SpyLoan Android malware on Google play installed 8 million times
A new set of 15 SpyLoan apps with over 8 million installs was discovered on Google Play, targeting primarily users from South America, Southeast Asia, and Africa. [...]
America covers cybersecurity incidents, policy, privacy, public services, advisories, and regional developments affecting digital security.
Search across headline titles and summaries.
Background for this topic.
America covers cybersecurity and information-security developments connected to America, including incidents, policy, privacy, advisories, research, and news affecting organizations, public services, and digital systems in the area.
For practitioners, the tag provides geographic context for developments involving America's organizations, services, partners, and users. Individual articles provide the specific technologies, threats, sectors, and operational implications relevant to each development.
A new set of 15 SpyLoan apps with over 8 million installs was discovered on Google Play, targeting primarily users from South America, Southeast Asia, and Africa. [...]
A Russian cybercriminal wanted in the U.S. in connection with LockBit and Hive ransomware operations has been arrested by law enforcement authorities in the country
A Moscow-based company sanctioned by the U.S. earlier this year has been linked to yet another influence operation designed to turn public opinion against Ukraine and erode Western support since at least December 2023
A 59-year-old U.S. citizen who immigrated from the People's Republic of China (PRC) has been sentenced to four years in prison for conspiring to act as a spy for the country and sharing sensitive information about his employer with China's principal civilian intelligence agency
President-Elect's Crypto Push Fuels Concerns Over Market Stability and ConflictsPresident-elect Donald Trump’s strong cryptocurrency support amid market volatility is raising concerns over potential conflicts of interest, with experts warning his agenda - including potential plans to appoint a White House crypto czar - could destabilize the economy and undermine public trust.
Also: Python Library Update Steals Credentials; Drug Cartels Launder With TetherThis week's cryptohack roundup includes a U.S. federal judge striking down the SEC's expanded "Dealer Rule," a Python crypto library update stealing credentials, why digital payment apps are being excluded from some types of federal oversight, and drug cartels laundering profits via Tether.
U.S. telecom service provider T-Mobile said it recently detected attempts made by bad actors to infiltrate its systems in recent weeks but noted that no sensitive data was accessed
Plus, a brand-new backdoor, GhostSpider, is linked to the cyber-spy crew's operations The reach of the China-linked Salt Typhoon gang extends beyond American telecommunications giants, and its arsenal includes several backdoors, including a brand-new malware dubbed GhostSpider, according to Trend Micro researchers.…
T-Mobile Blocks Hackers But Warns Other U.S. Networks May Be CompromisedT-Mobile disputed claims Wednesday that Chinese state-sponsored hackers breached its systems and stole customer data, warning that some U.S. communications networks may still be compromised and detailing how its layered defenses and third-party cybersecurity partnerships thwarted the attack.
Department of Treasury Overstepped its Authority, Fifth Circuit RulesA U.S. federal appeals court ruled U.S. Department of Treasury exceeded its authority by sanctioning Tornado Cash, a cryptocurrency mixing service used by North Korean hackers to launder more than $455 million. Smart contracts "are not capable of being owned," the court ruled.
Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake, but a third suspect -- a prolific hacker known as Kiberphant0m -- remains at large and continues to publicly extort victims. However, this person's identity may not remain a secret for long: A careful review of Kiberphant0m's daily chats across multiple cybercrime personas suggests they are a U.S. Army soldier who is or was recently stationed in South Korea.
Pentagon Seeking Industry Feedback in Developing New AI Contract VehicleThe U.S. Department of Defense is seeking industry proposals for a new artificial intelligence contract vehicle to help revamp its multi-domain analytics platform, Advana, according to a newly released draft solicitation. The new contract vehicle could extend through July 2035.
HHS OIG: Current Audit Program Is Not Pushing Entities Enough to Improve CyberThe U.S. Department of Health and Human Services' Office for Civil Rights should restart and toughen the scope of its HIPAA audits. A watchdog agency says HHS needs to better assess whether regulated healthcare organizations are taking required actions to reduce their cybersecurity risk.
'You Wonder, Should I Just Spend It on a Place to Stay in America For a Week'Revisions to U.K. government research funding guidelines and their complex application pose a challenge to early-stage tech companies, experts on Tuesday told a parliamentary committee inquiry. "We have definitely had issues," said Peadar Coyle, founder of AudioStack.
In case anyone forgot about Change Healthcare American hospitals and healthcare organizations would be required to adopt multi-factor authentication (MFA) and other minimum cybersecurity standards under new legislation proposed by a bipartisan group of US senators. …
America's Cyber Defense Agency has received evidence of hackers actively exploiting a remote code execution vulnerability in SSL VPN products Array Networks AG and vxAG ArrayOS. [...]
Russian-based RomCom cybercrime group chained two zero-day vulnerabilities in recent attacks targeting Firefox and Tor Browser users across Europe and North America. [...]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched critical security flaw impacting Array Networks AG and vxAG secure access gateways to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation in the wild
npm package @lottiefiles/lottie-player hacked with malicious code, draining crypto wallets via web3 pop-ups
National Security Officials Share Intelligence on a Cyberespionage CampaignThe White House on Friday hosted U.S. telecommunications executives to review the country's cyber resilience posture and share intelligence pertaining to China's "significant cyberespionage campaign targeting the sector," which the FBI continues to probe.