{"id":11193,"date":"2018-01-22T11:10:22","date_gmt":"2018-01-22T19:10:22","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/01\/22\/news-4964\/"},"modified":"2018-01-22T11:10:22","modified_gmt":"2018-01-22T19:10:22","slug":"news-4964","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2018\/01\/22\/news-4964\/","title":{"rendered":"A week in security (January 15 \u2013 January 21)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 22 Jan 2018 17:53:06 +0000<\/strong><\/p>\n<p>Last week on Labs, we gave you some background information about <a href=\"https:\/\/blog.malwarebytes.com\/101\/2018\/01\/cookies-should-i-worry-about-them\/\" target=\"_blank\" rel=\"noopener\">cookies<\/a>, specifically which ones to worry about and why. We also warned you about scams surrounding the <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2018\/01\/wary-mega-millions-winner-giveaway-social-media\/\" target=\"_blank\" rel=\"noopener\">Mega Millions winner<\/a>, who promised to donate his money to good causes.<\/p>\n<p>We analyzed a cryptocurrency miner using a very old technique called <a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2018\/01\/a-coin-miner-with-a-heavens-gate\/\" target=\"_blank\" rel=\"noopener\">Heaven&#8217;s Gate<\/a> to make injections into 64-bit processes from 32-bit loaders. On top of that, we pointed out that there are <a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2018\/01\/new-chrome-and-firefox-extensions-block-their-removal-to-hijack-browsers\/\" target=\"_blank\" rel=\"noopener\">Chrome and Firefox extensions<\/a>\u00a0using \u201cforced installs\u201d that hide from users and hijack browsers. And last but not least, we enticed you to think about some practical <a href=\"https:\/\/blog.malwarebytes.com\/101\/2018\/01\/cybersecurity-new-years-resolutions-you-say-why-not\/\" target=\"_blank\" rel=\"noopener\">New Year&#8217;s resolutions<\/a> related to cybersecurity and privacy.<\/p>\n<h3>Other news<\/h3>\n<ul>\n<li>Google <a href=\"https:\/\/support.google.com\/googlehome\/answer\/7634752?hl=en&amp;ref_topic=7071995\" target=\"_blank\" rel=\"noopener\">acknowledged a known issue<\/a> where a bug in the Cast software may incorrectly send a large amount of network traffic, which can slow down or temporarily impact Wi-Fi networks. (Source: Google Support)<\/li>\n<li>Soon after, Google announced an update Android phones so an interaction with Chromecast video-streaming devices and Google Home smart speakers won&#8217;t <a href=\"https:\/\/www.cnet.com\/news\/google-fixing-wi-fi-slaying-chromecast-bug-on-thursday\/\" target=\"_blank\" rel=\"noopener\">whack your Wi-Fi<\/a>. (Source: CNet)<\/li>\n<li>A version of the <a href=\"https:\/\/arstechnica.com\/information-technology\/2018\/01\/in-the-wild-malware-preys-on-computers-dedicated-to-mining-cryptocurrency\/\" target=\"_blank\" rel=\"noopener\">Satori malware<\/a> exploits one or more weaknesses in the Claymore Miner,\u00a0 replacing the owner&#8217;s wallet address with an address controlled by the attacker. (Source: ArsTechnica)<\/li>\n<li>BlackWallet, another site in the booming cryptocurrency wallet sector, lost their users\u2019 cryptocurrency after what looks like a <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/01\/18\/blackwallet-cryptocurrency-site-loses-users-money-after-dns-hijack\/\" target=\"_blank\" rel=\"noopener\">DNS hijacking attack<\/a>. (Source: Naked Security)<\/li>\n<li><a href=\"https:\/\/www.theregister.co.uk\/2018\/01\/18\/dark_caracal_malware\/\" target=\"_blank\" rel=\"noopener\">Dark Caracal<\/a>, a surveillance toolkit-for-hire, has been used to suck huge amounts of data from Androids and Windows desktop PCs around the world. (Source: The Register)<\/li>\n<li>A British <a href=\"http:\/\/www.telegraph.co.uk\/news\/2018\/01\/19\/british-15-year-old-gained-access-intelligence-operations-afghanistan\/\" target=\"_blank\" rel=\"noopener\">15-year-old<\/a> gained access to intelligence operations in Afghanistan and Iran by pretending to be the head of the CIA. (Source: The Telegraph UK)<\/li>\n<li>OnePlus announced that up to 40,000 customers were affected by the <a href=\"https:\/\/www.theverge.com\/2018\/1\/19\/16908990\/oneplus-credit-card-security-breach-investigation-40000-affected\" target=\"_blank\" rel=\"noopener\">security breach<\/a> that caused the company to shut