{"id":12279,"date":"2018-05-14T03:10:07","date_gmt":"2018-05-14T11:10:07","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/05\/14\/news-6048\/"},"modified":"2018-05-14T03:10:07","modified_gmt":"2018-05-14T11:10:07","slug":"news-6048","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2018\/05\/14\/news-6048\/","title":{"rendered":"A week in security (April 30 &#8211; May 6)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 07 May 2018 17:18:15 +0000<\/strong><\/p>\n<p>Last week on Labs, we examined the\u00a0<a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2018\/04\/spartacus-introduction-unsophisticated-ransomware\/\" target=\"_blank\" rel=\"noopener\">Spartacus ransomware<\/a>, reported about a new tactic used by the\u00a0<a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2018\/05\/internet-shortcut-used-necurs-malspam-campaign\/\" target=\"_blank\" rel=\"noopener\">Necurs malspam campaign<\/a>, informed you about the\u00a0<a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2018\/05\/twitter-security-snafu-change-passwords\/\" target=\"_blank\" rel=\"noopener\">recommended Twitter password change<\/a>, and discussed\u00a0<a href=\"https:\/\/blog.malwarebytes.com\/101\/2018\/05\/engaging-students-cybersecurity-primer-educators\/\" target=\"_blank\" rel=\"noopener\">engaging students to start considering careers in cybersecurity<\/a>.<\/p>\n<h3>Other news<\/h3>\n<ul>\n<li><a href=\"https:\/\/www.securityweek.com\/pdf-files-can-silently-leak-ntlm-credentials\" target=\"_blank\" rel=\"noopener\">NTML credentials<\/a> can be stolen via malicious Portable Document Format (PDF) files without any user interaction. (Source: SecurityWeek)<\/li>\n<li><a href=\"https:\/\/www.bloomberg.com\/news\/articles\/2018-04-29\/twitter-sold-cambridge-analytica-researcher-public-data-access\" target=\"_blank\" rel=\"noopener\">Twitter<\/a> sold data access to a Cambridge Analytica-linked researcher. (Source: Bloomberg)<\/li>\n<li><a href=\"https:\/\/securityaffairs.co\/wordpress\/72008\/malware\/facexworm-facebook-messenger.html\" target=\"_blank\" rel=\"noopener\">FacexWorm<\/a> targets cryptocurrency users by spreading through Facebook Messenger. (Source: Security Affairs)<\/li>\n<li>New <a href=\"https:\/\/www.helpnetsecurity.com\/2018\/05\/02\/dns-encryption-tools-accelerate-privacy-online\/\" target=\"_blank\" rel=\"noopener\">DNS encryption tools<\/a>\u00a0accelerate privacy online. (Source: HelpNetSecurity)<\/li>\n<li><a href=\"https:\/\/www.zdnet.com\/article\/iot-security-is-cryptocurrency-mining-malware-your-next-big-headache\/\" target=\"_blank\" rel=\"noopener\">IoT security<\/a>: Is cryptocurrency-mining malware your next big headache? (Source: ZDNet)<\/li>\n<li>Companies from across the tech spectrum are lining up to protest the measure\u00a0that would allow them to \u201chack back\u201d with offensive initiatives in the face of a cyberattack. (Source: ThreatPost)<\/li>\n<li>Drive-by <a href=\"https:\/\/arstechnica.com\/information-technology\/2018\/05\/drive-by-rowhammer-attack-uses-gpu-to-compromise-an-android-phone\/\" target=\"_blank\" rel=\"noopener\">Rowhammer attack<\/a> uses GPU to compromise Android phone. (Source: ArsTechnica)<\/li>\n<li>The systems that control <a href=\"https:\/\/gizmodo.com\/the-systems-that-control-water-and-power-plants-are-sho-1825740945\" target=\"_blank\" rel=\"noopener\">water and power plants<\/a> are shockingly vulnerable to hackers. (Source: Gizmodo)<\/li>\n<li><a href=\"https:\/\/www.washingtonpost.com\/news\/the-switch\/wp\/2018\/05\/03\/facebooks-dating-service-is-a-chance-to-meet-the-catfisher-advertiser-or-scammer-of-your-dreams\/?noredirect=on&amp;utm_term=.d58733f3bd21\" target=\"_blank\" rel=\"noopener\">Facebook\u2019s dating service<\/a> is a chance to meet the catfisher, advertiser, or scammer of your dreams. (Source: Washington Post)<\/li>\n<li>Roskomnadzor, Russia&#8217;s telecommunications watchdog, blocks 50 VPNs and Proxy Services providing access to Telegram. (Source: BleepingComputer)<\/li>\n<li>Cat burglar: <a href=\"https:\/\/www.scmagazine.com\/cat-burglar-kitty-cryptominer-targets-web-application-servers-then-spreads-to-app-users\/article\/763411\/\" target=\"_blank\" rel=\"noopener\">Kitty cryptominer<\/a> targets web application servers, then spreads to app users. (Source: SCMagazine)<\/li>\n<\/ul>\n<p>Stay safe, everyone!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/05\/week-security-april-30-may-6\/\">A week in security (April 30 &#8211; May 6)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/05\/week-security-april-30-may-6\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 07 May 2018 17:18:15 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/2018\/05\/week-security-april-30-may-6\/' title='A week in security (April 30 - May 6)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'> A roundup of security news from April 30 \u2013 May 6, including Necurs malspam, Spartacus ransomware, Twitter passwords, and cybersecurity studies.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/\" rel=\"category tag\">Security world<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/malwarebytes\/\" rel=\"tag\">Malwarebytes<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/necurs\/\" rel=\"tag\">necurs<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ransomware\/\" rel=\"tag\">ransomware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/security\/\" rel=\"tag\">security<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/spartacus\/\" rel=\"tag\">Spartacus<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/twitter\/\" rel=\"tag\">twitter<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/weekly-blog-roundup\/\" rel=\"tag\">weekly blog roundup<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/2018\/05\/week-security-april-30-may-6\/' title='A week in security (April 30 - May 6)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/05\/week-security-april-30-may-6\/\">A week in security (April 30 &#8211; May 6)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[10560,11977,3765,714,10497,18268,454,10498,10506],"class_list":["post-12279","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-malwarebytes","tag-necurs","tag-ransomware","tag-security","tag-security-world","tag-spartacus","tag-twitter","tag-week-in-security","tag-weekly-blog-roundup"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/12279","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=12279"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/12279\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=12279"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=12279"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=12279"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}