{"id":11045,"date":"2018-01-09T08:10:07","date_gmt":"2018-01-09T16:10:07","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/01\/09\/news-4816\/"},"modified":"2018-01-09T08:10:07","modified_gmt":"2018-01-09T16:10:07","slug":"news-4816","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2018\/01\/09\/news-4816\/","title":{"rendered":"A week in security (January 1-8)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Tue, 09 Jan 2018 15:48:57 +0000<\/strong><\/p>\n<p>New year, new threats, as 2018 gets underway.<\/p>\n<p>On our blog, we had <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/social-engineering-cybercrime\/2018\/01\/search-engine-shenanigans-malwarebytes-mentions-arent-what-they-seem\/\" target=\"_blank\" rel=\"noopener\">dubious searches aplenty<\/a> for those hunting for Malwarebytes information, and we also covered the huge <a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/01\/meltdown-and-spectre-what-you-need-to-know\/\" target=\"_blank\" rel=\"noopener\">Meltdown\/Spectre bug<\/a>, affecting hardware going back to 10 years.<\/p>\n<h3>Other news<\/h3>\n<ul>\n<li>Coin miners are at it again, with a <a href=\"https:\/\/www.theregister.co.uk\/2018\/01\/05\/wi_fi_crypto_mining\/\" target=\"_blank\" rel=\"noopener\">proof of concept<\/a> for hacking public Wi-Fi and injecting cryptomining code into browsing sessions. (source: The Register)<\/li>\n<li>Around 240k people have been tied up in a &#8220;<a href=\"https:\/\/www.dhs.gov\/news\/2018\/01\/03\/privacy-incident-involving-dhs-oig-case-management-system\" target=\"_blank\" rel=\"noopener\">privacy incident<\/a>&#8221; over at the DHS. (source: DHS)<\/li>\n<li>Browser makers are looking to <a href=\"https:\/\/www.helpnetsecurity.com\/2018\/01\/05\/spectre-browser-attacks\/\" target=\"_blank\" rel=\"noopener\">mitigate risks<\/a> from Meltdown and Spectre. (Source: Help Net Security)<\/li>\n<li>36 rogue apps wound up on the <a href=\"http:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/apps-disguised-security-tools-bombard-users-ads-track-users-location\/\" target=\"_blank\" rel=\"noopener\">Google Play store<\/a>, reminding us to be extra vigilant even when on an official site. (Source: Trend Micro)<\/li>\n<li>Yet another cryptominer doing the rounds, this time dragging <a href=\"https:\/\/f5.com\/labs\/articles\/threat-intelligence\/malware\/new-python-based-crypto-miner-botnet-flying-under-the-radar\" target=\"_blank\" rel=\"noopener\">Linux machines<\/a> into a cash spinning botnet. (source: F5)<\/li>\n<li>Face recognition: nice idea, but being <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/01\/02\/windows-hello-face-recognition-spoofed-with-photographs\/\" target=\"_blank\" rel=\"noopener\">fooled by photographs<\/a> is a bit much. (source: Naked Security)<\/li>\n<li>A well put together <a href=\"http:\/\/www.southwalesargus.co.uk\/NEWS\/15810318.Warning_issued_about__most_convincing_phishing_email__ever_seen\/\" target=\"_blank\" rel=\"noopener\">phishing mail<\/a> is causing headaches for those who may have purchased items from retailer Debenhams. (Source: South Wales Argus)<\/li>\n<li>Unusually, you may be able to <a href=\"http:\/\/www.birminghammail.co.uk\/news\/midlands-news\/victims-western-union-fraud-scam-14124144\" target=\"_blank\" rel=\"noopener\">reclaim money<\/a> lost to wire fraud scams, regardless of where you live. This doesn&#8217;t happen often, so check it out if you&#8217;ve been stung! (Source: Birmingham Mail)<\/li>\n<li>Malware-laden emails laced with more malware are being used to steal data related to the <a href=\"http:\/\/www.bbc.co.uk\/news\/business-42600250\" target=\"_blank\" rel=\"noopener\">Winter Olympics<\/a>. (Source: BBC)<\/li>\n<\/ul>\n<p>Stay safe, everyone!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/01\/week-security-january-1-8\/\">A week in security (January 1-8)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/01\/week-security-january-1-8\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Tue, 09 Jan 2018 15:48:57 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/2018\/01\/week-security-january-1-8\/' title='A week in security (January 1-8)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2017\/01\/photodune-702886-calendar-l.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A compilation of notable security news and blog posts from January 1 to January 8, including Meltdown and Spectre updates, miners, wire fraud refunds, and fake apps on Google Play.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/\" rel=\"category tag\">Security world<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/cryptomining\/\" rel=\"tag\">cryptomining<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/malware\/\" rel=\"tag\">malware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/olympics\/\" rel=\"tag\">olympics<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/phishing\/\" rel=\"tag\">phishing<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/wire-fraud\/\" rel=\"tag\">wire fraud<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/2018\/01\/week-security-january-1-8\/' title='A week in security (January 1-8)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/01\/week-security-january-1-8\/\">A week in security (January 1-8)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[15080,3764,5858,3924,10497,10498,17106],"class_list":["post-11045","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-cryptomining","tag-malware","tag-olympics","tag-phishing","tag-security-world","tag-week-in-security","tag-wire-fraud"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/11045","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=11045"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/11045\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=11045"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=11045"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=11045"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}