Hackers have flooded Android app stores, including the official Google Play store, with over 1,000 spyware apps, which have the capability to monitor almost every action on an infected device. Dubbed SonicSpy, the malware can silently record calls and audio, take photos, make calls, send text messages to numbers specified by the attackers, and monitor calls logs, contacts, and information about wi-fi access points.
Earlier this week, Adobe patched a vulnerability in Flash Player that allows an attacker to use malicious Flash files to leak Windows credentials. The security issue is tracked under the CVE-2017-3085 identifier and affects Flash Player versions from 23.0.0.162 up to 26.0.0.137, running on Windows XP, Vista, 7, 8.x, and 10.
Scientists at the University of Washington in Seattle, have successfully been able to code a malware program into a DNA sample and use it to hack into a computer that was studying it. By doing this, they have exposed a weakness in systems that could lead to hackers taking control of computers in research centres, universities and laboratories, reports MIT technology review. Researchers are calling this the first “DNA-based exploit of a computer system.”
Through a large malspam campaign, Locky is back and currently being heavily distributed worldwide. While Locky was at one point considered the largest distributed ransomware, over time it became much more common to see other ransomware such as Cerber, Spora, and now even GlobeImposter. While it is too soon to tell if this is just another brief surge or an attempt to become a large player again, what we do know is that this particular campaign is strong with a wide distribution.