{"id":12281,"date":"2018-05-14T10:10:19","date_gmt":"2018-05-14T18:10:19","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/05\/14\/news-6050\/"},"modified":"2018-05-14T10:10:19","modified_gmt":"2018-05-14T18:10:19","slug":"news-6050","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2018\/05\/14\/news-6050\/","title":{"rendered":"A week in security (May 7 \u2013 May 13)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 14 May 2018 17:18:24 +0000<\/strong><\/p>\n<p>Last week on Labs, we looked at the case of <a href=\"https:\/\/blog.malwarebytes.com\/malwarebytes-news\/2018\/05\/mobile-menace-monday-reemergence-industry-duping-fake-av\/\" target=\"_blank\" rel=\"noopener\">a fake Android AV<\/a>, <a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2018\/05\/kuik-simple-yet-annoying-piece-adware\/\" target=\"_blank\" rel=\"noopener\">an annoying adware that goes by the name of Kuik<\/a>, the return of threat actors behind <a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2018\/05\/shoppers-stop-tech-scam-draws-thousands-forced-ad-injections\/\" target=\"_blank\" rel=\"noopener\">the Shopper Stop tech scam<\/a>, a <a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2018\/05\/netflix-phish\/\" target=\"_blank\" rel=\"noopener\">new Netflix\u00a0phishing scam<\/a>, the recent <a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2018\/05\/internet-explorer-zero-day-browser-attack\/\" target=\"_blank\" rel=\"noopener\">zero-day vulnerability in Internet Explorer<\/a>, and the <a href=\"https:\/\/blog.malwarebytes.com\/101\/2018\/05\/https-why-the-green-padlock-is-not-enough\/\" target=\"_blank\" rel=\"noopener\">insufficiency<\/a> of merely relying on the presence of the green padlock. Also, in a brief blog post, we talked about <a href=\"https:\/\/blog.malwarebytes.com\/101\/2018\/05\/tech-support-scam-blacklist-go\/\" target=\"_blank\" rel=\"noopener\">why we removed the\u00a0blacklist of tech support scammers<\/a> we have been dutifully maintaining for years.<\/p>\n<h3>Other news<\/h3>\n<ul>\n<li>Security researchers found <a href=\"http:\/\/resources.infosecinstitute.com\/crooks-exploit-facebook-spread-crypto-miner-malware\/\" target=\"_blank\" rel=\"noopener\">a worm lurking in Facebook&#8217;s Messenger<\/a>, and it steals account credentials from cryptocurrency\u00a0platforms. (Source: InfoSec Institute)<\/li>\n<li>DDoS attacks are on the cusp of evolution. <a href=\"https:\/\/www.darkreading.com\/endpoint\/privacy\/why-ddos-just-wont-die\/d\/d-id\/1331734\" target=\"_blank\" rel=\"noopener\">It would be foolish to expect it to die<\/a> any time soon. (Source: Dark Reading)<\/li>\n<li>Oh no, they didn&#8217;t. <a href=\"https:\/\/www.grahamcluley.com\/bad-guys-have-something-new-to-play-with-microsoft-excel-adds-support-for-javascript\/\" target=\"_blank\" rel=\"noopener\">OH. NO. THEY. DIDN&#8217;T!<\/a> (Source: Graham Cluley&#8217;s blog)<\/li>\n<li>Speaking of Microsoft, hackers have found <a href=\"https:\/\/thehackernews.com\/2018\/05\/microsoft-safelinks-phishing.html\" rel=\"noopener\">a way to bypass Safe Links<\/a>, a feature in MS Office 365 that keeps malware and phishing attacks at bay. (Source: The Hacker News)<\/li>\n<li>Businesses, be forewarned: <a href=\"http:\/\/thehill.com\/policy\/cybersecurity\/386591-researchers-detect-rise-in-attacks-from-nigerian-cyber-criminals\" target=\"_blank\" rel=\"noopener\">Nigerian cybercriminals are getting good<\/a> at what they do and learning new tools and techniques to get into corporate networks. (Source: The Hill)<\/li>\n<li>It appears that businesses <a href=\"http:\/\/fortune.com\/2018\/05\/07\/security-equifax-vulnerability-download\/\" target=\"_blank\" rel=\"noopener\">haven&#8217;t learned their lesson<\/a> yet. Are they waiting for something terrible to happen before they do? (Source: Fortune)<\/li>\n<li>Are you a 7-Zip user? There&#8217;s a critical flaw found in it, so <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/05\/09\/critical-bug-in-7-zip-make-sure-youre-up-to-date\/\" target=\"_blank\" rel=\"noopener\">you need to update it ASAP<\/a>. (Source: Sophos&#8217; Naked Security Blog)<\/li>\n<li>Resetting compromised IoT devices normally removes the malware.