04 Nov 2022
By Mary

InfoSec News Nuggets 11/04/2022

New SandStrike spyware targets Android users with booby-trapped VPN application To lure victims into downloading the spyware implants, adversaries set up Facebook and Instagram accounts with more than 1,000 followers and designed attractive religious-themed graphic materials, setting up an effective trap for adherents of this belief. Most of these social media accounts contain a link to a Telegram channel also created by the attacker. In this channel, the actor behind SandStrike distributed a seemingly harmless…
Read More
11 Oct 2022
By Mary

InfoSec News Nuggets 10/11/2022

Hurricane Ian Destroyed Their Homes. Algorithms Sent Them Money  WHEN Hurricane Ian churned over Florida in late September, it left a trail of destruction from high winds and flooding. But a week after the storm passed, some people in three of the worst-hit counties saw an unexpected beacon of hope. Nearly 3,500 residents of Collier, Charlotte, and Lee Counties received a push notification on their smartphones offering $700 cash assistance, no questions asked. A Google algorithm deployed in…
Read More
07 Dec 2021
By Mary

InfoSec News Nuggets 12/07/2021

SolarWinds hackers have a whole bag of new tricks for mass compromise attacks Almost exactly a year ago, security researchers uncovered one of the worst data breaches in modern history, if not ever: a Kremlin-backed hacking campaign that compromised the servers of network management provider SolarWinds and, from there, the networks of 100 of its highest-profile customers, including nine US federal agencies. Nobelium—the name Microsoft gave to the intruders—was eventually expelled, but the group never gave up…
Read More