Doctor Web | Breaking Cybersecurity News | The Hacker News

Budget Android device models that are counterfeit versions associated with popular smartphone brands are harboring multiple trojans designed to target WhatsApp and WhatsApp Business messaging apps. The malware, which Doctor Web first came across in July 2022, were discovered in the system partition of at least four different smartphones: P48pro, radmi note 8, Note30u, and Mate40, was "These incidents are united by the fact that the attacked devices were copycats of famous brand-name models," the cybersecurity firm  said  in a report published today. "Moreover, instead of having one of the latest OS versions installed on them with the corresponding information displayed in the device details (for example, Android 10), they had the long outdated 4.4.2 version." Specifically, the tampering concerns two files "/system/lib/libcutils.so" and "/system/lib/libmtd.so" that are modified in such a manner that when the libcutils.so system library is us

Russian anti-virus company Doctor Web is warning users about the malicious program which is helping attackers carry out mass spam mailings and allow attacker to use victim's PC as slave of his DDOS Army. According to researchers from the company they have discovered a Trojan " Trojan.Proxy.23012 " application that uses a rare method of distribution through peer networks. " The botnet, consisting of Trojan.Proxy.23012-infected computers, is used by criminals to control proxy servers for the purpose of using them to send spam upon command ". An example of such a spam message is shown in the screenshot below. This Malware work as: 1.) Using peer to peer network it will download the executable file and that will be a encrypted malicious module. A very interesting algorithm used by the Trojan to download the infected computer other malware. 2.) After successfully decrypt it launches another module that reads the image in computer memory or other malicious applica

Wing Security recently announced that basic third-party risk assessment is  now available as a free product . But it raises the questions of how SaaS is connected to third-party risk management (TPRM) and what companies should do to ensure a proper SaaS-TPRM process is in place. In this article we will share 5 tips to manage the third-party risks associated with SaaS, but first...  What exactly is Third-Party Risk Management in SaaS? SaaS is rapidly growing, offering businesses convenience, swift implementations, and valuable opportunities. However, this growth introduces a security challenge where risks arise from the interconnected nature of SaaS supply chains. It is clear that before onboarding a new contractor or vendor, we need due diligence, security checks, and referrals. However, we now understand that in the SaaS domain, applications are, in fact, the go-to vendor of choice.  Let's explain: Any employee can very easily connect SaaS vendors to company data, granting them pe