Go to listing page

Cyware Daily Threat Intelligence, December 01, 2022

Cyware Daily Threat Intelligence, December 01, 2022

Share Blog Post

Fake apps continue to work effectively in the favor of cybercriminals. For instance, Zimperium laid bare a malware threat that claimed more than 300,000 users across 71 countries. The threat reportedly posed as a legitimate education-themed application to trick users into blurting out their Facebook credentials. On similar lines, Lookout researchers unearthed a sea of fake loan apps on Google Play and Apple App Store, concentrating on targets in developing countries. 

That’s not it. A handful of bugs in Nvidia GPU Display Driver were found threatful to users against code execution, denial of service, data leakage, and other attacks. The company fixed a total of 29 flaws.

Top Breaches Reported in the Last 24 Hours


LastPass confirms data breach
LastPass and its parent company GoTo disclosed a security incident wherein an unauthorized party illegally accessed some of their customers’ information. It added that all the customer passwords are safe. Other stolen data remains unclear.

Colombian healthcare provider attacked
The RansomHouse ransomware group targeted Keralty, a multinational healthcare organization, knocking its websites offline while interrupting the operations of the company and its subsidiaries. The healthcare giant operates 12 hospitals and 371 medical centers in Latin America, the U.S., Spain, and Asia.

Top Malware Reported in the Last 24 Hours


Fake security app traps Japanese users
McAfee’s Mobile Research team identified a fake version of a legitimate mobile security app on the Google Play Store targeting Japanese users. The threat actors used Google Drive to distribute the malware. The malware can extract passwords and abuse reverse proxy to snoop around the mobile payment services.

Schoolyard Bully Trojan
Approximately 300,000 users across 71 countries have fallen victim to a new Android threat campaign. According to Zimperium, a mobile security firm, the malicious software posed as a legitimate education-themed application to harvest users’ Facebook credentials. The trojan used native libraries such as "libabc.so" to dodge device security.

Blackmailing through bogus loan apps
Researchers at Lookout discovered roughly 300 Android and iOS apps manipulating individuals into taking loans. It is specifically targeting those who do not qualify for a traditional loan. Through unfair loan terms, hackers attempt to exfiltrate a wide range of user data and use it later to blackmail them for repayment.

Top Vulnerabilities Reported in the Last 24 Hours


Nvidia GPU bugs expose gamers and more
Nvidia addressed 29 security bugs, seven of those classified as severe, in its GPU Display Driver. Among those, the two most sensitive bugs are CVE-2022-34669 and CVE-2022-34671, which exist in the user mode layer for Windows versions. The exploitation of both can allow arbitrary code execution, privilege escalation, and DoS condition, and also lead to data exposure.

Chrome 108 receives multiple patches
Google released Chrome 108, which fixes 28 vulnerabilities with eight being in high-severity and 14 in the medium-severity category. Considering the top bug bounty reward, CVE-2022-4174 stood out as the most severe of these bugs. It is a type of confusion issue in the web browser’s V8 JavaScript engine.

 Tags

fake security apps
keralty
chrome 108
nvidia gpu display driver
lastpass
loan apps
schoolyard bully trojan
goto

Posted on: December 01, 2022


More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.