"Evil Telegram campaign on Google Play infected thousands with spyware."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 10 September 2023, 1446 UTC.  Content provided by ""

Source: ("").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (

'Evil Telegram' campaign on Google Play infected thousands with spyware

  • Several malicious Telegram clones are available on Google Play, Android's official app store, which includes spyware functionality that steals user messages, contacts lists, and other data.

  • Google Chrome

Google rolls out Privacy Sandbox to use Chrome browsing history for ads

  • Google has started to roll out its new interest-based advertising platform called the Privacy Sandbox, shifting the tracking of user's interests from third-party cookies to the Chrome browser.

  • Microsoft Teams

Microsoft Teams phishing attack pushes DarkGate malware

  • A new phishing campaign is abusing Microsoft Teams messages to send malicious attachments that install the DarkGate Loader malware.

  • Conti ransomware

The Week in Ransomware - September 8th 2023 - Conti Indictments

  • It started as a slow ransomware news week but slowly picked up pace with the Department of Justice announcing indictments on TrickBot and Conti operations members.

  • Notepad++

Notepad++ 8.5.7 released with fixes for four security vulnerabilities

  • Notepad++ version 8.5.7 has been released with fixes for multiple buffer overflow zero-days, with one marked as potentially leading to code execution by tricking users into opening specially crafted files.

  • Medical Health Hospital Patient

Ragnar Locker claims attack on Israel's Mayanei Hayeshua hospital

  • The Ragnar Locker ransomware gang has claimed responsibility for an attack on Israel's Mayanei Hayeshua hospital, threatening to leak 1 TB of data allegedly stolen during the cyberattack.

  • Dymocks

Dymocks Booksellers suffers data breach impacting 836k customers

  • Dymocks Booksellers is warning customers their personal information was exposed in a data breach after the company's database was shared on hacking forums.

  • Cisco

Cisco warns of VPN zero-day exploited by ransomware gangs

  • Cisco is warning of a CVE-2023-20269 zero-day vulnerability in its Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) that is actively exploited by ransomware operations to gain initial access to corporate networks.

  • Windows 11 HDR

Microsoft Paint in Windows 11 gets a background removal tool

  •  Microsoft is rolling out a new version of the Paint application on Windows 11 Insider builds that can remove the background from any picture with the click of a button.

  • CISA

CISA warns of critical Apache RocketMQ bug exploited in attacks

  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added to its catalog of known exploited vulnerabilities (KEV) a critical-severity issue tracked as CVE-2023-33246 that affects Apache's RocketMQ distributed messaging and streaming platform.

  • Hacker Airplane

Iranian hackers breach US aviation org via Zoho, Fortinet bugs

  • State-backed hacking groups have breached a U.S. aeronautical organization using exploits targeting critical Zoho and Fortinet vulnerabilities, a joint advisory published by CISA, the FBI, and the United States Cyber Command (USCYBERCOM) revealed on Thursday.

  • Google Chrome Flare

Google is enabling Chrome real-time phishing protection for everyone

  • Google announced today that it is bringing additional security to the Google Chrome standard Safe Browsing feature by enabling real-time phishing protection for all users. 

  • Apple Triangle

Apple zero-click iMessage exploit used to infect iPhones with spyware

  • Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a zero-click exploit chain (dubbed BLASTPASS) to deploy NSO Group's Pegasus commercial spyware onto fully patched iPhones.

  • Cisco

Cisco BroadWorks impacted by critical authentication bypass flaw

  • A critical vulnerability impacting the Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow remote attackers to forge credentials and bypass authentication.

  • Google

Google Looker Studio abused in cryptocurrency phishing attacks

  • Cybercriminals are abusing Google Looker Studio to create counterfeit cryptocurrency phishing websites that phish digital asset holders, leading to account takeovers and financial losses.

  • Lazarus

Microsoft: North Korean hackers target Russian govt, defense orgs

  • Microsoft says North Korean hacking groups have breached multiple Russian government and defense targets since the start of the year.



Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.