The new ISIS cyber push continues to get tepid technical reviews from the security industry—not much real computer network attack capability, and probably not much capability for anything other than propaganda. The US anti-ISIS cyber campaign’s goal seems clear: visit the “loser effect” on the Caliphate.
The Panama Papers are likely to appear in searchable form on the ICIJ’s website this coming month, Computerwoche reports.
Cisco’s Talos unit says software exhibiting “adware and spyware capabilities” is installed on some 12 million PCs worldwide, effectively presenting attackers with a backdoor into the devices. The application Talos flagged is Tuto4PC’s OneSoftPerDay. Tuto4PC strongly disputes Talos’s conclusions, and says it’s taking legal advice.
PhishLabs researchers say they’re seeing more serpents in Google Play’s walled garden. In this case cash-stealing HTML scams are slithering through.
Criminals continue devoting attention to mobile malware. Zscaler finds information stealing Android malware circulating in the wild posing as a Chrome update.
University of California Santa Barbara researchers say the Wave navigation app leaves users vulnerable to geo-stalking.
Some developers building applications for the popular messaging and collaboration platform Slack have been carelessly, inattentively, putting API credentials out in GitHub. Detectify researchers warn sensitive corporate information could be exposed.
The American Dental Association mailed dental offices USB drives containing dental procedure codes. Some of those drives also opened a website known for malware distribution.
SWIFT is updated; observers think more needs to be done to upgrade the financial transaction network’s security.
Symantec’s disappointing results prompt an executive reshuffle.