Spyware dressed as a health tool - the BMI CalculationVsn app exposed how malicious actors exploit even mundane utilities to infiltrate devices. Found on the Amazon Appstore, the app secretly recorded screens, scanned installed apps, and intercepted SMS messages before its removal. When industrial processes meet malware, the risks can be catastrophic. The Ramnit and Chaya_003 malware are targeting Mitsubishi and Siemens ICS workstations, to disrupt operational technology. Cryptocurrency platforms became a goldmine for hackers in 2024, with $2 billion stolen worldwide. Chainalysis revealed North Korea as the primary culprit. Read on for details.
01
The Amazon Appstore was found to have a malicious Android spyware app called BMI CalculationVsn disguised as a health tool. It recorded the device screen, scanned for installed apps, and intercepted SMS.
02
An analysis by Forescout revealed new malware attacks targeting ICS, specifically Mitsubishi and Siemens engineering workstations. Named Ramnit and Chaya_003, the malware can terminate engineering processes.
03
A social engineering scheme is targeting popular software brands such as Notepad, Microsoft Teams, and FileZilla, to trick users into copying and executing malicious PowerShell commands from clipboard.
04
The npm registry has been infiltrated by malicious typosquats impersonating legitimate packages, including TypeScript’s ESLint and @types/node, both of which have been downloaded thousands of times.
05
The CISA has added a critical flaw (CVE-2024-12356) affecting BeyondTrust Privileged Remote Access and Remote Support products to its KEV catalog due to active exploitation.
06
Sophos has fixed three critical security vulnerabilities—CVE-2024-12727, CVE-2024-12728, and CVE-2024-12729—in its Sophos Firewall product, which can lead to serious risks, like RCE and privilege escalation.
07
Research by Chainalysis revealed that over $2 billion worth of cryptocurrency was stolen from crypto platforms in 2024. North Korea accounted for the majority of the thefts, stealing $1.34 billion across 47 incidents.
08
Dragos has identified 23 ransomware groups that impacted industrial organizations in Q3 2024. Some groups are new while others are rebranded.
09
SailPoint announced the acquisition of Imprivata's identity governance business to enhance healthcare security globally.
10
OPSWAT purchased Fend, an OT cybersecurity startup, to address market gaps by offering data diodes for a wider range of use cases and enhancing data security features.
