{"id":12102,"date":"2018-04-23T09:10:16","date_gmt":"2018-04-23T17:10:16","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/04\/23\/news-5871\/"},"modified":"2018-04-23T09:10:16","modified_gmt":"2018-04-23T17:10:16","slug":"news-5871","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2018\/04\/23\/news-5871\/","title":{"rendered":"A week in security (April 16 \u2013 April 22)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 23 Apr 2018 16:06:58 +0000<\/strong><\/p>\n<p>Last week, we took <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2018\/04\/myspace-vs-facebook-good-old-days\/\" rel=\"noopener\">a stroll down memory lane<\/a> talking about Facebook and MySpace, noticed <a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2018\/04\/magnitude-exploit-kit-switches-gandcrab-ransomware\/\" rel=\"noopener\">a change<\/a> in the Magnitude exploit kit\u2014wherein it started adopting the <a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2018\/01\/gandcrab-ransomware-distributed-by-rig-and-grandsoft-exploit-kits\/\" rel=\"noopener\">GandCrab ransomware<\/a>, took a good look at <a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2018\/04\/pbot-python-based-adware\/\" rel=\"noopener\">a new form of adware<\/a> that is based on Python, chatted a bit <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2018\/04\/perspectives-on-russian-hacking\/\" rel=\"noopener\">about Russian hacking<\/a> with a journalist, encouraged retailers to <a href=\"https:\/\/blog.malwarebytes.com\/101\/2018\/04\/5-cybersecurity-questions-retailers-must-ask-protect-businesses\/\" rel=\"noopener\">ask the right questions<\/a> to protect their business, and weighed in on <a href=\"https:\/\/blog.malwarebytes.com\/101\/how-tos\/2018\/04\/cloudflares-new-dns-service\/\" rel=\"noopener\">a way to speed up Internet bandwidth and increase privacy<\/a> via Cloudflare&#8217;s new DNS service.<\/p>\n<h3>Other news<\/h3>\n<ul>\n<li>Cryptocurrency is all the rave these days\u2014and so are cryptominers. Security researchers recently discovered one that <a href=\"https:\/\/www.hackread.com\/malware-mine-cryptocurrency-without-open-browser-session\/\" rel=\"noopener\">doesn&#8217;t rely on an open browser session<\/a>. (Source: HackRead)<\/li>\n<li>Tax fraud is no longer for the clueless, it seems. Experts noticed that scammers are <a href=\"https:\/\/www.cnbc.com\/2018\/04\/14\/cybercriminals-now-targeting-tax-pros-to-cash-in-on-fraudulent-returns.html\" rel=\"noopener\">also targeting tax professionals<\/a>\u2014those filing taxes on behalf of their clients. (Source: CNBC)<\/li>\n<li>To date, adware, spyware, and malware have lurked inside the Google Play Store. But <a href=\"https:\/\/blog.lookout.com\/desert-scorpion-google-play\" rel=\"noopener\">surveillanceware<\/a>? That&#8217;s definitely something new. (Source: Lookout Blog)<\/li>\n<li>At the recently concluded RSA conference, tech companies like Microsoft and Facebook\u00a0<a href=\"https:\/\/www.zdnet.com\/article\/microsoft-facebook-dozens-more-sign-cybersecurity-tech-accord\/\" rel=\"noopener\">joined together to sign a pledge<\/a> to protect users and refrain from helping any government launch a cyberattack. (Source: ZDNet)<\/li>\n<li>While the usage of Adobe Flash has significantly decreased, <a href=\"https:\/\/securingtomorrow.mcafee.com\/mcafee-labs\/despite-decline-use-adobe-flash-vulnerabilities-will-continue-cause-concern\/\" rel=\"noopener\">this doesn&#8217;t mean that the threats exploiting them have declined<\/a>. So remain vigilant! (Source: McAfee&#8217;s Securing Tomorrow Blog)<\/li>\n<li>Gmail&#8217;s new &#8220;Confidential Mode&#8221; is <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/04\/17\/gmails-new-confidential-mode-wont-be-completely-private\/\" rel=\"noopener\">not entirely private<\/a> after all. SIGH. (Source: Sophos&#8217;s Naked Security Blog)<\/li>\n<li>Security researchers noticed <a href=\"https:\/\/www.scmagazineuk.com\/new-hacker-groups-emerging-in-asia-and-in-the-middle-east-finds-kaspersky\/article\/759368\/\" rel=\"noopener\">an increased activity of APT groups<\/a> based in Asia and the Middle East. (Source: SC Magazine)<\/li>\n<li>Here&#8217;s a new word to keep in mind: <a href=\"https:\/\/www.wired.com\/story\/trustjacking-ios-itunes-wi-fi-sync-attack\/\" rel=\"noopener\"><em>trustjacking<\/em>.