Android Apps Riddled with Adware
Another 85 photo and gaming apps have been removed from the Google Play store after they were discovered to have been distributing adware to the roughly 8 million users who had downloaded the fake apps. The adware itself is rather tricky: by sitting dormant on devices for at least 30 minutes to avoid detection, they are then able to display a steady stream of full-screen ads that make users wait through each in its entirety before allowing continued use of the app.
Texas Hit by Multiple Ransomware Attacks
Several Texas municipalities have fallen victim to a single ransomware campaign affecting at least 22 locations and asking a cumulative ransom of $2.5 million. The state of Texas has been under fire for the past few months, suffering a seemingly endless string of ransomware attacks on local governments. Fortunately, many of the targeted districts have been swift to remediate issues and are already on the path to full system recovery, managing to avoid paying heavy ransoms.
Steam Zero-Days Released After Valve Bans Submitter
A researcher recently found several zero-day vulnerabilities within the Steam API that could allow for local privilege escalation (LPE), which could then allow malware to use the client as a launching point. Unfortunately, Valve decided the bug was outside of its scope of responsibility, locked the report, and refused to investigate it any further, also banning the submitter from the bug bounty program. Eventually, after much negative media coverage, Valve pushed out a patch that was quickly subverted by another workaround. It is unusual for a company with so many active users to blatantly ignore one of Microsoft’s most commonly patched vulnerabilities.
Adult Site Database Exposed
Yet another adult site has fallen victim to poor information security practices after a database containing personally identifiable information belonging to nearly 1 million users was misconfigured and left publicly available. The leak was discovered by researchers who were able to verify a breach and swiftly report it to the site, which took only four days to secure the data. Site users were notified of the breach and are being advised to change login credentials, especially those using work devices or contact details.
Magecart Found in Poker Tracker
The infamous Magecart card-skimming script was recently found loaded into Poker Tracker’s main site, which allows online poker players to make statistics-based betting decisions. It was later revealed that the site was fully injected via an outdated version of Drupal that has since been updated. The attack left the attackers with a copy of every payment made through the site or the app.