IT and Business Insights for SMB Solution Providers

Jay Ferron's blog

Apps Apple App Store that are infected with clicker trojan malware.

    Wandera’s threat research team has discovered 17* apps on the Apple App Store that are infected with clicker trojan malware. The apps communicate with a known command and control (C&C) server to simulate user interactions in order to fraudulently collect ad revenue.
The clicker trojan module discovered in this group of applications is designed to carry out ad fraud-related tasks in the background, such as continuously opening web pages or clicking links without any user interaction.

Adware Campaign Affects Millions

    Smartphones have become the icon of our modern technological society. They are so prevalent that app development has grown exponentially in recent years in the struggle to become the next Facebook or Pinterest. The phrase “There’s an app for that” truly describes the breadth of apps available. However, this can also lead to many malicious apps available that could be harmful to users, such as the Ashas family of adware apps available on the Google Play store.

New malware strain that allows the adversary to deploy man-in-the-middle (MitM) attacks on TLS traffic.

   The vast majority of websites these days have Hypertext Transfer Protocol Secure (HTTPS) enabled, adding a layer of security that protects our communications against eavesdropping and tampering. It is encrypted using Transport Layer Security (TLS), the current standard for secure web communication. Like all protocols, it is not immune to attack. Some of the more infamous malware that impacts TLS (or its predecessor Secure Sockets Layer [SSL]) are FREAK, Logjam, POODLE, and Heartbleed.

New Phishing Emails Attack

  Phishing emails typically provide some obvious tells to their malicious nature. However, when a    phishing email contains information such as organizationspecific email bodies and email signatures, organization branding, and relevant news, it can be harder to distinguish the difference between legitimate and malicious. These factors are what make the phishing campaign of TA407 or the “Silent Librarian” threat actor group different.

Is Your VPN at Risk ?

    A commonly used method to secure network resources is a Virtual Private Network (VPN). They allow remote network devices to securely communicate with local resources as if they were physically plugged into the same network segment. You may even use one when working remotely to help keep your network traffic secure. While they can easily provide a lot of protection from various network attacks there are many pitfalls to avoid in order to keep the network resources secure.

Pages

Subscribe to RSS - Jay Ferron's blog