{"id":13480,"date":"2018-10-01T09:10:02","date_gmt":"2018-10-01T17:10:02","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/10\/01\/news-7247\/"},"modified":"2018-10-01T09:10:02","modified_gmt":"2018-10-01T17:10:02","slug":"news-7247","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2018\/10\/01\/news-7247\/","title":{"rendered":"A week in security (September 24 \u2013 30)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 01 Oct 2018 16:44:20 +0000<\/strong><\/p>\n<p>Last week on Labs was a busy one. We discussed how\u00a0<a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2018\/09\/mobile-menace-monday-sms-phishing-attacks-target-the-job-market\/\" target=\"_blank\" rel=\"noopener\">SMS phishing attacks target the job market<\/a>, issued a warning for\u00a0<a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2018\/09\/100-channels-and-nothing-on-except-tv-licensing-phishes\/\" target=\"_blank\" rel=\"noopener\">TV Licensing phishes<\/a>, commented on how Apple confused Safari users with recent <a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/09\/safari-users-where-did-your-extensions-go\/\" target=\"_blank\" rel=\"noopener\">changes to how OSX handles browser extensions<\/a>, and elaborated on\u00a0<a href=\"https:\/\/blog.malwarebytes.com\/security-world\/privacy-security-world\/2018\/09\/holes-found-in-mojaves-privacy-protection\/\" target=\"_blank\" rel=\"noopener\">holes found in Mojave\u2019s privacy protection<\/a>\u2014deep breath! We also showed how a\u00a0<a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2018\/09\/buggy-implementation-of-cve-2018-8373-used-to-deliver-quasar-rat\/\" target=\"_blank\" rel=\"noopener\">buggy implementation of CVE-2018-8373 vulnerability is used to deliver Quasar RAT<\/a>, discussed what is needed to <a href=\"https:\/\/blog.malwarebytes.com\/101\/2018\/09\/phone-spampocalypse-fighting-back-in-the-age-of-unwanted-calls\/\" target=\"_blank\" rel=\"noopener\">fight back in the age of unwanted calls<\/a>, gave some tips on\u00a0<a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2018\/09\/how-to-protect-your-data-from-magecart-and-other-e-commerce-attacks\/\" target=\"_blank\" rel=\"noopener\">how to protect your data from Magecart and other e-commerce attacks<\/a>, and alerted our readers that\u00a0<a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2018\/09\/millions-of-accounts-affected-in-latest-facebook-hack\/\" target=\"_blank\" rel=\"noopener\">millions of accounts were affected in the latest Facebook vulnerability<\/a>.<\/p>\n<h3>Other cybersecurity news:<\/h3>\n<ul>\n<li><a href=\"https:\/\/www.washingtonpost.com\/business\/technology\/the-latest-amazon-exec-warns-of-calif-privacy-approach\/2018\/09\/26\/ddb79270-c19d-11e8-9451-e878f96be19b_story.html?utm_term=.a40d184e1211\" target=\"_blank\" rel=\"noopener\">Tech firms back US privacy law<\/a> to negate states. (Source: The Washington Post)<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/microsoft-rolls-out-confidential-computing-for-azure\/\" target=\"_blank\" rel=\"noopener\">Microsoft<\/a>\u00a0rolls out confidential computing for Azure. (Source: Bleeping Computer)<\/li>\n<li><a href=\"https:\/\/www.blog.google\/products\/chrome\/product-updates-based-your-feedback\/\" target=\"_blank\" rel=\"noopener\">Google<\/a>\u00a0recently made a change to simplify the way Chrome handles sign-in. (Source: The Keyword)<\/li>\n<li><a href=\"https:\/\/medium.com\/chronicle-blog\/introducing-virustotal-enterprise-3a1607d79334\" target=\"_blank\" rel=\"noopener\">VirusTotal<\/a>\u00a0announces VirusTotal Enterprise. (Source: medium.com)<\/li>\n<li><a href=\"https:\/\/hotforsecurity.bitdefender.com\/blog\/14-years-prison-for-man-who-helped-hackers-evade-detection-by-anti-virus-software-20363.html\" target=\"_blank\" rel=\"noopener\">14 years imprisonment<\/a>\u00a0for man who helped hackers evade detection by antivirus software. (Source: Hot for Security)<\/li>\n<li><a href=\"https:\/\/www.portofsandiego.org\/press-releases\/general-press-releases\/port-san-diego-927-update-cybersecurity-incident\" target=\"_blank\" rel=\"noopener\">Port of San Diego&#8217;s<\/a> information technology systems disrupted by ransomware. (Source: Port of San Diego)<\/li>\n<li><a href=\"https:\/\/www.welivesecurity.com\/2018\/09\/27\/lojax-first-uefi-rootkit-found-wild-courtesy-sednit-group\/\" target=\"_blank\" rel=\"noopener\">LoJax<\/a>: the first UEFI rootkit found in the wild, courtesy of the Sednit group. (Source: WeLiveSecurity}<\/li>\n<li><a href=\"https:\/\/www.inputzero.io\/2018\/09\/bug-bounty-telegram-cve-2018-17780.html\" target=\"_blank\" rel=\"noopener\">Telegram<\/a>\u00a0leaks