More than 400 apps available via the official Google Play Store contain the Dresscode Trojan malware, according to researchers.
The Dresscode malware first appeared in April: once downloaded by an unwary user, Dresscode can be used by those controlling it to conduct cyberespionage, download sensitive data, or recruit other devices on the network into a botnet.
Cybersecurity researchers at Trend Micro have warned that over 400 instances of Dresscode malware are available for download from the Google Play store where, using a similar technique to the Viking Horde malware, it masquerades as a legitimate application to trick the user into downloading it.
Digital Defense announced today that it privately revealed a set of five zero-day vulnerabilities in Dell EMC's vApp Manager for Unisphere for VMAX, a Web application used to manage all of EMC's storage platforms. The flaws would allow an attacker with access to the network storage devices to send malicious Adobe Flash Action Message Format (AMF) messages to the Web application server running on the storage system. That means attackers could run arbitrary commands against the storage system and potentially gain complete control of the storage devices or shut them down. The flaws have been patched by EMC via security advisories on the vulnerabilities available only to Dell EMC customers.