Independent – Page 47 – PossibleThreat Articles

U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer

November 28, 2022 0 Comments A Little Sunshine, arello-mobile, army times, constella intelligence, foreign adtech, intelligence authorization act for 2023, Latest Warnings, max konev, national training center, pincer trojan, pushwoosh, reuters, The Coming Storm, u.s. army, yuri shmakov, zach edwards

Credit to Author: BrianKrebs| Date: Mon, 28 Nov 2022 22:08:21 +0000

A recent scoop by Reuters revealed that mobile apps for the U.S. Army and the Centers for Disease Control and Prevention (CDC) were integrating software that sends visitor data to a Russian company called Pushwoosh, which claims to be based in the United States. But that story omitted an important historical detail about Pushwoosh: In 2013, one of its developers admitted to authoring the Pincer Trojan, malware designed to surreptitiously intercept and forward text messages from Android mobile devices.

ComputerWorld Independent

AWS releases Wickr, its encrypted messaging service for enterprises

November 28, 2022 0 Comments encryption, messaging apps

Just days after announcing the close of its consumer-oriented Wickr Me encrypted messaging service, Amazon Web Services (AWS), at its annual re:Invent conference on Monday, said that it was making the enterprise version of the app generally available.

Dubbed simply AWS Wickr, the service was first announced in July and has been in preview till now.

The enterprise version of the messaging service, designed to allow enterprise users to securely collaborate via text, voice and video, along with file and screen sharing, is expected to help enterprises meet auditing and regulatory requirements such as e-discovery and US Freedom of Information Act (FOIA) requests, the company said in a statement.

To read this article in full, please click here

ComputerWorld Independent

The future of security: smarter devices that protect themselves

November 18, 2022 0 Comments Apple, iOS, Mobile, Security, small and medium business

Jamf officially completed its acquisition of Zecops this week. Why is this important and what might it mean to enterprise mobile security? Potentially, a lot.

Security beyond the perimiter

To get an answer to the question, think about how security has evolved. as the proliferation of mobile devices has made traditional security protections even less effective than they used to be.

To read this article in full, please click here

Independent Krebs Security

Researchers Quietly Cracked Zeppelin Ransomware Keys

November 17, 2022 0 Comments A Little Sunshine, cybersecurity & infrastructure security agency, digital ocean, FBI, joel lathrop, lance james, Ransomware, security tools, unit 221b, zeppelin decryptor, zeppelin ransomware

Credit to Author: BrianKrebs| Date: Fri, 18 Nov 2022 02:30:26 +0000

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “Zeppelin” in May 2020. He’d been on the job less than six months, and because of the way his predecessor architected things,… Read More »

ComputerWorld Independent

Why Macs and iPhones should avoid installing 'orphan' apps

November 17, 2022 0 Comments Apple, Mobile, mobile apps, Security, small and medium business

There are many reasons any business with a connected fleet of tech products needs robust security policies in place. But the need to protect the enterprise against vulnerabilities inherited with third-party software must be among the biggest motivators. While I shouldn’t need to convince Computerworld readers to keep things locked down, I want to reprise two recent reports to reinforce the warning.

Half of all macOS malware comes from one app

Elastic Security Labs (via 9to5Mac) recently estimated that half of all macOS malware is installed as a result of poor management of the MacKeeper utility app. The report said almost 50% of Mac malware arrives through its installation.

To read this article in full, please click here

Independent Krebs Security

Disneyland Malware Team: It’s a Puny World After All

November 16, 2022 0 Comments A Little Sunshine, alex holden, disneyland team, gozi trojan, Hold Security, Ne'er-Do-Well News, Web Fraud 2.0, web injects

Credit to Author: BrianKrebs| Date: Wed, 16 Nov 2022 17:32:00 +0000

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode, an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic and Ukrainian.

ComputerWorld Independent

Offboarding processes pose security risks as job turnover increases: Report

November 16, 2022 0 Comments change management, Security, staff management

Organizations across multiple industries are struggling to mitigate potential risks—including loss of end-user and storage devices as well as unauthorized use of SaaS applications—during their offboarding process, according to new research conducted by YouGov in partnership with Enterprise Technology Management (ETM) firm Oomnitza.

Over the last 18 months, employee turnover has increased, with the US Department of Labor estimating that by the end of 2021, a total of 69 million people—more than 20% of Americans—had either lost or changed their job. Although these figures could initially be attributed to the so-called Great Resignation, this figure is likely to increase due to the numerous job cuts that are now being reported—including layoffs at major technology companies—as organizations look to reduce operational costs.

To read this article in full, please click here

ComputerWorld Independent

Mosyle brings new iPhone, iPad endpoint security options

November 16, 2022 0 Comments Apple, iOS, mobile device management, Security

Mosyle is ramping up its wares with new security protections for iPhones and iPad adding more fuel to the Apple-in-the-enterprise fire.

Hardening and compliance options for iPhones and iPads

The company is unveiling its first endpoint security solution for IT admins overseeing fleets of mobile Apple devices. The idea is that the product, Mosyle Hardening and Compliance, ensures that employee devices are protected, compliant, and following the latest cybersecurity benchmarks.

To read this article in full, please click here

Independent Krebs Security

Top Zeus Botnet Suspect “Tank” Arrested in Geneva

November 15, 2022 0 Comments jabberzeus, Ne'er-Do-Well News, tank, vyacheslav igorevich penchukov

Credit to Author: BrianKrebs| Date: Tue, 15 Nov 2022 15:38:20 +0000

Vyacheslav “Tank” Penchukov, the accused 40-year-old Ukrainian leader of a prolific cybercriminal group that stole tens of millions of dollars from small to mid-sized businesses in the United States and Europe, has been arrested in Switzerland, according to multiple sources.

ComputerWorld Independent

Do you really know what’s inside your iOS and Android apps?

November 14, 2022 0 Comments Android, Apple, iOS, Mobile, Security, small and medium business, Software Development

It’s time to audit your code, as it appears that some no/low code features used in iOS or Android apps may not be as secure as you thought. That’s the big take away from a report explaining that disguised Russian software is being used in apps from the US Army, CDC, the UK Labour party, and other entities.

When Washington becomes Siberia

What’s at issue is that code developed by a company called Pushwoosh has been deployed within thousands of apps from thousands of entities. These include the Centers for Disease Control and Prevention (CDC), which claims it was led to believe Pushwoosh was based in Washington when the developer is, in fact, based in Siberia, Reuters explains. A visit to the Pushwoosh Twitter feed shows the company claiming to be based in Washington, DC.

To read this article in full, please click here