransomware Attacks
municipalities have fallen victim to a single ransomware campaign affecting
at least 22 locations and asking a cumulative ransom of $2.5 million. The state
of Texas has been under fire for the past few months, suffering a seemingly
endless string of ransomware attacks on local governments. Fortunately, many of
the targeted districts have been swift to remediate issues and are already on
the path to full system recovery, managing to avoid paying heavy ransoms.
Steam Zero-Days Released After Valve Bans Submitter
A researcher recently found several zero-day
vulnerabilities within the Steam API that could allow for local privilege
escalation (LPE), which could then allow malware to use the client as a
launching point. Unfortunately, Valve decided the bug was outside of its scope
of responsibility, locked the report, and refused to investigate it any
further, also banning the submitter from the bug bounty program. Eventually,
after much negative media coverage, Valve pushed out a patch that was quickly
subverted by another workaround. It is unusual for a company with so many
active users to blatantly ignore one of Microsoft’s most commonly patched
Adult Site Database Exposed
Yet another adult
site has fallen victim to poor information security practices after a
database containing personally identifiable information belonging to nearly 1
million users was misconfigured and left publicly available. The leak was
discovered by researchers who were able to verify a breach and swiftly report
it to the site, which took only four days to secure the data. Site users were
notified of the breach and are being advised to change login credentials,
especially those using work devices or contact details.
Magecart Found in Poker Tracker
The infamous Magecart
card-skimming script was recently found loaded into Poker Tracker’s main site,
which allows online poker players to make statistics-based betting decisions.
It was later revealed that the site was fully injected via an outdated version
of Drupal that has since been updated. The attack left the attackers with a
copy of every payment made through the site or the app.