Malware Hidden in Resumes

To me this is a really interesting story, from the point that attackers will use just about any means to get their payload to a victim. This time, the bad guys are injecting malware into resumes. They are targeting companies with a phishing campaign which hides the malware (Quasar RAT) in resumes, which are sent as email attachments. This is certainly a clever attack threat, given that most resumes are from potential candidates which employee's at the company don't know (so there goes the whole "don't open attachments from those you don't know" out of the window).

You can read more at https://www.infosecurity-magazine.com/news/phishing-campaign-hides-malware-in/

More Android Adware Apps

Two Android Apps in the Google Play Store, which collectively had 1.5 million downloads, used a trick to secretly click on ads without the smartphone user's knowledge. This lead to a drain on battery and increased data usage. The trick was to display the ads on screen, but in such a way that those ads were not visible to the smartphone user. Both apps were in the Play Store for almost a year.

You can read more at https://www.zdnet.com/article/these-two-android-apps-with-1-5-million-downloads-were-secretly-clicking-on-ads/