Android CamScanner PDF app sent malware to phones

BBC | August 28, 2019

Android CamScanner PDF app sent malware to phones
A hugely popular Android app that takes high quality photographs of documents has been found to contain malware. CamScanner has been downloaded more than 100 million times by Android users. However, cyber-security researchers at Kaspersky say they found that a recent version contained malicious code in the part of the app that delivers ads. The malware could have made it possible to show users intrusive ads or snoop on login credentials. Kaspersky's researchers noted that CamScanner was a "legitimate" app, but think that the snippet of malicious code found in it was third-party code used to serve ads within apps. The BBC has asked Kaspersky whether the iPhone version of CamScanner was also affected. The free version of CamScanner for Android is currently not available on Google's Play Store in the UK. CamScanner said it had released a new version of the app, with the malicious code removed.

Spotlight

Poly is the global communications company that powers authentic human connection and collaboration. Face to face, we sift and sort millions of verbal and non-verbal cues to glean meaning. Poly is finding new ways to inject these cues into audio and video communication to replicate the face to face experience.

Related News

Phishing Attacks Disguised as Fake Cert Errors on Cisco Webex Used to Steal User Credentials

Cisco | May 07, 2020

Convincing series of phishing attacks are using fake certificate error warnings with graphics and formatting lifted from Cisco Webex emails to steal users' account credentials. According to stats shared by email security company Abnormal Security, these phishing emails have already landed in the mailboxes. The phishing emails impersonate the Cisco Webex Team and warn the targets that they have to verify their accounts as they are blocked by the administrator. Cisco Webex is a video and team collaboration solution that helps users set up video conferences, webinars, online meetings, and share their screens with their colleagues and friends. The platform is currently facing an influx of new users due to the unusual remote working increase caused by the COVID-19 pandemic. According to stats shared by email security company Abnormal Security, these phishing emails have already landed in the mailboxes of up to 5,000 targets that use Cisco Webex while working remotely. The attackers induce a sense of urgency with their phishing messages by using cloned graphics and formatting designed to closely mimic automated SSL certificate error alerts that Cisco Webex would send to users. The phishing emails impersonate the Cisco Webex Team and warn the targets that they have to verify their accounts as they are blocked by the administrator because of Webex Meetings SSL cert errors. Users are then requested to click on an embedded 'Log in' hyperlink that will allow them to sign in and unlock their accounts. Learn more: PHISHING KITS BECOME “BESTSELLER” IN THE UNDERGROUND MARKET: RESEARCH "The attacker could use the compromised user account to send further attacks within the organization and to external partners," . ~ Researchers say . Seeing that this phishing campaign almost perfectly clones, it should be able to bypass at least some Secure Email Gateways' (SEGs) protections and convince many of the targets to visit the attackers' phishing landing page instead of deleting or sending the phishing emails to the Spam folder. Other video conferencing platforms' users are also being targeted during this challenging time because of the increase in the number of remote workers. “For instance, another highly convincing phishing campaign spotted by Abnormal Security las month used cloned imagery from automated Microsoft Teams alerts to harvest Office 365 credentials from almost 50,000 users” . Other video conferencing platforms' users are also being targeted during this challenging time because of the increase in the number of remote workers. Phishing attacks are also targeting Zoom users with fake Zoom meeting notifications being used to threaten potential victims who work in corporate environments that their contracts will be suspended or terminated, with the end goal of harvesting their email addresses and passwords. What makes all these phishing campaigns even more dangerous than regular ones is that their targets are currently being flooded with alerts from various online collaboration services which makes them prone to ignoring any red flags that would otherwise enable them to recognize such attacks. Real users explain how to implement robust protection with Cisco Email Security’s sophisticated filtering, built-in intelligence and policy definition and enforcement capabilities. Learn more: COVID-19 AND AMYGDALA HIJACKING IN CYBER SECURITY SCAMS .

Read More

Vectra Announces New Advisory and Operational Cybersecurity Services, Accelerates AI-powered Network Detection and Response

Vectra | July 22, 2020

Vectra®, the leader in network threat detection and response (NDR), today announced a range of new advisory and operational cybersecurity services that enable enterprises to increase security operations efficiency and significantly reduce the risk of data breaches.Organizations that deploy the flagship Cognito® NDR platform from Vectra will be able to dramatically improve their incident response performance by leveraging years of professional cybersecurity expertise in AI and security operations across hundreds of global organizations.Since the inception of Vectra, AI has been at the core of its expertise in building, deploying and supporting the functionality and advantages of NDR for the global enterprise."Utilizing AI to address the current skills and resources gap is still a relatively new practice and much of the world is shifting operations to the cloud," said Jennifer Wang, vice president of customer success at Vectra. "We bring an experienced lens during this transformation that enables customers to understand and address the full scope of risks across the new threat landscape."The company's new advisory and operational services provide organizations with 24/7 access to Vectra consultants and analysts with over 100 years of combined cybersecurity expertise, ultimately strengthening how NDR enables enterprises to conduct their business more securely.

