Νέα Ασφάλειας

Google reacted severely against nearly 600 Android apps in Play Store that were violating two ad-related policies by kicking them out of the repository.

The penalty went further with banning the apps from the company’s ad monetization platforms (Google AdMob and Google Ad Manager), essentially cutting authors any hope of getting revenue from their apps through Google.

Ad-serving principles

In an announcement today, the company explains that offensive apps featured advertisements in a way that was in contrast with the disruptive ads and disallowed interstitial policies.

Read more »

Slickwraps has suffered a data breach after a security researcher was able to access their systems and after receiving no response to emails, publicly disclosed how they gained access to the site and the data that was exposed.

Slickwraps is a mobile device case retailer who sells a large assortment of premade cases and custom cases from images uploaded by customers.

In a post to Medium, a security researcher named Lynx states that in January 2020 he was able to gain full access to the Slickwraps web site using a path traversal vulnerability in an upload script used for case customizations.

Using this access, Lynx stated that they were allegedly able to gain access to the resumes of employees, 9GB of personal customer photos, ZenDesk ticketing system, API credentials, and personal customer information such as hashed passwords, addresses, email addresses, phone numbers, and transactions.

Read more »

Sextortion scammers are now targeting potential victims with spam sent to their work emails via the Emotet botnet, a distribution channel 10 times more effective than previous ones according to research published today by IBM X-Force.

Sextortion is a type of email scam first seen in the wild during July 2018 when crooks started emailing potential targets and claiming that they have them recorded on video while browsing adult sites.

To increase their scams messages’ credibility, in some cases the scammers also include the victims’ passwords leaked with the email addresses as part of a data breach dump.

Read more »

A new utility has been released by Japan CERT (computer emergency response team) that allows Windows users to easily check if they are infected with the Emotet Trojan.

The Emotet Trojan is one of the most actively distributed malware that is spread through phishing emails with malicious Word document attachments.

These emails pretend to be invoices, shipping notices, account reports, holiday party invites, and even information about the Coronavirus in the hopes that you will be enticed, or tricked, into opening the attachment. Read more »