Blackberry Cylance has released its study of a "suspected Chinese advanced persistent threat group" that's using the open-source PcShare backdoor modified for side-loading by a legitimate NVIDIA application. Once established, the attackers run a version of the Narrator ease-of-access application ("Fake Narrator") to achieve system-level access. The APT is interested in exfiltrating sensitive data, conducting reconnaissance, and moving laterally across networks. The researchers see some possible connection with the Tropic Trooper threat actor, a group that's been most active against targets in Taiwan and the Philippines, but they carefully avoid firm attribution.
Kaspersky says it's found renewed campaigns by Dtrack and the related ATMDtrack in India. Both have been associated with North Korea's Lazarus Group.
Sophos calls it "fleeceware:" Android apps that provide functionality freely available elsewhere, and that hit users with big fees after expiration of a trial period.
Bloomberg reports that acting US Director of National Intelligence Maguire will testify before the House Intelligence Committee today concerning President Trump's conversation with Ukrainian President Zelensky.
CBS News has a summary of compensation available under terms of the Yahoo breach settlement. You could get as much as $100, provided too many other people don't file, too. Also, you'll need to be able to demonstrate actual harm, like having already paid for a credit-monitoring service. You've got until March 6 to object to the arrangement, and until June 20 to file a claim. May it profit you.
Bravo, Emsisoft and Kaspersky, who have released decryptors for WannaCryFake, Yatron, and FortuneCrypt ransomware.