Read More

SparkCognition and Siemens to Co-Develop AI-driven Cybersecurity System

SparkCognition | June 15, 2020

SparkCognition and Siemens today announced a new collaboration on a cybersecurity system, DeepArmor Industrial, fortified by Siemens. Designed to protect endpoint, or remote, operational technology (OT) assets across the energy value chain by leveraging artificial intelligence (AI) to monitor and detect cyberattacks. Cyberattacks on the energy industry are on the rise in volume and in sophistication, and they increasingly threaten companies' physical safety and security. SparkCognition and Siemens today announced a new collaboration on a cybersecurity system, DeepArmor Industrial, fortified by Siemens, which is designed to protect endpoint, or remote, operational technology (OT) assets across the energy value chain by leveraging artificial intelligence (AI) to monitor and detect cyberattacks. The innovative AI-driven system will deliver next-generation antivirus, threat detection, application control, and zero-day attack prevention to endpoint power generation, oil and gas, and transmission and distribution assets, which for the first time brings fleet level cybersecurity monitoring and protection capabilities to the energy industry. Cyberattacks on the energy industry are on the rise in volume and in sophistication, and they increasingly threaten companies' physical safety and security, business operations, and the critical infrastructure that powers communities throughout the world," said Leo Simonovich, Head of Industrial Cybersecurity at Siemens. "Many energy companies with remote, endpoint assets have struggled to defend their environment because they either lacked the visibility to detect, or the agility to mitigate, cyberattacks that threaten operational technologies. Read more: CYBERATTACKS ON CRITICAL INFRASTRUCTURES WITNESS SHARP RISE DURING THE PANDEMIC Together with Siemens, we are excited to bring next-generation endpoint protection that is specifically designed to increase the cyber resilience of OT networks and prevent advanced threat actors from impacting critical infrastructure. ~ SparkCognition This new partnership combines Siemens' cybersecurity expertise in securing operational technology with SparkCognition's expertise in artificial intelligence to deliver the energy industry's first solution capable of detecting and protecting remote assets against cyberattacks. Through our extensive work with the energy industry, we've seen the pain points and challenges the industry is facing right now," said Sridhar Sudarsan, Chief Technology Officer at SparkCognition. "The industry needs security solutions that can both operate autonomously and are designed with the modern industrial environment in mind. The threat of mega cyberattacks targeting critical infrastructure is worsening, according to a joint study conducted by the Ponemon Institute and Siemens that surveyed global energy industry executives on a wide range of threats, vulnerabilities, and strategies required to protect oil and gas assets. The study found that 67 percent of respondents believe the risk level to industrial control systems over the past few years has substantially increased because of cyber threats. The study also found that 61 percent of respondents said their organization's industrial control systems protection and security was not adequate. Cyberattacks on the energy industry are on the rise in volume and in sophistication, and they increasingly threaten companies' physical safety and security, business operations. OT assets operating in the field today are particularly vulnerable to cyberattacks as much of the energy industry's critical infrastructure was engineered before the widespread digitization of industrial control systems. This leaves portions - or entire fleets - without the ability to be patched or cost effectively updated with new security defenses. With award-winning machine learning technology, a multinational footprint, and expert teams focused on defense, IIoT, and finance, SparkCognition builds artificial intelligence systems to advance the most important interests of society. Our customers are trusted with protecting and advancing lives, infrastructure, and financial systems across the globe. Siemens Gas and Power GmbH & Co. KG is the global energy business of the Siemens group, which has been working with its customers on solutions for the evolving demands of industry and society for more than 150 years. With planned stock listing, Siemens' energy business will operate independently as Siemens Energy in the future. It will offer broad expertise across the entire energy value chain, along with a comprehensive portfolio for utilities, independent power producers, transmission system operators, the oil and gas industry, and other energy-intensive industries. Read more: SMALL AND MEDIUM BUSINESSES NEED TO IMPROVE THEIR CYBERSECURITY POST COVID-19 LOCKDOWN

Read More

Spotlight

Poly is the global communications company that powers authentic human connection and collaboration. Face to face, we sift and sort millions of verbal and non-verbal cues to glean meaning. Poly is finding new ways to inject these cues into audio and video communication to replicate the face to face experience.