Lunch Time Nibbles – 2022-12-01


Welcome to another Lunch Time breakout:

Schoolyard Bully Trojan Apps Stole Facebook Credentials from Over 300,000 Android Users
More than 300,000 users across 71 countries have been victimized by a new Android threat campaign called the Schoolyard Bully Trojan.
Mainly designed to steal Facebook credentials, the malware is camouflaged as legitimate education-themed applications to lure unsuspecting users into downloading them.
The apps, which were available for download from the official Google Play Store, have now been
Read more….

LastPass Suffers Another Security Breach; Exposed Some Customers Information
Popular password management service LastPass said it’s investigating a second security incident that involved attackers accessing some of its customer information.
“We recently detected unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its affiliate, GoTo,” LastPass CEO Karim Toubba said.
GoTo, formerly called LogMeIn, acquired LastPass
Read more….

Researchers ‘Accidentally’ Crash KmsdBot Cryptocurrency Mining Botnet Network
An ongoing analysis into an up-and-coming cryptocurrency mining botnet known as KmsdBot has led to it being accidentally taken down.
KmsdBot, as christened by the Akamai Security Intelligence Response Team (SIRT), came to light mid-November 2022 for its ability to brute-force systems with weak SSH credentials.
The botnet strikes both Windows and Linux devices spanning a wide range of
Read more….

Researchers Disclose Critical RCE Vulnerability Affecting Quarkus Java Framework
A critical security vulnerability has been disclosed in the Quarkus Java framework that could be potentially exploited to achieve remote code execution on affected systems.
Tracked as CVE-2022-4116 (CVSS score: 9.8), the shortcoming could be trivially abused by a malicious actor without any privileges.
“The vulnerability is found in the Dev UI Config Editor, which is vulnerable to drive-by
Read more….

What Developers Need to Fight the Battle Against Common Vulnerabilities
Today’s threat landscape is constantly evolving, and now more than ever, organizations and businesses in every sector have a critical need to consistently produce and maintain secure software. While some verticals – like the finance industry, for example – have been subject to regulatory and compliance requirements for some time, we are seeing a steady increase in attention on cybersecurity best
Read more….

Follow for more…


Create a website or blog at

%d bloggers like this: