{"id":13909,"date":"2018-11-26T11:10:02","date_gmt":"2018-11-26T19:10:02","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/11\/26\/news-7676\/"},"modified":"2018-11-26T11:10:02","modified_gmt":"2018-11-26T19:10:02","slug":"news-7676","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2018\/11\/26\/news-7676\/","title":{"rendered":"A week in security (November 19 \u2013 25)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 26 Nov 2018 18:21:37 +0000<\/strong><\/p>\n<p>Last week on Malwarebytes Labs, we took a look at a devastating <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2018\/11\/business-email-compromise-scam-costs-pathe-21-5-million\/\" target=\"_blank\" rel=\"noopener\">business email compromise attack<\/a>, web skimming <a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2018\/11\/web-skimmers-compete-umbro-brasil-hack\/\" target=\"_blank\" rel=\"noopener\">antics<\/a>, and the fresh perils of <a href=\"https:\/\/blog.malwarebytes.com\/security-world\/technology\/2018\/11\/deepfake-coming-scam-near\/\" target=\"_blank\" rel=\"noopener\">Deepfakes<\/a>. We also checked out some <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2018\/11\/spoofing-anonymous-gmail-ux-bugs-phishing\/\" target=\"_blank\" rel=\"noopener\">Chrome bug issues<\/a>, and took the deepest of deep dives into <a href=\"https:\/\/blog.malwarebytes.com\/101\/2018\/11\/dna-testing-kit-companies-really-data\/\" target=\"_blank\" rel=\"noopener\">DNA testing<\/a>.<\/p>\n<h3>Other cybersecurity news<\/h3>\n<ul>\n<li>Adobe Flash bug\u2014<a href=\"https:\/\/helpx.adobe.com\/security\/products\/flash-player\/apsb18-44.html\" target=\"_blank\" rel=\"noopener\">get patching<\/a>! (Source: Adobe)<\/li>\n<li>Accidental <a style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\" href=\"https:\/\/www.dansdeals.com\/more\/dans-commentary\/went-tesla-delivery-hell-tesla-giving-control-site-forums-1-5-million-tesla-account-contacts\/\" target=\"_blank\" rel=\"noopener\">Tesla forum access<\/a><span style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\">\u00a0granted (Source: Dan\u2019s Deals)<\/span><\/li>\n<li>JavaScript snooping on other browser tabs [<a style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\" href=\"https:\/\/arxiv.org\/pdf\/1811.07153.pdf\" target=\"_blank\" rel=\"noopener\">PDF<\/a><span style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\">] (Source: Arxiv)<\/span><\/li>\n<li>LastPass suffered power outage, other\u00a0<a style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\" href=\"https:\/\/www.theregister.co.uk\/2018\/11\/20\/fivehour_outage_frustrates_lastpass_punters\/\" target=\"_blank\" rel=\"noopener\">frustrations<\/a><span style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\"> (Source: The Register)<\/span><\/li>\n<li>US Justice Department <a style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\" href=\"https:\/\/www.bloomberg.com\/news\/articles\/2018-11-20\/bitcoin-rigging-criminal-probe-is-said-to-focus-on-tie-to-tether\" target=\"_blank\" rel=\"noopener\">investigates<\/a><span style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\">\u00a0whether<\/span>\u00a0last year&#8217;s Bitcoin rally was a result of manipulation<span style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\">\u00a0(Source: Bloomberg)<\/span><\/li>\n<li>Tumblr combats <a style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\" href=\"https:\/\/tumblr.zendesk.com\/hc\/en-us\/articles\/360012260613-November-16-2018-Issues-with-the-iOS-app\" target=\"_blank\" rel=\"noopener\">exploitation content<\/a><span style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\"> (Source: Tumblr)<\/span><\/li>\n<li>Plane crash used as <a style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\" href=\"https:\/\/gizmodo.com\/russian-hacking-group-used-a-deadly-plane-crash-as-phis-1830563032\" target=\"_blank\" rel=\"noopener\">phishing bait<\/a><span style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\"> (Source: Gizmodo)<\/span><\/li>\n<li>Was hacker tessa88&#8217;s true identity <a style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\" href=\"https:\/\/www.recordedfuture.com\/tessa88-identity-revealed\/\" target=\"_blank\" rel=\"noopener\">revealed<\/a><span style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\">? (Source: Insikt Group)<\/span><\/li>\n<li>More <a style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\" href=\"https:\/\/twitter.com\/LukasStefanko\/status\/1064507886896844800\" target=\"_blank\" rel=\"noopener\">bogus apps on Google Play<\/a><span style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\">\u00a0discovered (Source: ESET)<\/span><\/li>\n<li>Huge losses from <a style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\" href=\"https:\/\/www.helpnetsecurity.com\/2018\/11\/23\/online-payment-fraud\/\" target=\"_blank\" rel=\"noopener\">online<span class=\"Apple-converted-space\">\u00a0<\/span>payment fraud<\/a><span style=\"font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen-Sans, Ubuntu, Cantarell, 'Helvetica Neue', sans-serif;\">\u00a0to reach $48 billion annually (Source: Help Net Security)<\/span><\/li>\n<\/ul>\n<p>Stay safe, everyone!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/11\/week-security-november-19-25\/\">A week in security (November 19 \u2013 25)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/11\/week-security-november-19-25\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 26 Nov 2018 18:21:37 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/2018\/11\/week-security-november-19-25\/' title='A week in security (November 19 \u2013 25)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of last week&#8217;s security news from November 19\u201325, including a business email compromise attack, deep dive into DNA testing kits, and more troubles for Tesla.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/\" rel=\"category tag\">Security world<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/android\/\" rel=\"tag\">Android<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/dna\/\" rel=\"tag\">dna<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/google-play\/\" rel=\"tag\">Google Play<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/lastpass\/\" rel=\"tag\">lastpass<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/malware\/\" rel=\"tag\">malware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/phishing\/\" rel=\"tag\">phishing<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/roundup\/\" rel=\"tag\">roundup<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/tesla\/\" rel=\"tag\">tesla<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/week-in-security\/\" rel=\"tag\">week in security<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/2018\/11\/week-security-november-19-25\/' title='A week in security (November 19 \u2013 25)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/11\/week-security-november-19-25\/\">A week in security (November 19 \u2013 25)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[10462,13650,11268,19012,3764,3924,13053,10497,13239,10498],"class_list":["post-13909","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-android","tag-dna","tag-google-play","tag-lastpass","tag-malware","tag-phishing","tag-roundup","tag-security-world","tag-tesla","tag-week-in-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/13909","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=13909"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/13909\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=13909"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=13909"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=13909"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}