One Article Review
| Source |  SecurityWeek |
|---|---|
| Identifiant | 567842 |
| Date de publication | 2018-04-05 13:32:05 (vue: 2018-04-05 16:00:29) |
| Titre | Mitigating Digital Risk from the Android PC in Your Pocket (Recyclage) |
| Texte | >Security Teams Must Prioritize Risk Mitigation Against Android Malware
Few of us could have imagined that a device that allows us to talk to anyone from anywhere at any time would morph, in just a few years, into many users' computing device of choice. The latest numbers from StatCounter reveal that mobile devices are outpacing desktops and are the preferred method for accessing the Internet. The most popular operating system worldwide? Android.
Threat actors watch these trends too. They're opportunistic and will focus their efforts where they believe their success rate will be the highest. So naturally, many are targeting Android devices and taking advantage of malware to launch attacks.
As an open-source tool, Android provides the benefits of collaborative applications (apps) and innovation; however, its accessibility inherently exposes it to exploitation by malicious actors. In the past year, while some users fell victim to targeted social engineering campaigns that infect their devices, most malware was embedded in malicious apps users inadvertently downloaded from official and unofficial sources. With the greatest number of users, Android's official app store Google Play has been the largest single source of infection. However, most of the sources of infection were other third-party stores.
 Users are duped by apps that pose as legitimate resources or services, or that are advertised fraudulently by displaying branding associated with credible organizations. Apps have been found that impersonate Uber, any number of financial institutions, gaming apps and perhaps most galling, security apps. Mobile malware is generally delivered and deployed via a multi-step process requiring some user interaction. This presents threat actors with many opportunities to infiltrate a device. For example, once installed, many malicious apps request users to approve unnecessary privileges, such as administration access, to execute processes. Overlays (superimposing phishing screens on a legitimate app) are also used to prompt users to provide sensitive information, such as credentials or financial data.
So, what's the ultimate endgame for cyber criminals? The most prevalent objective is espionage – gathering information through profiling device data or recording phone calls and messages. Mobile banking malware, such as Marcher and BankBot, uses sophisticated techniques to harvest user banking data, including overlays specific to target banks, and intercepts SMS messages to obtain multi-factor authentication codes. Recently, mobile devices have also been targeted for cryptocurrency mining. While less powerful than desktops and servers used for this purpose, more Android devices exist, and they are often less protected and, thus, more easily accessible. You can expect t |
| Envoyé | Oui |
| Condensat | /images/rss 100 2011 2018 advising alastair analytics android april attacks australasia bae bay before beware bristol ceo ciso class clients columns computer conference corporate coverage cyber data decade detica digital espionagedon't europe fall first forum founder founding fraud: from ftse gold government gulf half has healthcare holds icon ics industry insights intelligence international key large latest links manage manager meng midst mitigating mobile moon oct one over paterson paterson:mitigating pharmaceutical png pocket pocketthe previous propositions register rely risk rush scale scammersdon't science sectorcryptocurrency secure security shadows singapore sponsored src= star strains systems tags: theft total university usa victim worked working your |
| Tags | |
| Stories | Uber |
| Notes | |
| Move | 
|
Les reprises de l'article (1):
| Source | SecurityWeek |
|---|---|
| Identifiant | 516313 |
| Date de publication | 2018-03-15 13:44:05 (vue: 2018-03-15 13:44:05) |
| Titre | The Latest Strains of Attacks on the Pharmaceutical and Healthcare Sector (Recyclage) |
| Texte | Cyber Attacks Continue to Plague the Pharmaceutical and Healthcare Industries That Remain Lucrative Targets Schools were shut down due to high levels of absences and for sanitation purposes. Medical facilities were overflowing with patients. Visitor restrictions at hospitals and nursing facilities were in full force. Thankfully the flu season is starting to wind down, but this has been a particularly nasty episode. Several reasons have been cited, including the circulation of a particularly severe form of the flu virus that can cause more health complications, as well as local shortages and limited effectiveness of vaccines and antiviral medications against certain strains. But these aren't the only types of attacks that the pharmaceutical and healthcare sectors have had to contend with. Cyber attacks, campaigns and security incidents continue to plague these industries that remain lucrative targets primarily because of the type of information they hold, including personal health information (PHI) such as medical records and insurance information, personally identifiable information (PII), and financial information. The value of this data to financially-motivated threat actors is evident by continued extortion attempts against companies in this sector and data breaches. Let's look at a few recent examples. ● Extortion attacks, the now infamous ransomware attacks we read about daily, are affecting all sectors and healthcare and pharmaceutical companies are not immune. The personal and sensitive information they hold, offer lucrative opportunities for threat actors to conduct identity theft, fraud and sell data to other threat actors. Last October the threat actor, thedarkoverlord, appears to have been hard at work. A U.S.-based clinic was the target of an attempted extortion attack following a data breach that contained PII and some health-related information. The threat group mentioned the attack on Twitter but there has been no indication that the data has been publicly released. Around the same time, there was another report of a U.K.-based healthcare clinic that suffered a data breach and received an extortion demand from thedarkoverlord. An unspecified amount of data was reportedly stolen, which included PII, as well as pre- and post-operative photographs. As in the first case, there has been no indication that the data is widely available – yet. These are just two examples of the repeated attacks by thedarkoverlord against healthcare organizations. While details aren't clear as to how they are able to gain access to victims' networks, they have alluded to using zero-day exploits in remote desktop protocol (RDP) servers. ● Data breaches can have long-lasting impacts on organizations and individuals. Just consider the Yahoo breaches if you have any doubts. In the healthcare industry we see the same thing. Late last year the HaveIBeenPwned website added approximately four million records from Malaysian websites to its data repository. The data was obtain |
| Envoyé | Oui |
| Condensat | 2011 2018 |
| Tags | |
| Stories | Yahoo |
| Notes | |
| Move |
|
L'article ne semble pas avoir été repris sur un précédent.