Tag Archive for: Emerges

New Chameleon Android malware variant emerges with fingerprint lock bypass capability


A new variant of Chameleon Android malware has been found in the wild with new features, notable among them the ability to bypass fingerprint locks.

The Chameleon Android banking trojan first entered the scene in early 2023 with a primary focus on mobile banking applications in Australia and Poland but has since expanded into other countries, including the U.K. and Italy. The malware uses multiple loggers but has somewhat limited functionality.

Earlier versions of Chameleon could perform actions on behalf of the victim, with those behind the malware able to undertake account and device takeover attacks. As detailed Dec. 21 by researchers at ThreatFabric, Chameleon has traditionally abused the Android Accessibility Service to steal sensitive information from endpoints and mount overlay attacks.

However, the new version comes with two changes: the ability to bypass biometric prompts and the ability to display an HTML page to enable accessibility service in devices implementing Android 13’s “Restricted Settings” feature. According to the researchers, the enhancements elevate the sophistication and adaptability of the new Chameleon variant, making it a more potent threat in the ever-evolving landscape of mobile banking trojans.

Source…

Novel DJVU ransomware variant emerges



Novel DJVU ransomware variant emerges Attacks involving the use of cracked software have been distributing a novel version of the DJVU ransomware dubbed “Xaro” for its use of the .xaro extension for …

Source…

Novel HijackLoader malware loader gains traction, updated RisePro infostealer emerges – SC Media



Novel HijackLoader malware loader gains traction, updated RisePro infostealer emerges  SC Media

Source…

Protect AI emerges from stealth and raises $13.5 million


Protect AI emerged from stealth with $13.5 million seed funding and its first product, NB Defense.

NB Defense addressess vulnerabilities in a core component used at the beginning of the machine learning supply chain – Jupyter Notebooks. This is a rapidly growing security issue which is increasing significantly annually as more organizations move machine learning into production environments. Today, there are over 10M publicly accessible notebooks, growing by 2M+ annually, with many more in private repositories.

The company was founded by a proven leadership team who have led some of the largest and most successful AI businesses from AWS and Oracle, with strong track records of creating new market categories and launching successful startups in the ML space.

The round was co-led by successful cybersecurity investors Acrew Capital and boldstart ventures. Mark Kraynak and Ed Sim, respectively, join the Protect AI Board of Directors. Additional investors include Knollwood Capital, Pelion Ventures, Avisio Ventures, and experienced cybersecurity leaders Shlomo Kramer, Nir Polak, and Dimitri Sirota.

“As enterprises put AI/ML in production it must be protected commensurate with the value it delivers. I have seen more than one hundred thousand customers deploy AI/ML systems, and realized they introduce a new and unique security threat surface that today’s cybersecurity solutions in the market do not address,” said Ian Swanson, co-founder and CEO, Protect AI.

“This is why we founded Protect AI. ML developers and security teams need new tools, processes, and methods that secure their AI systems. Since nearly all ML code begins with a notebook, we thought that’s the most logical place to start so that we can accelerate a needed industry transition. We are launching a free product that helps usher in this new category of MLSecOps to build a safer AI-powered world, starting now. But, we have many more innovations that will be released quickly across the entire ML supply chain.”

As MLOps has helped increase the velocity of machine learning being used in production, opportunities for security incidents have increased and new vulnerabilities have been created in the…

Source…