Android trojan attacks PayPal

-
I have to believe that mobile security will be a bigger and bigger issue going forward.  This trojan uses the accessibility features and bypasses even 2 factor. 

https://www.welivesecurity.com/2018/12/11/android-trojan-steals-money-paypal-accounts-2fa/

Comments

Post a Comment

Popular posts from this blog

2021 Week 30 & 31 Security Roundup

-
 Summary There was almost no news last week and my day job and personal life meant little time to write summaries so this week we have a larger release.  This includes a disinformation campaign launched against several agencies.  We also had a lot of information about the growing war using operational technology devices to disrupt infrastructure and potentially cause physical harm. There was also some news of municipal breaches.  Finally, we had several bills that were passed or discussed this week. News Disinformation Campaigns in the spotlight I have been sitting on this partially because some of it came from a restricted briefing and some because I was unsure how much was conjecture and how much was based on hard intelligence.  That being said:  More and more "influencers" are coming forward with information about an "influencer marketing agency" by the name of Fazze.  These people were asked to push an anti-vax agenda on their channels and were pro...
Read more

2021 Week 17-18 Security Roundup

-
  Summary Spent a week driving around the western US then had to get caught up with work and school, so didn't have the time nor ability to post an update.  Here is what has happened over that time frame. For such a long time period there really is not too much actual news.  In my scanning of sites, it appears that the focus has returned to financial sectors and work from home attacks.  One of the things I have noted over the years is that these things tend to be cyclic, which could indicate that there is some dark web coordination that security practitioners are not yet privy to (though nation-state experts might be).   News Washington D.C. police server hacked by Russian group A Russian hacking group named Babuk posted screenshots that seek to prove that they have accessed several databases by the Washington D.C. police department.  The group left a text document on their network outlining how to pay the ransom to get locked files back and to bribe t...
Read more

2021 Week 20 - 23 Security Roundup

-
  Summary Sorry for the delay.  I had training for work and a class that I thought would be 6 weeks that turned out to be 3 weeks which took up all my time.  This is longer than normal for that reason and also because there was a lot of news.  I also want to apologize for some formatting issues.  Somehow I managed to break the blogger editor on this post.  It might be because of the size.  Hopefully, all will be back to normal next week. A lot of different topics to cover this week.  Both old and new.  This includes more information on the Darkside attack, several new attacks on local governments, and emerging techniques used by threat actors. News Colonial Pipeline Ransomware Hack We are learning more and more about this and the Monday morning quarterbacks are starting to second-guessing everything.  One thing that has come out is that much like the Ireland HSE attack earlier this year, the decryptor was produced so slowly that Colonial...
Read more