Any of you work in the gig economy? Kaspersky says cyber criminals are phishing freelancers with bogus promises of work that take the victims to the legitimate AirDroid app, then sends them credentials for a test account. Taking the login bait infects the freelancer’s device.
Cymmetria reports finding a new threat group, “Patchwork,” active in South and Southwest Asia, that draws its attack code from sources its cut-and-pasted from the internet. Many observers demur that a cut-and-paste operation could count as an “advanced persistent threat” (skeptical emphasis on “advanced”) but Cymmetria finds Patchwork’s ability to penetrate relatively hard targets impressive.
Senrio researchers release details of a flaw in D-Link routers. Some 400,000 devices are vulnerable.
Yingmob, to whom the HummingBad adware campaign has been attributed, is joined in the click fraud rogues’ gallery by another marketing outfit: Cybereason says that a TargetingEdge employee wrote “Pirrit” adware.
In industry news, Avast buys AVG for $1.3 billion. Container security shop Twistlock raises $10 million.
Some observers see a lull in Iranian-US cyber operations against one another. Agreement reached between the two countries over Iran’s nuclear program is thought to have produced the irenic effect some believe they’re seeing.
ISIS bombings are seen by many as, fundamentally, a brutal form of information operations. There’s much revulsion among the victims, but recruits continue to find meaning in bloody jihad’s online echo chamber.
In the US, FBI Director Comey is explaining to the House Oversight Committee why the Bureau declined to recommend indicting Hillary Clinton.