{"id":10884,"date":"2017-12-18T11:10:13","date_gmt":"2017-12-18T19:10:13","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/12\/18\/news-4656\/"},"modified":"2017-12-18T11:10:13","modified_gmt":"2017-12-18T19:10:13","slug":"news-4656","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/12\/18\/news-4656\/","title":{"rendered":"A week in security (December 11\u201317)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 18 Dec 2017 18:45:39 +0000<\/strong><\/p>\n<p>Last week we explained <a href=\"https:\/\/blog.malwarebytes.com\/101\/2017\/12\/a-state-of-constant-uncertainty-or-uncertain-constancy-fast-flux-explained\/\" target=\"_blank\" rel=\"noopener\">what fast flux is and how it&#8217;s being abused<\/a>, we showed you all kinds of\u00a0<a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/12\/theres-a-hole-in-my-bucket-bitcoin-scams-aim-to-exploit-volatile-market\/\" target=\"_blank\" rel=\"noopener\">Bitcoin-related scams<\/a>, presented a video recording of a <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/12\/tech-support-scammer-tries-to-get-into-your-router-sell-free-software\/\" target=\"_blank\" rel=\"noopener\">tech support scammer trying to sell free software<\/a>, and pointed out some free software to keep an eye on your <a href=\"https:\/\/blog.malwarebytes.com\/101\/2017\/12\/free-tools-internet-traffic-monitoring\/\" target=\"_blank\" rel=\"noopener\">Internet traffic<\/a>. We also informed you about an <a href=\"https:\/\/blog.malwarebytes.com\/malwarebytes-news\/2017\/12\/exosrv-com-ad-server-adult-sites-tops-malwarebytes-detections\/\" target=\"_blank\" rel=\"noopener\">ad server found predominantly on adult websites<\/a>, which has taken the lead in the number of URLs blocked by our web protection module.<\/p>\n<h3>Other news<\/h3>\n<ul>\n<li><a href=\"https:\/\/www.techspot.com\/news\/72288-south-korea-tackle-bitcoin-frenzy-strict-new-rules.html\" target=\"_blank\" rel=\"noopener\">South Korea is preparing a bill<\/a> that will ban minors and foreigners from trading in cryptocurrencies or opening investment accounts for them within South Korea. (Source: Techspot)<\/li>\n<li>Security researchers have publicly disclosed an unpatched zero-day <a href=\"https:\/\/thehackernews.com\/2017\/12\/directv-wvb-hack.html\" target=\"_blank\" rel=\"noopener\">vulnerability in the firmware of AT&amp;T DirecTV WVB kit<\/a> after trying to get the device manufacturer to patch this flaw over the past few months. (Source: The Hacker News)<\/li>\n<li>Intel will implement a <a href=\"https:\/\/www.theregister.co.uk\/2017\/12\/13\/intel_management_engine_gets_hardwarebased_lock\/\" target=\"_blank\" rel=\"noopener\">hardware lock on management engine<\/a> equipped chips to defend against patch rollbacks. (Source: The Register)<\/li>\n<li>Dutch security firm <a href=\"https:\/\/www.fox-it.com\/en\/insights\/blogs\/blog\/fox-hit-cyber-attack\/\" target=\"_blank\" rel=\"noopener\">Fox-IT handled a security breach<\/a> in an <a href=\"http:\/\/securityaffairs.co\/wordpress\/66764\/hacking\/fox-it-security-breach.html\" target=\"_blank\" rel=\"noopener\">exemplary way<\/a> after a man-in-the-middle (MitM) attack. (Sources: Fox-IT and Security Affairs)<\/li>\n<li>Lawsuit based on a surreptitiously recorded phone call claims <a href=\"https:\/\/www.businessinsider.nl\/adtrader-class-action-lawsuit-vs-google-claims-millions-not-refunded-to-advertisers-2017-12\/?international=true&amp;r=US\" target=\"_blank\" rel=\"noopener\">Google doesn\u2019t refund advertisers<\/a> who spend money on fraudulent clicks. (Source: Business Insider)<\/li>\n<li><a href=\"https:\/\/hotforsecurity.bitdefender.com\/blog\/australian-airport-hack-was-a-near-miss-says-governments-cybersecurity-expert-19326.html\" target=\"_blank\" rel=\"noopener\">Australian airport hack<\/a> was \u201ca near miss,\u201d says government\u2019s cybersecurity expert, and could easily have been prevented. (Source: Hot for Security)<\/li>\n<li>Hackers utilizing the <a href=\"http:\/\/www.zdnet.com\/article\/hackers-use-triton-malware-to-shut-down-plant-industrial-systems\/\" target=\"_blank\" rel=\"noopener\">Triton malware<\/a> have managed to close down industrial operations in the Middle East, researchers warned. (Source: ZDNet)<\/li>\n<li>A two-decade-old security hole lets hackers <a href=\"https:\/\/www.theregister.co.uk\/2017\/12\/13\/robot_tls_rsa_flaw\/\" target=\"_blank\" rel=\"noopener\">unlock encrypted data<\/a> and was found in the software of at least eight IT vendors and open-source projects. (Source: The Register)<\/li>\n<li>MoneyTaker, a cybercriminal group believed to be operating out of Russian-speaking territories, has hit at least <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/moneytaker-hacker-group-steals-millions-from-us-and-russian-banks\/\" target=\"_blank\" rel=\"noopener\">20 banks and financial companies<\/a> and stolen millions of US dollars in the process. (Source: BleepingComputer)<\/li>\n<li>Politicians from California, Washington, and New York said they&#8217;ll use a mix of legislative action and legal moves to <a href=\"https:\/\/www.cnet.com\/news\/california-washington-take-action-after-net-neutrality-vote\/?ftag=COS-05-10-aaa0a&amp;linkId=45912129\" target=\"_blank\" rel=\"noopener\">fight the FCC&#8217;s repeal of net neutrality regulation<\/a>, shortly after the vote. (Source: Cnet)<\/li>\n<\/ul>\n<p>Stay safe, everyone!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2017\/12\/week-in-security-december-11-december-17\/\">A week in security (December 11\u201317)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2017\/12\/week-in-security-december-11-december-17\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 18 Dec 2017 18:45:39 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2017\/12\/week-in-security-december-11-december-17\/' title='A week in security (December 11\u201317)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2017\/12\/shutterstock_527624266.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A compilation of notable security news and blog posts from December 11 to December 17, including the net neutrality ruling, adult site advertising, and Bitcoin-related scams.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/\" rel=\"category tag\">Security world<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/airport-hack\/\" rel=\"tag\">airport hack<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/crypto-currencies\/\" rel=\"tag\">crypto-currencies<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/fox-it\/\" rel=\"tag\">fox-it<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/management-engine\/\" rel=\"tag\">management engine<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/moneytaker\/\" rel=\"tag\">moneytaker<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/net-neutraility\/\" rel=\"tag\">net neutraility<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/triton\/\" rel=\"tag\">triton<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/weekly-blog-roundup\/\" rel=\"tag\">weekly blog roundup<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2017\/12\/week-in-security-december-11-december-17\/' title='A week in security (December 11\u201317)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2017\/12\/week-in-security-december-11-december-17\/\">A week in security (December 11\u201317)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[16999,17000,17001,17002,17003,17004,10497,17005,10498,10506],"class_list":["post-10884","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-airport-hack","tag-crypto-currencies","tag-fox-it","tag-management-engine","tag-moneytaker","tag-net-neutraility","tag-security-world","tag-triton","tag-week-in-security","tag-weekly-blog-roundup"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/10884","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=10884"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/10884\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=10884"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=10884"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=10884"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}