{"id":13858,"date":"2018-11-18T13:10:03","date_gmt":"2018-11-18T21:10:03","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/11\/18\/news-7625\/"},"modified":"2018-11-18T13:10:03","modified_gmt":"2018-11-18T21:10:03","slug":"news-7625","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2018\/11\/18\/news-7625\/","title":{"rendered":"A week in security (November 5 \u2013 11)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 12 Nov 2018 17:17:57 +0000<\/strong><\/p>\n<p>Last week on Malwarebytes Labs, we looked at <a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2018\/11\/browlock-flies-under-the-radar-with-complete-obfuscation\/\" target=\"_blank\" rel=\"noopener\">browser lockers that fly under the radar\u00a0with complete obfuscation<\/a>,\u00a0<a href=\"https:\/\/blog.malwarebytes.com\/101\/business\/2018\/11\/compromising-vital-infrastructure-transport-logistics\/\" target=\"_blank\" rel=\"noopener\">transport and logistics<\/a> in our series about compromising vital infrastructure, <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2018\/11\/google-logins-javascript-now-required\/\" target=\"_blank\" rel=\"noopener\">Google logins now requiring JavaScript<\/a>, <a href=\"https:\/\/blog.malwarebytes.com\/101\/2018\/11\/create-sticky-cybersecurity-training-program\/\" target=\"_blank\" rel=\"noopener\">how to create a sticky cybersecurity training program<\/a>, and an introduction for <a href=\"https:\/\/blog.malwarebytes.com\/101\/how-tos\/2018\/11\/advanced-tools-process-hacker\/\" target=\"_blank\" rel=\"noopener\">Process Hacker<\/a>.<\/p>\n<h3>Other cybersecurity news<\/h3>\n<ul>\n<li>Dutch\u00a0police have achieved a breakthrough in <a href=\"http:\/\/www.tellerreport.com\/news\/--police--encrypted-messages-criminals-cracked--at-least-a-hundred-suspects-.rkDaGH1TX.html\" target=\"_blank\" rel=\"noopener\">intercepting encrypted messages<\/a> between criminals. (Source: TellerReport)<\/li>\n<li>If <a href=\"https:\/\/www.theatlantic.com\/international\/archive\/2018\/11\/terrorist-cyberattack-midterm-elections\/574504\/\" target=\"_blank\" rel=\"noopener\">terrorists<\/a> launch a major cyberattack, we won\u2019t see it coming. (Source: The Atlantic)<\/li>\n<li>Why are <a href=\"https:\/\/www.zdnet.com\/article\/why-are-fake-elon-musk-bitcoin-scams-running-rife-on-twitter-right-now\/\" target=\"_blank\" rel=\"noopener\">fake Elon Musk<\/a> bitcoin scams running rife on Twitter right now? (Source: ZDNet)<\/li>\n<li><a href=\"https:\/\/www.helpnetsecurity.com\/2018\/11\/07\/virtualbox-guest-to-host-escape-0day\/\" target=\"_blank\" rel=\"noopener\">VirtualBox<\/a> Guest-to-Host escapes\u00a0zero-day and exploit released online. (Source: Help Net Security)<\/li>\n<li>Microsoft releases info on protecting <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/microsoft-releases-info-on-protecting-bitlocker-from-dma-attacks\/\" target=\"_blank\" rel=\"noopener\">BitLocker<\/a> from DMA attacks. (Source: Bleeping Computer)<\/li>\n<li>Further protections from <a href=\"https:\/\/blog.chromium.org\/2018\/11\/further-protections-from-harmful-ad.html\" target=\"_blank\" rel=\"noopener\">harmful ad experiences<\/a> on the web. (Source: Chromium blog)<\/li>\n<li>Android users now face forced app updates, thanks to Google&#8217;s <a href=\"https:\/\/www.zdnet.com\/article\/android-users-now-face-forced-app-updates-thanks-to-googles-new-dev-tools\/\" target=\"_blank\" rel=\"noopener\">new dev tools<\/a>. (Source: ZDNet)<\/li>\n<li>Active exploitation of newly patched <a href=\"https:\/\/www.volexity.com\/blog\/2018\/11\/08\/active-exploitation-of-newly-patched-coldfusion-vulnerability-cve-2018-15961\/\" target=\"_blank\" rel=\"noopener\">ColdFusion<\/a> vulnerability (CVE-2018-15961). (Source: Volexity Threat Research)<\/li>\n<li>Spammers hack <a href=\"https:\/\/www.theregister.co.uk\/2018\/11\/08\/upnp_spam_botnet_broadcom\/\" target=\"_blank\" rel=\"noopener\">100,000 home routers<\/a> via UPnP vulns to craft email-flinging botnet. (Source: The Register)<\/li>\n<li>Google: newer <a href=\"https:\/\/securityshelf.com\/2018\/11\/08\/google-newer-android-versions-are-less-affected-by-malware\/\" target=\"_blank\" rel=\"noopener\">Android<\/a> versions are less affected by malware. (Source: Security Shelf)<\/li>\n<\/ul>\n<p>Stay safe, everyone!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2018\/11\/week-security-november-5-november-11\/\">A week in security (November 5 \u2013 11)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2018\/11\/week-security-november-5-november-11\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 12 Nov 2018 17:17:57 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2018\/11\/week-security-november-5-november-11\/' title='A week in security (November 5 \u2013 11)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'> A roundup of security news from November 5 to November 11, including bitcoin scams, VirtualBox zero-day, ColdFusion vulnerability, Android security, and cybersecurity training.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/\" rel=\"category tag\">Security world<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/bitcoin-scams\/\" rel=\"tag\">bitcoin scams<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/bitlocker\/\" rel=\"tag\">bitlocker<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/coldfusion\/\" rel=\"tag\">coldfusion<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/elon-musk\/\" rel=\"tag\">elon musk<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/process-hacker\/\" rel=\"tag\">Process Hacker<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/sticky-cybersecurity-training\/\" rel=\"tag\">sticky cybersecurity training<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/week-in-secuirty\/\" rel=\"tag\">week in secuirty<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2018\/11\/week-security-november-5-november-11\/' title='A week in security (November 5 \u2013 11)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2018\/11\/week-security-november-5-november-11\/\">A week in security (November 5 \u2013 11)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[20128,20129,20130,13297,20103,10497,20131,20132,10498],"class_list":["post-13858","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-bitcoin-scams","tag-bitlocker","tag-coldfusion","tag-elon-musk","tag-process-hacker","tag-security-world","tag-sticky-cybersecurity-training","tag-week-in-secuirty","tag-week-in-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/13858","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=13858"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/13858\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=13858"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=13858"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=13858"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}