Android trojan attacks PayPal

-
I have to believe that mobile security will be a bigger and bigger issue going forward.  This trojan uses the accessibility features and bypasses even 2 factor. 

https://www.welivesecurity.com/2018/12/11/android-trojan-steals-money-paypal-accounts-2fa/

Comments

Post a Comment

Popular posts from this blog

Password security

-
Image
One of the constant challenges of those of us who create, teach, or enforce passwords and their policies for use is the protection of the password.  I have given talks that try and disuade organizations against making uses change passwords all the time because the tendency is to then write them down.  Here is a classic example of what I see every day.  Now, thanks to AP photographer Jennifer Sinco Kelleher ( https://twitter.com/JenHapa?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor ) everyone else in the world also gets to see it:
Read more

2021 Week 12 Security Roundup

-
  Summary This blog is geared towards cybersecurity events that are of interest to State, Local, Tribal, and Territorial (SLTT) governments in the United States of America.  It is hoped that this focus will help SLTT information technology workers and policymakers to get the information relevant to their mission.  If you are in other sectors hopefully there is information you can find useful as well.   Updates on Solar Wind and the Microsoft ProxyLogon issues dominated news again this week.  Breaking news is that as of Thursday night, Defender and System Center Endpoint Protection have added automatic patching for the linchpin of the attack playbook.  This was so successful they evidently broke one of their honey-pot farms.   In other news, we had updates from the US and other Federal governments.  There are even more signs of escalation by nation-state actors, primarily China, in what many are seeing as a global cyberwar.  We also ...
Read more

2021 Week 30 & 31 Security Roundup

-
 Summary There was almost no news last week and my day job and personal life meant little time to write summaries so this week we have a larger release.  This includes a disinformation campaign launched against several agencies.  We also had a lot of information about the growing war using operational technology devices to disrupt infrastructure and potentially cause physical harm. There was also some news of municipal breaches.  Finally, we had several bills that were passed or discussed this week. News Disinformation Campaigns in the spotlight I have been sitting on this partially because some of it came from a restricted briefing and some because I was unsure how much was conjecture and how much was based on hard intelligence.  That being said:  More and more "influencers" are coming forward with information about an "influencer marketing agency" by the name of Fazze.  These people were asked to push an anti-vax agenda on their channels and were pro...
Read more