Hey there, FixMeFans and StartMeStars! We’re back with another edition of our weekly cybersecurity roundup where we deliver the most recent comings and goings of the cybersecurity world.
This week we’re coming to you with news about a remote hacking bug that has affected billions of Apple devices, how malicious apps on Google Play drop banking Trojans onto users’ devices, and how one of the world’s top Covid-19 biology labs has been hacked.
Recently, a security vulnerability has been found among Apple devices which could allow for attackers to run code on a user’s device through malicious web content.
This vulnerability, known as CVE-2021-1844, stems from a memory corruption issue found on Apple devices. When the proper code is executed from malicious websites, attackers can effectively gain access to the victim’s device.
This is another example of how running an outdated operating system can be dangerous for your security. If your OS is outdated and you want a safe, secure, and private way to use your computer consider the StartMeStick – it breathes a new life into old computers. Check it out here.
You can read more about the vulnerability here!
Google has recently removed 10 apps from its Play Store as the apps contained droppers for financial Trojans.
Following a report from Check Point Research (CPR), it appears that malicious Android applications were being uploaded to the Play Store while masquerading as harmless utility applications. By using the software from existing, legitimate open-source Android apps, the malicious software was able to bypass Google’s standard security protections.
Once installed, the apps deliver financial malware to the victim’s device, injecting malicious code into existing, legitimate financial apps. Once compromised, attackers can hijack banking apps to obtain access to user accounts and steal their financial data.
Curious? You can read more about the Trojan here.
Oxford University confirmed recently that it had detected and isolated an incident at the Division of Structural Biology after Forbes disclosed that hackers were showing off access to a number of systems. While the university hasn’t provided further comments regarding the incident, it has contacted the National Cyber Security Center (NCSC) which will now investigate the attack.
According to reports, the university initially experienced breaches on February 13 and 14, indicating that the hackers had access to data up until the time of discovery. However, only certain areas of research were targeted, namely those surrounding preparation of biochemical samples.
The breach was discovered after the attackers began selling the access credentials online, which may mean that the hackers were not state-sponsored, but rather cybercriminals hoping to profit off of the leaked data.
You can read more about the situation here!
That’s all for this week’s roundup folks! We hope you’re staying safe with all that’s going on, especially when it comes to your cybersecurity!