21 malicious Google Play apps downloaded 8M times, Hackers blackmail Vastaamo patients after breach, and more

Originally published at: https://cloudsek.com/threatintel/21-malicious-google-play-apps-downloaded-8m-times-hackers-blackmail-vastaamo-patients-after-breach-and-more/

Round Up of Major Breaches and Scams

21 Malicious Apps Downloaded 8 Million Times From Google Play

Despite Google’s best efforts to keep Android users safe, malware does manage to slip into Google Play from time to time, and the 21 malicious apps that Avast identified recently are proof of that. Catered for gamers, the apps were found to include adware that is part of the HiddenAds family. The offending applications appear to have been downloaded roughly 8 million times before being discovered.

Trump’s official campaign website vandalized by hackers who ‘had enough of the President’s fake news’

Donald Trump’s presidential campaign website was briefly hacked and defaced tonight. The site, donaldjtrump.com, was replaced with a message parodying the domain-name seizures typically announced by Uncle Sam’s agents against crooks and terrorists. It claimed, alongside US government seals, “this site was seized” because “the world has had enough of the fake news spreaded [sic] daily by President Donald J Trump.”

Hackers blackmail vulnerable patients after psychotherapy clinic hack

Confidential data of thousands of Finnish psychotherapy clinic patients has been exposed to hackers after data breach. In Finland, a private psychotherapy clinic became the victim of a data breach about two years ago, but now a threat actor is blackmailing the clinic for ransom. The Finnish psychotherapy center Vastaamo is a nationwide practice and has over a dozen branches and roughly 40,000 patients, while it also offers contract-based services to several institutions in Finland.

FTC receives almost 2 million robocall complaints in nine months

The Federal Trade Commission (FTC) received almost 2 million complaints from Americans regarding illegal robocalls during the first nine months of 2020. These stats are included in the U.S. Department of Justice Telephone Robocall Abuse Criminal Enforcement and Deterrence Act 2020 Report to Congress. “Illegal robocalls remain a significant consumer protection problem and one of consumers’ top complaints to the Federal Trade Commission (FTC),” the report says.

The lowly DDoS attack is still a viable threat for undermining elections

Scenes like what happened to Florida’s voter registration site on Oct. 6 has played out over and over again: A system goes down, and questions fly. Was there a cyberattack, specifically a distributed denial-of-service (DDoS) attack meant to overwhelm a website site with traffic, knocking it offline? Could there have been too many legitimate visitors rushing to the site to beat the voter registration deadline — that surged past what the system could handle?

Iran’s bogus email campaign on U.S. elections had a Facebook disinformation prong

Facebook has removed a network of fake accounts and pages with connections to the Iranian government, one of which was peddling misinformation related to the U.S. elections, the company announced Tuesday. The Iranian network broadly focused on the U.S. and Israel, but it included one fake account that was operating as part of the Iranian email misinformation campaign that sent unsubstantiated threats about voting to Democratic voters in the U.S., Facebook’s head of cybersecurity policy Nathaniel Gleicher told reporters in a phone call.

Nitro software data breach: Hackers claim selling customer data

Nitro Software Inc’s data breach may affect industry bigwigs like Apple, Google, and Microsoft. A well-known document productivity company in Australia, Nitro Software Inc., became the target of a data breach on October 21st. Apparently, the customer data of the company is up for sale on the dark web. Nitro Software’s services are used by around 1.8 million licensed users and more than 10 thousand business customers. It is an application that creates, edits, and sign digital and PDF documents.

Round Up of Major Malware and Ransomware Incidents

Steelcase furniture giant hit by Ryuk ransomware attack

Office furniture giant Steelcase has suffered a ransomware attack that forced them to shut down their network to contain the attack’s spread. Steelcase is the largest office furniture manufacturer globally, with 13,000 employees and $3.7 billion in 2020. In an 8-K form filed with the Securities and Exchange Commission (SEC), Steelcase has disclosed that they were the victim of a cyberattack on October 22nd, 2020.

Round Up of Major Vulnerabilities and Patches

Lax Security Exposes Smart-Irrigation Systems to Attack Across the Globe

Systems designed by Mottech Water Management were misconfigured and put in place and connected to the internet without password protections. More than 100 smart-irrigation systems deployed across the globe were installed without changing the factory’s default, passwordless setting, leaving them vulnerable to malicious attacks, according to recent findings from Israeli security research firm Security Joes.

Zoom finally adds end-to-end encryption for all, for free – though there are caveats

Zoom has finally added end-to-end encryption to its video conferencing service at no additional cost for all users, whether they are paying subscribers or not. The feature has been long awaited given the service’s massive take-up as a result of pandemic lockdowns: something that swung a spotlight on its patchy security. It is available now as a “technical preview” for the next 30 days, the company announced on Tuesday, and it is looking for user feedback before rolling it out.

Microsoft releases update to remove Adobe Flash from Windows

Microsoft has released the KB4577586 update to remove Adobe Flash from Windows and prevents it from being installed again. In September 2020, Microsoft announced that an optional update would be released in the fall to uninstall Adobe Flash Player and prevent it from being installed again on the same device. Today, Microsoft has released the “Update for the removal of Adobe Flash Player: October 27, 2020” KB4577586 update to remove Adobe Flash from all versions of Windows 10 and Windows Server.