Mobile trojan detections have significantly increased in the first quarter of 2022 even though mobile malware volumes have dwindled since 2020, suggesting the increasing push toward more advanced threat campaigns, BleepingComputer reports.
New security vulnerabilities have been added by Keksec threat group, also known as Kek Security, FreakOut, and Necro, to its Enemybot Linux-based botnet to attack web servers, content management systems, and Android devices, reports The Hacker News.
Threat actors have hijacked the PyPi package dubbed "ctx" and the "phpass" PHP package to facilitate AWS credential exfiltration, reports The Hacker News.
Sixty-five major cyberattacks against blockchain and decentralized platforms last year have resulted in $1.8 billion in losses, even though 90% of the intrusions were deemed to be "unsophisticated," ZDNet reports.
Amazon Web Services has been urged by Access Now, Just Futures Law, the Immigration Defense Project, and other digital and human rights activists to cancel a contract with hosting the Department of Homeland Security's new biometric data collection system, which invades privacy and human rights, CyberScoop reports.
The Register reports that fixes have been issued by Zoom for a medium-severity security flaw, tracked as CVE-2022-22787, which could be abused to facilitate malicious code execution.
Trend Micro has addressed a Trend Micro Security DLL hijacking vulnerability, which has been actively exploited by Chinese threat group Moshen Dragon, BleepingComputer reports.