down credit card payments for its online store earlier this week. (Source: The Verge)]<\/li>\n<li>The <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/samsam-ransomware-hits-hospitals-city-councils-ics-firms\/\" target=\"_blank\" rel=\"noopener\">SamSam ransomware<\/a> group seems to have gotten off to a &#8220;great&#8221; start in 2018, hitting several high-profile targets such as hospitals, a city council, and an ICS firm. (Source: Bleeping Computer)<\/li>\n<li><a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/ghostteam-adware-can-steal-facebook-credentials\/\" target=\"_blank\" rel=\"noopener\">GhostTeam adware<\/a>\u00a0can steal Facebook accounts and surreptitiously push ads. It was found on 53 apps on Google Play. (Source: Trendlabs)<\/li>\n<li>A <a href=\"https:\/\/www.washingtonpost.com\/news\/morning-mix\/wp\/2018\/01\/16\/that-was-no-wrong-button-in-hawaii-take-a-look\/?utm_term=.b35d569d74b6\" target=\"_blank\" rel=\"noopener\">confusing drop-down menu<\/a> was the cause of the false missile warning that scared Hawaii. (Source: The Washington Post)<\/li>\n<li>Researchers have identified a powerful new Android malware strain called <a href=\"https:\/\/threatpost.com\/potent-skygofree-malware-packs-never-before-seen-features\/129479\/\" target=\"_blank\" rel=\"noopener\">Skygofree<\/a> capable of eavesdropping on WhatsApp messages and much more. (Source: Threatpost)<\/li>\n<li>Lack of authentication was the culprit behind leaks of customer details in an adult VR application called <a href=\"https:\/\/www.digitalinterruption.com\/single-post\/2018\/01\/09\/Attention-SinVR-users\" target=\"_blank\" rel=\"noopener\">SinVR<\/a>. (Source: Digital Interruption)<\/li>\n<\/ul>\n<p>Stay safe, everyone!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2018\/01\/a-week-in-security-january-15-january-21\/\">A week in security (January 15 \u2013 January 21)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2018\/01\/a-week-in-security-january-15-january-21\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 22 Jan 2018 17:53:06 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2018\/01\/a-week-in-security-january-15-january-21\/' title='A week in security (January 15 \u2013 January 21)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A compilation of notable security news and blog posts from January 15 to January 21, featuring the culprit behind the false Hawaii missile alarm, New Year&#8217;s cybersecurity resolutions, Mega Millions scams, and more.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/\" rel=\"category tag\">Security world<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/bark-caracal\/\" rel=\"tag\">BArk Caracal<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/blackwallet\/\" rel=\"tag\">BlackWallet<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cybersecurity\/\" rel=\"tag\">cybersecurity<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ghostteam-adware\/\" rel=\"tag\">GhostTeam adware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/heavens-gate\/\" rel=\"tag\">Heaven&#8217;s Gate<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/satori-malware\/\" rel=\"tag\">Satori malware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/wifi\/\" rel=\"tag\">wifi<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2018\/01\/a-week-in-security-january-15-january-21\/' title='A week in security (January 15 \u2013 January 21)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2018\/01\/a-week-in-security-january-15-january-21\/\">A week in security (January 15 \u2013 January 21)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[17246,17247,4500,17248,17205,17249,10497,10498,6273],"class_list":["post-11193","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-bark-caracal","tag-blackwallet","tag-cybersecurity","tag-ghostteam-adware","tag-heavens-gate","tag-satori-malware","tag-security-world","tag-week-in-security","tag-wifi"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/11193","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=11193"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/11193\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=11193"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=11193"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=11193"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}