Security researchers at the Lookout Threat Lab have identified a new rooting malware distributed on Google Play and prominent third-party stores such as the Amazon Appstore and the Samsung Galaxy Store. We named the malware “AbstractEmu” after its use of code abstraction and anti-emulation checks to avoid running while under analysis. A total of 19 related applications were uncovered, seven of which contain rooting functionality, including one on Play that had more than 10,000 downloads.

Sumo Logic is constantly improving our Cloud SIEM solution to meet the needs and demands of our current and future customers and help them modernize their security operations. Via our cloud-native platform, our engineers perform continuous delivery of product features and improvements to all Cloud SIEM customers—simultaneously—several times each week.

Even though cloud computing isn’t all that new anymore, learning how to use it effectively can be overwhelming. It’s unfortunately very easy to make mistakes.

The coronavirus pandemic has accelerated the massive increase in using cloud computing services. As the world progresses through its online evolution, cloud computing services have become more of a necessity. However, along with businesses, cybercriminals have also seen this virtualization as a means of snagging more prey. The rapid increase in cloud computing services has made organizations face novel security challenges.

BazarLoader (sometimes referred to as BazaLoader) is a popular downloader among criminals, used to distribute multiple malicious payloads including Ryuk and Conti ransomware. According to a recent report by Phishlabs, during Q3 2021 this malware accounted for 24.7% of all attacks, earning the unwelcome accolade of being the most common payload.

iOS is the operating system which powers Apple’s iPhone devices, and includes the special version iPadOS which runs on iPads. Apple claims it to be particularly secure, at least partly as a result of the limitations they place on what it is able to run. But regardless of how secure the OS is, apps built for it still need to be written in a secure way. Getting it wrong will leave your customers vulnerable.

A few hours ago, an npm package with more than 7 million weekly downloads was compromised. It appears an ATO (account takeover) occurred in which the author’s account was hijacked either due to a password leakage or a brute force attempt (GitHub discussion).