{"id":14307,"date":"2019-01-14T09:10:18","date_gmt":"2019-01-14T17:10:18","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/01\/14\/news-8059\/"},"modified":"2019-01-14T09:10:18","modified_gmt":"2019-01-14T17:10:18","slug":"news-8059","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/01\/14\/news-8059\/","title":{"rendered":"A week in security (January 7 \u2013 13)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 14 Jan 2019 16:45:37 +0000<\/strong><\/p>\n<p>Last week on the Malwarebytes Labs blog, we took a look at the Ryuk ransomware attack <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/malware\/2019\/01\/ryuk-ransomware-attacks-businesses-over-the-holidays\/\" target=\"_blank\" rel=\"noopener\">causing trouble<\/a> over the holidays, as well as a\u00a0<a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2019\/01\/luas-data-ransom-the-hacker-who-cried-wolf\/\" target=\"_blank\" rel=\"noopener\">ransom threat<\/a> for an Irish transportation company. We explored the realm of <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2019\/01\/social-security-number-scammers-are-at-it-again\/\" target=\"_blank\" rel=\"noopener\">SSN scams<\/a>, and looked at what happens when an <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2019\/01\/early-warning-network-compromised\/\" target=\"_blank\" rel=\"noopener\">early warning system<\/a> is attacked.<\/p>\n<h3>Other cybersecurity news<\/h3>\n<ul>\n<li>Password reuse problems. Multiple Reddit accounts reported <a href=\"https:\/\/www.theregister.co.uk\/2019\/01\/10\/reddit_password_reset\/\" target=\"_blank\" rel=\"noopener\">being locked out<\/a> after site admins blamed \u201cpassword reuse\u201d for the issue. (Source: The Register)<\/li>\n<li>85 rogue apps pulled from Play Store. Sadly, not before some <a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/adware-disguised-as-game-tv-remote-control-apps-infect-9-million-google-play-users\/\" target=\"_blank\" rel=\"noopener\">9 million downloads<\/a> had already taken place. (Source: Trend Micro)<\/li>\n<li>Home router risk. It seems many home routers aren\u2019t doing enough in the <a href=\"https:\/\/www.helpnetsecurity.com\/2019\/01\/07\/home-routers-software-security\/\" target=\"_blank\" rel=\"noopener\">fight against hackers<\/a>. (Source: Help Net Security)<\/li>\n<li>Deletion not allowed. Some people <a href=\"https:\/\/www.bloomberg.com\/news\/articles\/2019-01-08\/samsung-phone-users-get-a-shock-they-can-t-delete-facebook\" target=\"_blank\" rel=\"noopener\">aren\u2019t happy<\/a> they can\u2019t remove Facebook from their Samsung phones. (Source: Bloomberg)<\/li>\n<li>Takedown: How a <a href=\"https:\/\/eu.usatoday.com\/story\/news\/nation\/2019\/01\/09\/colombian-tech-expert-cristian-rodriguez-joaquin-el-chapo-guzman\/2526105002\/\" target=\"_blank\" rel=\"noopener\">system admin<\/a> brought down the notorious \u201cEl Chapo.\u201d (Source: USA Today)<\/li>\n<li>2FA under fire.<span class=\"Apple-converted-space\">\u00a0<\/span>A new <a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/01\/11\/2fa-codes-can-be-phished-by-new-pentest-tool\/\" target=\"_blank\" rel=\"noopener\">pentest tool called Mantis<\/a> can be used to assist in the phishing of OTP (one time password) codes. (Source: Naked Security)<span class=\"Apple-converted-space\">\u00a0<\/span><\/li>\n<li>Facebook falls foul of new security laws in Vietnam. New rules have brought a <a href=\"https:\/\/vietnamnews.vn\/society\/483437\/mic-announces-facebooks-violations-in-viet-nam.html#uSDVK2c4v7wPwlhf.97\" target=\"_blank\" rel=\"noopener\">spot of bother<\/a> for Facebook, accused of not removing certain types of content and handing over data related to \u201cfraudulent accounts.\u201d (source: Vietnam News)<\/li>\n<li>Trading site has leak issue. A user on the newly set up trading platform was able to grab a lot of <a href=\"https:\/\/arstechnica.com\/information-technology\/2019\/01\/hot-new-trading-site-leaked-oodles-of-user-data-including-login-tokens\/\" target=\"_blank\" rel=\"noopener\">potentially problematic snippets<\/a>, including authentication tokens and password reset links. (source: Ars Technica)<\/li>\n<li>Local risk to card details. A researcher discovered payment info was being <a href=\"https:\/\/hackerone.com\/reports\/411620\" target=\"_blank\" rel=\"noopener\">stored locally<\/a> on machines, potentially exposing them to anyone with physical access. (Source: Hacker One)<span class=\"Apple-converted-space\">\u00a0<\/span><\/li>\n<li>Facebook exec swatted. The dangerous \u201cgag\u201d of sending armed law enforcement to an address ends up causing problems for a \u201ccybersecurity executive,\u201d after <a href=\"https:\/\/padailypost.com\/2019\/01\/08\/police-get-report-of-a-shooting-only-to-find-out-it-was-a-prank\/\" target=\"_blank\" rel=\"noopener\">bogus calls<\/a> claimed they had \u201cpipe bombs all over the place.