Godfather Banking Trojan Masquerades as Legitimate Google Play App

The malware has resurfaced, using an icon and name similar to the legitimate Google Play app MYT Music, a popular app with more than 10 million downloads. [TechWeb]( Follow Dark Reading: [RSS]( December 22, 2022 LATEST SECURITY NEWS & COMMENTARY [Godfather Banking Trojan Masquerades as Legitimate Google Play App]( The malware has resurfaced, using an icon and name similar to the legitimate Google Play app MYT Music, a popular app with more than 10 million downloads. [Ransomware Attackers Bypass Microsoft's ProxyNotShell Mitigations With Fresh Exploit]( The Play ransomware group was spotted exploiting another little-known SSRF bug to trigger RCE on affected Exchange servers. ['Russian Hackers' Help Fraudsters Hijack JFK Airport's Taxi Dispatch]( DoJ charges allege they hacked into the taxi dispatch system for profit, selling the ability for cab drivers to skip the line for picking up a fare at JFK terminals. [Why Security Teams Shouldn't Snooze on MFA Fatigue]( Employee education, biometric and adaptive authentication, and zero trust can go a long way in strengthening security. [Name That Toon: Kiss and Tell]( Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Microsoft Warns on 'Achilles' macOS Gatekeeper Bypass]( The latest bypass for Apple's application-safety feature could allow malicious takeover of Macs. ['Blindside' Attack Subverts EDR Platforms From Windows Kernel]( The technique loads a nonmonitored and unhooked DLL, and leverages debug techniques that could allow for running arbitrary code. [Protecting Hospital Networks From 'Code Dark' Scenarios]( Asset inventory, behavioral baselining, and automated response are all key to keeping patients healthy and safe. [MORE]( EDITORS' CHOICE [AWS Elastic IP Transfer Feature Gives Cyberattackers Free Range]( Threat actors can take over victims' cloud accounts to steal data, or use them for command-and-control for phishing attacks, denial of service, or other cyberattacks. LATEST FROM THE EDGE [Understanding the 3 Classes of Kubernetes Risk]( The first step toward securing Kubernetes environments is understanding the risks they pose and identifying the ways in which those risks can be mitigated. LATEST FROM DR TECHNOLOGY [How to Run Kubernetes More Securely]( The open source container tool is quite popular among developers — and threat actors. Here are a few ways DevOps teams can take control. WEBINARS - [Network Segmentation and Microsegmentation: Keys to the Next Generation of Enterprise Defense]( Stolen credentials allow attackers to move laterally within the IT environment to steal information and cause damage - all the while looking like a legitimate user. Or a ransomware attack tries to encrypt as many systems as possible to hold ... - [Zero Trust Security 101: What You Need to Know Before Getting Started]( With varying definitions, variations, and approaches floating around the cybersecurity ecosystem, it can be difficult to get a clear view of what exactly zero trust is, what it means, and what it takes to get it done. In this webinar, ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( - [State of Email Security]( - [Ransomware Resilience and Response: The Next-Generation]( - [Ransomware Is On The Rise]( - [State of Ransomware Readiness: Facing the Reality Gap]( - [How Hybrid Work Fuels Ransomware Attacks]( [View More White Papers >>]( FEATURED REPORTS - [10 Hot Talks From Black Hat USA 2022]( Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ... - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Heartland Alliance Provides Notice of Data Security Incident]( [Trend Micro Joins Google’s App Defense Alliance]( [Kaspersky Research Finds Reverse Engineering Is the Most On-Demand Skill Among InfoSec Specialists]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [The Promise and Reality of Cloud Security]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2022]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)