Google Play is not harbouring Android malware termed “GoldDigger”, which illegally extracts funds from banking apps, according to a company statement. Cybersecurity researchers Group-IB detected the Trojan, which is targeting Vietnamese financial organisations, in August and has alerted clients worldwide. GoldDigger impersonates a government portal and energy company and uses legitimate software Virbox Protector to evade detection. The malware is currently undetected in the Asia Pacific region and uses fake apps to exploit victims.

Lazarus Hackers Exploiting IIS Servers to Deploy ASP-based Web Shells
The Lazarus group has launched sophisticated attacks on South Korean web servers, deploying ASP-based web shells as first-stage Command and Control (C2) servers. These attacks,