As we continue to depend on an increasing number of interconnected technologies, the amount of vulnerabilities being identified is growing. Many times researchers can earn rewards for finding bugs, but sometimes companies do not respond, leaving researchers to determine when it is time to warn the public of an unaddressed issue.
BleepingComputer reports that more than 12 million Android devices have collectively downloaded 18 malicious loan apps dubbed "SpyLoan," which could exfiltrate not only call logs, local Wi-Fi network information, and image metadata but also text messages, location information, and contact lists.
Organizations in the government, real estate, telecommunications, retail, and other sectors across the U.S., Africa, and the Middle East have been subjected to intrusions under the new CL-STA-0002 threat cluster.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news