{"id":14049,"date":"2018-12-10T10:10:22","date_gmt":"2018-12-10T18:10:22","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2018\/12\/10\/news-7816\/"},"modified":"2018-12-10T10:10:22","modified_gmt":"2018-12-10T18:10:22","slug":"news-7816","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2018\/12\/10\/news-7816\/","title":{"rendered":"A week in security (December 3 \u2013 9)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 10 Dec 2018 17:32:10 +0000<\/strong><\/p>\n<p>Last week on Malwarebytes Labs, we gave readers an FYI on multiple breaches that affected <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2018\/12\/humble-bundle-subscription-bug-alert\/\" target=\"_blank\" rel=\"noopener\">Humble Bundle<\/a>, <a href=\"https:\/\/blog.malwarebytes.com\/101\/2018\/12\/breaches-breaches-everywhere-must-season\/\" target=\"_blank\" rel=\"noopener\">Quora, and Dunkin&#8217; Donuts<\/a>, to name a few. This follows the announcement from Marriott about <a href=\"https:\/\/blog.malwarebytes.com\/101\/2018\/11\/marriott-breach-impacts-500-million-customers-heres-what-to-do-about-it\/\" target=\"_blank\" rel=\"noopener\">a four-year long breach that impacted half a billion of its patrons<\/a>.<\/p>\n<p>We also pushed out the report, <a href=\"https:\/\/blog.malwarebytes.com\/malwarebytes-news\/2018\/12\/new-under-the-radar-report-examines-modern-threats-and-future-technologies\/\" target=\"_blank\" rel=\"noopener\">&#8220;Under the Radar: The Future of Undetected Malware&#8221;<\/a>, wherein we examined current threats and the technologies that are unprepared for them. You can download the report directly <a href=\"https:\/\/resources.malwarebytes.com\/resource\/under-the-radar-the-future-of-undetected-malware\/?utm_source=blog&amp;utm_medium=post&amp;utm_campaign=q4fy19\" target=\"_blank\" rel=\"noopener\">here<\/a>.<\/p>\n<p>Lastly, we discovered <a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2018\/12\/mac-malware-combines-empyre-backdoor-and-xmrig-miner\/\" target=\"_blank\" rel=\"noopener\">a new Mac malware<\/a>, which has the combined the capabilities of the Empyre <a href=\"https:\/\/blog.malwarebytes.com\/glossary\/backdoor\/\" target=\"_blank\" rel=\"noopener\">backdoor<\/a>\u00a0and the XMRig <a href=\"https:\/\/blog.malwarebytes.com\/glossary\/miner\/\" target=\"_blank\" rel=\"noopener\">miner<\/a>, and reported about a new Adobe Flash <a href=\"https:\/\/blog.malwarebytes.com\/glossary\/zero-day\/\" target=\"_blank\" rel=\"noopener\">zero-day<\/a>\u00a0vulnerability that was used <a href=\"https:\/\/blog.malwarebytes.com\/malwarebytes-news\/2018\/12\/new-flash-player-zero-day-used-russian-facility\/\" target=\"_blank\" rel=\"noopener\">against a Russian facility<\/a>\u00a0in a targeted attack campaign.<\/p>\n<h3>Other cybersecurity news:<\/h3>\n<ul>\n<li><a href=\"https:\/\/www.cnbc.com\/2018\/11\/30\/cryptomining-software-could-be-used-to-steal-corporate-secrets.html\" target=\"_blank\" rel=\"noopener\">Mining software isn&#8217;t just for cryptocurrency\u2014it could also be used to steal corporate secrets.<\/a>\u00a0Troy Kent, a researcher at Awake Security, revealed in a conference presentation that cybercriminals are using mining software to steal sensitive corporate data and information. (Source: CNBC)<\/li>\n<li><a href=\"https:\/\/www.zdnet.com\/article\/us-ios-users-targeted-by-massive-malvertising-campaign\/\" target=\"_blank\" rel=\"noopener\">US iOS users targeted by massive malvertising campaign.<\/a>\u00a0ScamClub, a little-known online criminal group, hijacked 300 million browser sessions to redirect visitors to adult sites and gift card scams via malicious code planted inside ads they serve. (Source: ZDNet)<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/making-a-ransomware-payment-it-may-now-violate-us-sanctions\/\" target=\"_blank\" rel=\"noopener\">Making a ransomware payment? It may now violate US sanctions.<\/a>\u00a0Those affected by ransomware in the US have a slimmer chance of getting their data back. The US government began penalizing individuals and organizations for paying ransomware threat actors. (Source: Bleeping Computer)<\/li>\n<li><a href=\"https:\/\/smallbiztrends.com\/2018\/12\/cost-of-a-cyber-attack-small-business.html\" target=\"_blank\" rel=\"noopener\">Small businesses lose $80,000 on average to cybercrime annually, Better Business Bureau says.<\/a>\u00a0In the 2017 State of Cybersecurity Among Small Businesses in North America report, the Better Business Bureau claimed that in 2019, cybercrime will cost the global economy more than $2 trillion. (Source: Small Business Trends)<\/li>\n<li><a href=\"https:\/\/www.zdnet.com\/article\/this-phishing-scam-group-built-a-list-of-50000-execs-to-target\/\" target=\"_blank\" rel=\"noopener\">This phishing scam group built a list of 50,000 execs to target.<\/a>\u00a0Agari discovered a list of 50,000 execs put together by a CEO fraud group they call London Blue. Agari believes the list is a reference for future business email compromise (BEC) attacks. (Source: ZDNet)<\/li>\n<li><a href=\"https:\/\/www.ftc.gov\/news-events\/blogs\/data-spotlight\/2018\/12\/new-twist-grandparent-scam-mail-cash\" target=\"_blank\" rel=\"noopener\">New twist to grandparent scam: mail cash.<\/a>\u00a0In a report, the Federal Trade Commission (FTC) warned users of the growing trend of seniors age 70 and above getting conned for sending money to people pretending to be their grandchild. (Source: The FTC)<\/li>\n<li><a href=\"https:\/\/www.forbes.com\/sites\/thomasbrewster\/2018\/12\/05\/syrian-electronic-army-hackers-are-targeting-android-phones-with-fake-whatsapp-attacks\/\" target=\"_blank\" rel=\"noopener\">Syrian Electronic Army hackers are targeting Android phones with Fake WhatsApp attacks.