Posts

Minecraft Modpacks Carrying Malware Returned to the Play Store Under New Names| TechNadu


  • The authors of adware-ridden Minecraft modpack apps have found a way into the Play Store again.
  • The apps now use an extra module that adds more functions like opening app pages or YouTube videos.
  • Keeping malware outside the Play Store is practically impossible, so users are advised to pick their apps carefully.

Back in November 2020, Kaspersky discovered several fake Minecraft “modpack” apps on the Play Store, which had the sole purpose of infecting unsuspecting users with adware. After the apps were reported to Google and quickly removed, their authors had to return to the drawing board, and according to Kaspersky’s latest report, they did. The malware-ridden apps have returned on the Google Play Store, albeit under new names and themes, and also with some additional hiding tricks under their sleeve.

More specifically, Kaspersky decided to look at the currently available Minecraft modpack apps again and was not surprised to find that many of them were again adware. The addition this time comes in the form of an extra module fetched by the apps after installation, enabling them to carry out more functions. These include hiding their icons, run the browser, play YouTube videos, open Google Play app pages, and more.

Of course, the apps download this module after their installation to evade review-stage rejections and also to secure the granting of risky permissions from the user. As such, this is yet another reminder to pay attention to what is requested from you on the permissions prompt and not just approve anything that is thrown at you.

Source: Kaspersky

In addition to the Minecraft mods, which appears to be a pretty risky category, Kaspersky mentions an app named “File Recovery – Recover Deleted Files” v1.1.0, which carries the same adware. The app has been available on the Play Store until late February 2021, so there’s a good chance that a significant number of Android devices still have it. After its removal at that point, the developers uploaded a clean version, number 1.1.1, which isn’t dangerous to use.

More recent examples come in the form of fake Madgicx and fake TikTok ad-management apps, which are basically just phishing Facebook accounts…

Source…

Biden Names Chris Inglis to Be First National Cyber Director

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.


His former colleagues at the National Security Agency credit Mr. Inglis with leading the agency through one of the darkest periods in its history, after leaks from Edward J. Snowden, a former contractor who stole tens of thousands of classified documents and shared them with journalists.

His arrival in the Biden administration comes as the United States is contemplating responses to the Russian SolarWinds operation, in which hackers got into network management software used by most of America’s largest companies and many government agencies, and what appears to be a Chinese exploitation of Microsoft servers.

The administration’s response to those attacks is likely to come before Mr. Inglis is confirmed, which will likely take months. Jake Sullivan, the national security adviser, has promised a series of “seen and unseen” responses to the SolarWinds attack. Officials have said a public response is coming, but no announcements are expected this week.

Some in the Biden administration had worried about creating competing power centers by appointing a national cyber director. But officials said their concerns had been resolved by tapping Mr. Inglis, someone who has strong ties on Capitol Hill and has worked closely with Anne Neuberger, the deputy national security adviser at the White House for cyber issues.

Mr. Inglis, Ms. Neuberger and Ms. Easterly have all worked closely together in the past. While some critics of the National Security Agency have questioned the fact that all three spent significant portions of their careers at the agency, others described the experience as an asset.

“I can’t think of anyone who has more unique insight into the history, creation and congressional intent behind this position,” said Frank J. Cilluffo, the director for Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security, who served on the commission with Mr. Inglis. “He knows what it will take to fulfill the mission and to succeed.”

Colleagues describe Ms. Easterly, a graduate of the United States Military Academy at West Point who holds a master’s degree in philosophy, politics and economics from the University…

Source…

TrueFort Names Jill Richards Chief Marketing Officer

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


WEEHAWKEN, N.J.–(BUSINESS WIRE)–TrueFort, the application and cloud workload protection company, today announced Jill Richards has joined the company as Chief Marketing Officer. Jill has successfully built and taken several enterprise technology brands to market leadership positions.

“Jill is an award-winning marketer with a proven track record of success taking new technologies to market, building awareness, and driving revenues,” said Sameer Malhotra, CEO of TrueFort. “We are very excited to add her blend of brand and technical marketing expertise to our executive team as we scale TrueFort’s leadership in cloud and application workload protection.”

Prior to joining TrueFort, Jill was Chief Marketing Officer for mobile security innovator Appthority until its acquisition by Symantec. She has served as CMO for disruptors in the philanthropy, e-commerce and big data spaces including Fluxx, Stitch Labs and Terracotta. Jill also co-founded and was Managing Director of boutique strategy and marketing consultancy Gray Wolf Partners, served as Vice President of Marketing at Visto Corporation (now Blackberry) and directed member acquisition and product marketing at Netscape Communications and America Online. Jill holds a BA in International Relations from Pomona College and an MBA from The Anderson School at the University of California, Los Angeles.

“TrueFort has developed truly outstanding technology for reducing enterprise business risk and security team overload with its innovative zero trust application protection platform,” said Jill. “The company is addressing a growing and unmet need for gaining real-time visibility into how applications behave and preventing data breaches before it’s too late. I’m thrilled to join the team to help build TrueFort’s market leadership.”

This hire rounds out a strong fiscal year for TrueFort which saw bookings growth of 700% in 2020 as well as the addition of top tier advisors Motti Finkelstein, former CTO of Citi and Robert Strickland of M37 Ventures. The company also received several major industry awards, including being named one of the Top 25 Cybersecurity Companies of 2020 by TSR, Top Enterprise Threat…

Source…

Trump Vetoes Defense Policy Bill Over Base Names, Unrelated Internet Law

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.


President Trump on Wednesday followed through on his long public threats and vetoed the 2021 National Defense Authorization Act, citing complaints with provisions to rename military bases named for Confederate generals and the lack of change to an unrelated law governing Internet companies.

The annual defense policy bill passed by overwhelming, veto-proof margins in both the House and Senate earlier this month. The bill also included several provisions improving federal workers’ paid leave benefits.

The bill includes a technical fix to the paid parental leave program adopted as part of last year’s Defense authorization act, to ensure all federal employees have access to up to 12 weeks of paid time off in connection with the birth, adoption or foster placement of a child.

It also increases the cap on the amount of annual leave federal workers can carry over at the end of this year by 25%. That provision came in response to the coronavirus pandemic, which has made it more difficult for employees to use their leave. The waiver of the normal leave cap will not apply to lump sum payments made to employees for unused leave when they exit federal service.

Trump vetoed the bill because of a provision requiring the Pentagon to rename military bases named for Confederate military leaders, and the lack of a provision repealing Section 230 of the Communications Decency Act, a law that shields internet companies from liability for what users post online. Although lawmakers in both parties have dismissed this complaint as unrelated to national security, Trump has insisted the NDAA include changes to the law.

“The act fails even to make any meaningful changes to Section 230 of the Communications Decency Act, despite bipartisan calls for repealing that provision,” Trump wrote. “Section 230 facilitates the spread of foreign disinformation online, which is a serious threat to our national security and election security. It must be repealed.”

The House has already scheduled votes for next week to override the veto threat, although it is unclear whether Republicans will continue to support the bill’s passage. Earlier this month, House Minority Leader Kevin McCarthy, R-Calif., said that…

Source…