The Jerusalem Post reports that Clearsky says Hamas has been trying to install a bogus version of a missile warning app on Israeli smart phones. The app is a multifunctional one, designed to record conversations, take pictures, send texts, and geolocate the infected phone.
A new variant of Dharma ransomware—it appends a [dot]cmb extension to the files it encrypts, is now circulating in the wild. Like other stains of Dharma, this is installed manually by exploiting Remote Desktop Protocol. There's no decryptor available yet, and as always the first defense against a ransomware attack is secure, reliable, regular backup.
Radware reports that vulnerable D-Link routers are being exploited by criminals to send people to bogus Brazilian banks where they're bubbled out of their cash.
Dr. Web reports that a version of Clipper for Android is in circulation. As its name suggests, the malware replaces crypto-wallet addresses in the victim's clipboard with addresses that redirect to the criminals' wallets.
Utilities remain on alert for expected cyberattacks. In the US, the Tennessee Valley Authority, a large power provider, is taking steps to secure itself against hacking. Such attacks may not be as direct as expected. Princeton University researchers report results that suggest a botnet of home water heaters and air conditioners could cycle power demand rapidly enough to disrupt a significant portion of the grid.
An ioActive researcher has demonstrated the ability to hack not just in-flight airline Wi-Fi, but the satellite communications networks they and other aircraft systems depend on.