<\/a> And iPhone users are particularly at risk of this one. (Source: Wired)<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/stresspaint-malware-steals-facebook-credentials-and-session-cookies\/\" rel=\"noopener\">Stresspaint<\/a>, a new information stealer, is a type of malware that is after Chrome login data, session cookies, and appears to be particularly interested in Facebook details. (Source: Bleeping Computer)<\/li>\n<li>A ransomware variant appeared to be\u00a0<a href=\"https:\/\/www.zdnet.com\/article\/this-ransomware-was-rewritten-to-mine-cryptocurrency-and-destroy-your-files\/\" rel=\"noopener\">repurposed<\/a> to infect files, mine for cryptocurrency&#8230;and destroy affected users&#8217; files. Good grief! (Source: ZDNet)<\/li>\n<\/ul>\n<p>Stay safe, everyone!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/04\/week-security-april-16-april-22\/\">A week in security (April 16 \u2013 April 22)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/04\/week-security-april-16-april-22\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 23 Apr 2018 16:06:58 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/2018\/04\/week-security-april-16-april-22\/' title='A week in security (April 16 \u2013 April 22)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of security news from April 16 \u2013 April 22, including tax fraud, Adobe Flash, trustjacking, and surveillanceware.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/\" rel=\"category tag\">Security world<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/a-week-in-security\/\" rel=\"tag\">a week in security<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/adobe-flash\/\" rel=\"tag\">adobe flash<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cryptocurrency\/\" rel=\"tag\">cryptocurrency<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cryptomining\/\" rel=\"tag\">cryptomining<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/gandcrab-ransomware\/\" rel=\"tag\">gandcrab ransomware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/recap\/\" rel=\"tag\">recap<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/retail-industry\/\" rel=\"tag\">retail industry<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/russian\/\" rel=\"tag\">russian<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/stresspaint\/\" rel=\"tag\">stresspaint<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/surveillanceware\/\" rel=\"tag\">surveillanceware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/tax-fraud\/\" rel=\"tag\">tax fraud<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/trustjacking\/\" rel=\"tag\">trustjacking<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/weekly-blog-roundup\/\" rel=\"tag\">weekly blog roundup<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/2018\/04\/week-security-april-16-april-22\/' title='A week in security (April 16 \u2013 April 22)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/04\/week-security-april-16-april-22\/\">A week in security (April 16 \u2013 April 22)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[12969,12052,11052,15080,17364,10503,18133,14826,10497,18208,18209,11438,18210,10498,10506],"class_list":["post-12102","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-a-week-in-security","tag-adobe-flash","tag-cryptocurrency","tag-cryptomining","tag-gandcrab-ransomware","tag-recap","tag-retail-industry","tag-russian","tag-security-world","tag-stresspaint","tag-surveillanceware","tag-tax-fraud","tag-trustjacking","tag-week-in-security","tag-weekly-blog-roundup"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/12102","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=12102"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/12102\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=12102"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=12102"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=12102"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}