public\/private IP addresses of end users in desktop. (Source: inputzero)<\/li>\n<li><a href=\"https:\/\/threatpost.com\/iphone-xs-passcode-bypass-hack-exposes-contacts-photos\/137790\/\" target=\"_blank\" rel=\"noopener\">iPhone XS passcode<\/a>\u00a0bypass hack exposes contacts and photos. (Source: ThreatPost)<\/li>\n<li>Secret Service warns of surge in <a href=\"https:\/\/krebsonsecurity.com\/2018\/09\/secret-service-warns-of-surge-in-atm-wiretapping-attacks\/\" target=\"_blank\" rel=\"noopener\">ATM<\/a>\u00a0&#8216;wiretapping&#8217; attacks. (Source: Krebs on Security)<\/li>\n<li><a href=\"https:\/\/www.theregister.co.uk\/2018\/09\/27\/mutagen_astronomy_linux\/\" target=\"_blank\" rel=\"noopener\">Mutagen Astronomy<\/a>:\u00a0Linux kernel &#8216;give me root, now&#8217; security hole sighted. (Source: TheRegister)<\/li>\n<\/ul>\n<p>Stay safe, everyone!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/10\/a-week-in-security-september-24-30\/\">A week in security (September 24 \u2013 30)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/10\/a-week-in-security-september-24-30\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 01 Oct 2018 16:44:20 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/2018\/10\/a-week-in-security-september-24-30\/' title='A week in security (September 24 \u2013 30)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of the security news from September 24\u201330 including phishing, Apple woes, a vulnerability in the wild, e-commerce attacks, phone spam, and a massive Facebook breach.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/\" rel=\"category tag\">Security world<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/cve\/\" rel=\"tag\">CVE<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cve-2018-8373\/\" rel=\"tag\">CVE-2018-8373<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/facebook\/\" rel=\"tag\">facebook<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/googlr\/\" rel=\"tag\">Googlr<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/iphonexs\/\" rel=\"tag\">iPhoneXS<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/lojax\/\" rel=\"tag\">Lojax<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/magecart\/\" rel=\"tag\">Magecart<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/microsoft\/\" rel=\"tag\">microsoft<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/mojave\/\" rel=\"tag\">Mojave<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/mutagen-astronomy\/\" rel=\"tag\">mutagen astronomy<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/osx\/\" rel=\"tag\">osx<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/phishing\/\" rel=\"tag\">phishing<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/port-of-san-diego\/\" rel=\"tag\">port of san diego<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/quasar-rat\/\" rel=\"tag\">quasar rat<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/safari-extensions\/\" rel=\"tag\">safari extensions<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/sms-phishing\/\" rel=\"tag\">sms phishing<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/telegram\/\" rel=\"tag\">telegram<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/tv-licensing\/\" rel=\"tag\">TV licensing<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/unwanted-calls\/\" rel=\"tag\">unwanted calls<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/2018\/10\/a-week-in-security-september-24-30\/' title='A week in security (September 24 \u2013 30)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/10\/a-week-in-security-september-24-30\/\">A week in security (September 24 \u2013 30)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[11810,19585,3589,19641,19642,19643,19622,10516,19561,19644,17730,3924,19645,19646,19647,10497,12796,11642,19648,19616,10498],"class_list":["post-13480","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-cve","tag-cve-2018-8373","tag-facebook","tag-googlr","tag-iphonexs","tag-lojax","tag-magecart","tag-microsoft","tag-mojave","tag-mutagen-astronomy","tag-osx","tag-phishing","tag-port-of-san-diego","tag-quasar-rat","tag-safari-extensions","tag-security-world","tag-sms-phishing","tag-telegram","tag-tv-licensing","tag-unwanted-calls","tag-week-in-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/13480","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=13480"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/13480\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=13480"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=13480"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=13480"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}