<\/a>\u00a0The Syrian Electronic Army (SEA) shifted its resources and attention to an Android spyware tool called SilverHawk. SilverHawk is introduced to target devices by pretending to be fake updates of communication apps that protect user privacy, like WhatsApp and Telegram. (Source: Forbes)<\/li>\n<li><a href=\"https:\/\/www.tripwire.com\/state-of-security\/security-data-protection\/malicious-chrome-extension-which-sloppily-spied-on-academics-believed-to-originate-from-north-korea\/\" target=\"_blank\" rel=\"noopener\">Malicious Chrome extension which sloppily spied on academics believed to originate from North Korea.<\/a>\u00a0&#8220;Stolen Pencil.&#8221; This was the name researchers dubbed the hacking campaign that had been targeting academic institutions since mid-2018. The method of the attack itself is uncommon, as it used a malformed Google Chrome extension. (Source: Tripwire&#8217;s The State of Security Blog)<\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/12\/04\/zoom-patches-serious-video-conferencing-bug\/\" target=\"_blank\" rel=\"noopener\">Zoom patches serious video conferencing bug.<\/a>\u00a0Zoom, a popular video conferencing tool for businesses, was found to have a bug that, once exploited, can give attackers the ability to take control of computers participating in a conference call. Zoom already patched the bug. (Source: Sophos&#8217;s Naked Security Blog)<\/li>\n<li><a href=\"https:\/\/www.helpnetsecurity.com\/2018\/12\/06\/social-media-sites-data-risk\/\" target=\"_blank\" rel=\"noopener\">Consumers believe social media sites pose greatest risk to data.<\/a>\u00a0According to a survey conducted by Gemalto, a majority of privacy-conscious Internet users believe that websites, particularly social media sites and bank sites, are not protecting their data adequately. Many of those surveyed also blame businesses for any data breaches and would likely walk away from them and\/or act against them. (Source: Help Net Security)<\/li>\n<\/ul>\n<p>Stay safe!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/12\/week-security-december-3-9\/\">A week in security (December 3 \u2013 9)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/12\/week-security-december-3-9\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 10 Dec 2018 17:32:10 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/2018\/12\/week-security-december-3-9\/' title='A week in security (December 3 \u2013 9)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of last week&#8217;s security news from December 3\u20139, including a new Mac malware, new Flash zero-day vulnerability, new Malwarebytes report focusing on current undetectable malware, and breaches happening left and right.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/\" rel=\"category tag\">Security world<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/0-day-exploit\/\" rel=\"tag\">0-day exploit<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/adobe-flash\/\" rel=\"tag\">adobe flash<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/big-breaches\/\" rel=\"tag\">big breaches<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/dunkin-donuts\/\" rel=\"tag\">Dunkin\u2019 Donuts<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/flash-player-zero-day\/\" rel=\"tag\">Flash Player zero-day<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/humble-bundle\/\" rel=\"tag\">humble bundle<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/mac-malware\/\" rel=\"tag\">mac malware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/marriott\/\" rel=\"tag\">Marriott<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/quora\/\" rel=\"tag\">Quora<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/under-the-radar\/\" rel=\"tag\">under the radar<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/undetectable-malware\/\" rel=\"tag\">undetectable malware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/zero-day\/\" rel=\"tag\">zero day<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/zero-day-exploit\/\" rel=\"tag\">zero day exploit<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/2018\/12\/week-security-december-3-9\/' title='A week in security (December 3 \u2013 9)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/12\/week-security-december-3-9\/\">A week in security (December 3 \u2013 9)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[11016,12052,19129,20366,17394,20350,11976,20307,20367,10497,20361,20389,10498,11023,11524],"class_list":["post-14049","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-0-day-exploit","tag-adobe-flash","tag-big-breaches","tag-dunkin-donuts","tag-flash-player-zero-day","tag-humble-bundle","tag-mac-malware","tag-marriott","tag-quora","tag-security-world","tag-under-the-radar","tag-undetectable-malware","tag-week-in-security","tag-zero-day-exploit","tag-zero-day"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/14049","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=14049"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/14049\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=14049"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=14049"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=14049"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}