\u00a0But a recent discovery showed that there is now <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/hide-and-seek-becomes-first-iot-botnet-capable-of-surviving-device-reboots\/\" target=\"_blank\" rel=\"noopener\">an IoT botnet that can survive a reboot<\/a>. (Source: Bleeping Computer)<\/li>\n<li>Evilginx, a tool developed by Kuba Gretzky, can bypass two-factor authentication. And Gretzky <a href=\"https:\/\/blog.knowbe4.com\/heads-up-new-exploit-hacks-linkedin-2-factor-auth.-see-this-kevin-mitnick-video\" target=\"_blank\" rel=\"noopener\">demoed its use against LinkedIn<\/a>\u2014and it worked! (Source: KnowBe4&#8217;s Security Awareness Training Blog)<\/li>\n<li>A recent study showed that <a href=\"https:\/\/www.helpnetsecurity.com\/2018\/05\/08\/ios-phishing-malware\/\" target=\"_blank\" rel=\"noopener\">iOS users are more likely to be phished<\/a> than to download malware. (Source: Help Net Security)<\/li>\n<\/ul>\n<p>Stay safe, everyone!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/05\/week-security-may-7-may-13\/\">A week in security (May 7 \u2013 May 13)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/05\/week-security-may-7-may-13\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 14 May 2018 17:18:24 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/2018\/05\/week-security-may-7-may-13\/' title='A week in security (May 7 \u2013 May 13)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of security news from May 7 \u2013 May 13, including a new zero-day for Internet Explorer, a Netflix phishing scam, a worm found in Facebook&#8217;s Messenger, and more.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/\" rel=\"category tag\">Security world<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/7zip\/\" rel=\"tag\">7zip<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/facebook\/\" rel=\"tag\">facebook<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/fake-android-av\/\" rel=\"tag\">fake android av<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/https\/\" rel=\"tag\">HTTPS<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/javascript-excel\/\" rel=\"tag\">javascript excel<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/js-excel\/\" rel=\"tag\">JS excel<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/kuik-adware\/\" rel=\"tag\">kuik adware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/microsoft\/\" rel=\"tag\">microsoft<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/microsoft-excel\/\" rel=\"tag\">microsoft excel<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/netflix-phish\/\" rel=\"tag\">netflix phish<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/nigerian-scam\/\" rel=\"tag\">nigerian scam<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/shopper-stop-tech-scam\/\" rel=\"tag\">shopper stop tech scam<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/signal\/\" rel=\"tag\">signal<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/tech-support-scam\/\" rel=\"tag\">tech support scam<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/two-factor-authentication\/\" rel=\"tag\">two-factor authentication<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/vulnerability\/\" rel=\"tag\">vulnerability<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/2018\/05\/week-security-may-7-may-13\/' title='A week in security (May 7 \u2013 May 13)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/05\/week-security-may-7-may-13\/\">A week in security (May 7 \u2013 May 13)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[18397,3589,18398,11124,18399,18400,18329,10516,18401,18353,18402,10497,18403,3205,10544,10606,10467,10498],"class_list":["post-12281","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-7zip","tag-facebook","tag-fake-android-av","tag-https","tag-javascript-excel","tag-js-excel","tag-kuik-adware","tag-microsoft","tag-microsoft-excel","tag-netflix-phish","tag-nigerian-scam","tag-security-world","tag-shopper-stop-tech-scam","tag-signal","tag-tech-support-scam","tag-two-factor-authentication","tag-vulnerability","tag-week-in-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/12281","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=12281"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/12281\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=12281"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=12281"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=12281"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}