Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, read the key takeaways from Trend Micro’s first half of 2021 Linux Threat report. Also, read about Google removing fake crypto-mining apps from the Play Store.
As the popularity of Linux continues to increase, so does its attack surface. This brings to light a pressing question for organizations: who is responsible for the security of all the Linux instances running your cloud environment? This blog highlights key takeaways from Trend Micro’s Linux Threat report.
Google has removed eight fake crypto-mining mobile apps from its Play Store, but researchers at security firm Trend Micro have flagged 120 other apps on users’ phones purporting to also be crypto-mining. Users of the eight apps paid for crypto-mining services that were never delivered, the researchers say.
Last year, Trend Micro studied new malware tools that surfaced as part of a cyberespionage campaign, which Earth Baku — a notorious advanced persistent threat (APT) group, better known as APT41 — had carried out against organizations in the Indo-Pacific region. This report shares key findings with a view to encourage further research into this active campaign.
Ransomware is on a rampage targeting industry and organizations. It is also and creating significant cybersecurity challenges. The current state of cyber-affairs is an especially alarming one because ransomware attacks are growing not only in numbers, but also in the financial and reputational costs to businesses and organizations and now the U.S. government is focusing on ransomware as a law enforcement issue.
IT security buyers face increasingly difficult decisions today. With a security market swollen with vendors and worth an estimated $156 billion in 2020, how can you differentiate marketing spin from reality and find the right products for your business? One answer is to study independent lab testing from reputable vendor-neutral sources. That’s why Trend Micro recently submitted its TippingPoint Threat Protection System 5500TX to NetSecOPEN for review.
The FBI is warning companies that a ransomware group calling itself OnePercent or 1Percent is leveraging the IceID Trojan and the Cobalt Strike backdoor to gain a foothold inside networks. Like many other high-profile ransomware groups, OnePercent both encrypts and steals corporate data, threatening victims to release or auction the information if the ransom is not paid.
Trend Micro recently detected an aggressive malware distribution campaign delivering LokiBot via multiple techniques, including the exploitation of older vulnerabilities. This blog describes an example of one the methods used in the campaign, as well as a short analysis of the payload. Researchers found that one of the command-and-control (C&C) servers had enabled directory browsing, allowing us to retrieve updated samples.
A threat actor called “Mr. White Hat” has returned the $610 million stolen from the decentralized finance platform Poly Network. The breached company did everything from threaten to sic law enforcement on the attacker on up to its ultimate offer: the position of chief security officer in exchange for getting its money back. Mr. White Hat, as Poly Network dubbed him, said the plan was never to keep the money, just to prove there are security weaknesses associated with DeFi platforms.
NortonLifeLock and Avast announced an $8 billion deal which will see the two consumer cybersecurity vendors merge their respective businesses. The two have highlighted the “compelling strategic and financial rationale” behind the merger. This blog discusses what the merger means for customers and the cybersecurity industry.
The Biden administration announced initiatives to bolster supply chain and natural gas pipeline security, following a White House private sector cybersecurity summit where major companies pledged billions of dollars in cyber security.
What do you think is the most surprising stat from the Linux Threat report? Share in the comments below or follow me on Twitter to continue the conversation: @JonLClay.