- Pegasus Spyware Discovered in Android
Pegasus Spyware is previously found in devices which are running iOS. It was found attacking iPhone devices in August 2016. Pegasus uses three zero-day vulnerabilities in iOS, which at that time were not identified. Pegasus spyware is again back but this time is in android. According to researcher Google and Lookout cyber security firm, there is present of Pegasus spyware in android devices. Successful exploitation could allow an attacker to installed a keylogger, Screenshot capture, Live audio capture, Remote control of the malware via SMS, data exfiltration from common applications including WhatsApp, Skype, Facebook, Twitter, Viber, Kakao, Browser history exfiltration, Email exfiltration from Android’s Native Email client, Contacts and text message. During the investigation, investigators are not sure whether the developers of android Pegasus used any zero-day vulnerabilities for exploiting devices.
Cyber Security Tips: Users are recommended that install application from trusted sources only, check the permission while installing applications, keep your device password protected, keep your application up-to date, enable ‘verify apps’ feature from settings and keep using updated antivirus.
- Apache Struts Flaw Used to Deliver Cerber Ransomware
Apache has recently patched Struts 2 vulnerability. Researcher warns A recently these 2 vulnerabilities has been exploited by the cybercriminals to deliver Cerber ransomware to Windows systems. The flaw, tracked as CVE-2017-5638, can be exploited for remote code execution. In various cases, attackers targeted UNIX systems with backdoors and distributed denial-of-service (DDoS) bots. Once the ransomware installed successfully on the system then it asking for the ransom to get back your encrypted data. The Apache Struts vulnerability has been found to affect many products, including from Cisco and VMware according to news published by SecurityWeek.
Cyber Security Tips: Users are recommended to improve their cyber security, keep using updated antivirus and antimalware to detect ransomware until the issue fix.