Threatpost

Massive Malvertising Campaign Reaches 100M Ads, Manipulates Supply Chain A sophisticated and growing malvertising attacker is partnering with legitimate ad tech platforms to drop malware at scale. StrongPity APT Returns with Retooled Spyware The group is using malicious versions of WinRAR and other legitimate software packages to infect targets, likely via watering-hole attacks. LenovoEMC Storage Gear Leaks Sensitive Financial Data Lenovo patches enterprise and SMB network attached storage devices for a vulnerability that leaked data to the public internet. The Future is Female: A Key to the Cybersecurity Workforce Challenge With cybersecurity worldwide facing a major applicant shortage, businesses should be courting women and supporting girls. WhatsApp, Telegram Coding Blunders Can Expose Personal Media Files The issue, present on Android versions, is similar to the known man-in-the-disk attack vector. JetBlue Bomb Scare Set Off with Apple AirDrop Someone AirDropped a picture of a suicide vest to multiple people on a JetBlue flight, prompting an evacuation. Privacy Experts: Facebook’s $5B Fine Unlikely to Do Much The FTC has levied its biggest fine ever against the social network, but it's unlikely to have much effect. Turla APT Returns with New Malware, Anti-Censorship Angle A dropper called "Topinambour" is the first-stage implant, which in turn fetches a spy trojan built in several coding languages. Researcher Bypasses Instagram 2FA to Hack Any Account An independent researcher earned a $30,000 bug bounty after discovering a weakness in the mobile recovery process. Why Cities Are a Low-Hanging Fruit For Ransomware In this first part of a two part series, Shawn Taylor with Forescout talks to Threatpost about lessons learned from helping Atlanta remediate and recover from its massive ransomware attack.

Distributed by aarss.com.