\u201d (source: PA Daily post)<\/li>\n<\/ul>\n<p>Stay safe, everyone!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2019\/01\/week-security-january-7-13\/\">A week in security (January 7 \u2013 13)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2019\/01\/week-security-january-7-13\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 14 Jan 2019 16:45:37 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2019\/01\/week-security-january-7-13\/' title='A week in security (January 7 \u2013 13)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of last week&#8217;s security news from January 7 to 13, including breaches, takedowns, bug fixes, and social media issues.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/\" rel=\"category tag\">Security world<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/2fa\/\" rel=\"tag\">2fa<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/android\/\" rel=\"tag\">Android<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ars-technica\/\" rel=\"tag\">Ars Technica<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/bloomberg\/\" rel=\"tag\">Bloomberg<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/data-security\/\" rel=\"tag\">data security<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/deletion\/\" rel=\"tag\">Deletion<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/facebook\/\" rel=\"tag\">facebook<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/hacker-one\/\" rel=\"tag\">Hacker One<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/hackers\/\" rel=\"tag\">hackers<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/help-net-security\/\" rel=\"tag\">Help Net Security<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/naked-security\/\" rel=\"tag\">Naked Security<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/pa-daily-post\/\" rel=\"tag\">PA Daily post<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/password-reuse\/\" rel=\"tag\">Password reuse<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/passwords\/\" rel=\"tag\">passwords<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/pentest\/\" rel=\"tag\">pentest<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ransom\/\" rel=\"tag\">ransom<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ransomware\/\" rel=\"tag\">ransomware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/rogue-apps\/\" rel=\"tag\">rogue apps<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ryuk\/\" rel=\"tag\">ryuk<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ryuk-ransomware\/\" rel=\"tag\">Ryuk ransomware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/trend-micro\/\" rel=\"tag\">Trend Micro<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/usa-today\/\" rel=\"tag\">USA Today<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/vietnam\/\" rel=\"tag\">Vietnam<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/vietnam-news\/\" rel=\"tag\">Vietnam News<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2019\/01\/week-security-january-7-13\/' title='A week in security (January 7 \u2013 13)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2019\/01\/week-security-january-7-13\/\">A week in security (January 7 \u2013 13)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[10598,10462,11203,11555,11069,20660,3589,20661,6272,20662,20663,20664,20665,10602,19255,18276,3765,20666,19317,20562,10497,20667,20668,5946,20669,10498],"class_list":["post-14307","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-2fa","tag-android","tag-ars-technica","tag-bloomberg","tag-data-security","tag-deletion","tag-facebook","tag-hacker-one","tag-hackers","tag-help-net-security","tag-naked-security","tag-pa-daily-post","tag-password-reuse","tag-passwords","tag-pentest","tag-ransom","tag-ransomware","tag-rogue-apps","tag-ryuk","tag-ryuk-ransomware","tag-security-world","tag-trend-micro","tag-usa-today","tag-vietnam","tag-vietnam-news","tag-week-in-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/14307","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=14307"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/14307\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=14307"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=14307"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=14307"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}