Afternoon Dessert - 2022-11-11

Welcome to another Afternoon Dessert breakout:

These Two Google Play Store Apps Spotted Distributing Xenomorph Banking Trojan
Google has removed two new malicious dropper apps that have been detected on the Play Store for Android, one of which posed as a lifestyle app and was caught distributing the Xenomorph banking malware. "Xenomorph is a trojan that steals credentials from banking applications on users' devices," Zscaler ThreatLabz researchers Himanshu Sharma and Viral Gandhi said in an analysis published Thursday.
Read more....

VPN vs. DNS Security
When you are trying to get another layer of cyber protection that would not require a lot of resources, you are most likely choosing between a VPN service & a DNS Security solution. Let's discuss both.  VPN Explained VPN stands for Virtual Private Networks and basically hides your IP and provides an encrypted server by redirecting your traffic via a server run by a VPN host. It establishes a
Read more....

Emergency code execution patch from Apple – but not an 0-day
Not a zero-day, but important enough for a quick-fire patch to one system library...
Read more....

S3 Ep108: You hid THREE BILLION dollars in a popcorn tin?
Patches, busts, leaks and why even low-likelihood exploits can be high-severity risks - listen now!
Read more....

Experts Uncover Two Long-Running Android Spyware Campaigns Targeting Uyghurs
Two long-running surveillance campaigns have been found targeting the Uyghur community in China and elsewhere with Android spyware tools designed to harvest sensitive information and track their whereabouts. This encompasses a previously undocumented malware strain called BadBazaar and updated variants of an espionage artifact dubbed MOONSHINE by researchers from the University of Toronto's
Read more....

Microsoft confirms gaming performance issues on Windows 11 22H2
Microsoft is working on a fix for a new known issue behind lower-than-expected performance or stuttering in some games on systems running Windows 11 22H2. [...]
Read more....

New BadBazaar Android malware linked to Chinese cyberspies
A previously undocumented Android spyware tool named 'BadBazaar' has been discovered targeting ethnic and religious minorities in China, most notably the Uyghurs in Xinjiang. [...]
Read more....

U.S. seized 18 web domains used for recruiting money mules
The FBI and U.S. Postal Inspection Service have seized eighteen web domains used to recruit money mules for work-from-home and reshipping scams. [...]
Read more....

Dangerous SIM-swap lockscreen bypass – update Android now!
A bit like leaving the front door keys under the doormat...
Read more....

Canadian food retail giant Sobeys hit by Black Basta ransomware
Grocery stores and pharmacies belonging to Canadian food retail giant Sobeys have been experiencing IT systems issues since last weekend. [...]
Read more....