Malware Tech News
Top headlines today November 11, 2022
- Exchange Server Vulnerabilities Persist
- Microsoft 365 Apps Under Attack
- Android Based Trojan Vultur Tops Downloads in Google Play Store
- RomCom's Trojan Now Speaks English
Wired magazine recently published an
article on the continued insecure nature of
Microsoft Exchange Server on-premises version, claiming the mail server contains “endless vulnerabilities”. Moreover, it urges users of the venerable mail server to ditch onsite version and instead use
Exchange Online. This is a must-read piece or article if you are now running Exchange in-house. You’ll realize just how hackable it can be, especially if you don’t keep up to date with the latest patches.
More on the Microsoft front: According to
InfoSecurity Group (magazine),
Microsoft 365 apps are the most exploited cloud services on the Web. The
article is derived from a report by
Netscope Threat Labs. Previously known as Microsoft Office 365, the apps offered on the cloud platform provide a robust and diverse vector for deploying malware or malicious code.
Source: Netscope Threat Labs
InfoSecurity Group also referred to
Cleafy’s alert on the nefarious dropper banking app Vultur that’s wreaking havoc on Google’s
Play store. According to the article, more than 100,000 downloads of the trojan “utility app” have been installed and in the process have successfully bypassed Google’s security measures in the Play store, largely due to its small size or footprint and lack of permissions.
Malwarebytes Labs reported on its blog yesterday (Nov. 7th) that hacker outfit
RomCom developed a remote access Trojan that is now piggy backing on a number of popular software products and is now targeting English speaking countries in Europe, such as the U.K. RomCom’s
threat actors are insidious in that they use a number of different cybersecurity
threat vectors in order to infiltrate an organization or its systems and apps, including spoofing and phishing, to name a few.