{"id":14625,"date":"2019-02-18T09:10:28","date_gmt":"2019-02-18T17:10:28","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/02\/18\/news-8374\/"},"modified":"2019-02-18T09:10:28","modified_gmt":"2019-02-18T17:10:28","slug":"news-8374","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/02\/18\/news-8374\/","title":{"rendered":"A week in security (February 11 &#8211; 17)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 18 Feb 2019 16:30:22 +0000<\/strong><\/p>\n<p>Last week on Malwarebytes Labs we discussed the <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2019\/02\/sextortion-bitcoin-scam-makes-unwelcome-return\/\" target=\"_blank\" rel=\"noopener\">return of the Sextortion Bitcoin scams<\/a>, we gave you an early overview of the <a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2019\/02\/exploit-kits-winter-2019-review\/\" target=\"_blank\" rel=\"noopener\">exploit kits in the winter of 2019<\/a>, we talked about the destruction of <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2019\/02\/hacker-destroys-vfemail-service-wipes-backups\/\" target=\"_blank\" rel=\"noopener\">VFEmail service<\/a>, for consumers we discussed whether <a href=\"https:\/\/blog.malwarebytes.com\/101\/2019\/02\/delete-social-media\/\" target=\"_blank\" rel=\"noopener\">you should remove yourself from social media<\/a>, for businesses we discussed the<a href=\"https:\/\/blog.malwarebytes.com\/101\/2019\/02\/business-anti-phishing\/\" target=\"_blank\" rel=\"noopener\"> implementation of an anti-phishing plan<\/a>, and the concept of <a href=\"https:\/\/blog.malwarebytes.com\/security-world\/business-security-world\/2019\/02\/tackling-the-shortage-in-skilled-it-staff-whole-team-security\/\" target=\"_blank\" rel=\"noopener\">whole team security to relieve overworked IT departments<\/a>.<\/p>\n<ul>\n<li>Security researchers have found that <a href=\"https:\/\/www.theregister.co.uk\/2019\/02\/12\/intel_sgx_hacked\/\" target=\"_blank\" rel=\"noopener\">Intel&#8217;s Software Guard Extensions (SGX)<\/a> don&#8217;t live up to their name. In fact they can be used to hide pieces of malware that silently masquerade as normal applications. (Source: The Register)<\/li>\n<li>A targeted phishing campaign is underway that states your email has been blacklisted and then asks you to confirm it by entering your credentials. For some reason, this campaign is using phishing <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/weird-phishing-campaign-uses-links-with-almost-1-000-characters\/\" target=\"_blank\" rel=\"noopener\">links that can contain almost 1,000 characters<\/a>. (Source: BleepingComputer)<\/li>\n<li>Malicious actors have been hacking WordPress websites by exploiting vulnerabilities in a fairly popular plugin called WP Cost Estimation &amp; Payment Forms Builder.\u00a0Developed by Loopus, the\u00a0<a href=\"https:\/\/www.securityweek.com\/hackers-target-wordpress-sites-wp-cost-estimation-plugin\" target=\"_blank\" rel=\"noopener\">plugin<\/a>\u00a0allows WordPress website administrators to create cost calculators and payment forms. (Source: SecurityWeek)<\/li>\n<li>The <a href=\"https:\/\/blog.malwarebytes.com\/detections\/trojan-emotet\/\" target=\"_blank\" rel=\"noopener\">Emotet Trojan<\/a>, a thorn in the side of financial institutions and your average individual alike, is back with <a href=\"https:\/\/www.zdnet.com\/article\/emotet-trojan-tweaks-tactics-in-fresh-attack-wave\/\" target=\"_blank\" rel=\"noopener\">new techniques<\/a> and an upsurge in attacks.\u00a0In recent campaigns malicious documents containing Emotet are being distributed via URLs hosted on threat actor-owned infrastructure as well as traditional spam email attachments. (Source: ZDNet)<\/li>\n<li>In the weeks leading up to Valentine&#8217;s Day 2019, researchers notice a <a href=\"https:\/\/www.darkreading.com\/threat-intelligence\/valentines-emails-laced-with-gandcrab-ransomware\/d\/d-id\/1333883\" target=\"_blank\" rel=\"noopener\">new form of Gandcrab<\/a> appearing in romance-themed emails.\u00a0Hackers love the holidays, and Valentine&#8217;s Day is no exception. (Source: DarkReading)<\/li>\n<li>New research published by the International Computer Science Institute in California suggests that at least 17,000 Android applications are creating <a href=\"https:\/\/www.zdnet.com\/article\/thousands-of-apps-bypass-android-privacy-protections-to-permanently-record-your-activities\/\" target=\"_blank\" rel=\"noopener\">permanent records<\/a> of your online activity for advertising purposes even when you ask for such information to be forgotten. (Source: ZDNet)<\/li>\n<li>Microsoft booted <a href=\"https:\/\/threatpost.com\/eight-cryptojacking-apps-booted-from-microsoft-store\/141896\/\" target=\"_blank\" rel=\"noopener\">eight malicious apps<\/a> from its official desktop and mobile app store after researchers found the programs surreptitiously mined for Monero cryptocurrency. All these apps were likely developed by the same person or group. (Source: ThreatPost)<\/li>\n<li>A new phishing attack bent on <a href=\"https:\/\/threatpost.com\/sneaky-phishing-scam-facebook\/141869\/\" target=\"_blank\" rel=\"noopener\">stealing Facebook credentials<\/a> has been spotted \u2013 and it\u2019s turning researchers\u2019 heads due to how well it hides its malicious intent.\u00a0The status bar, navigation bar, shadows and content were perfectly reproduced to look exactly like a legitimate login prompt. (Source: ThreatPost)<\/li>\n<li><a href=\"https:\/\/www.wired.com\/story\/jeff-bezos-sextortion-allegation\/\" target=\"_blank\" rel=\"noopener\">Jeff Bezos<\/a> became the most famous and powerful person to claim to be a victim of sextortion, the term often used to describe the otherwise underreported cases of extortion using intimate or sexually explicit photographs or videos. (Source: Wired)<\/li>\n<li>Malta\u2019s leading bank resumes operations after cyberheist-induced shutdown. The\u00a0<a href=\"https:\/\/www.welivesecurity.com\/2019\/02\/15\/maltas-leading-bank-resumes-operations-cyberheist-induced-shutdown\/\" target=\"_blank\" rel=\"noopener\">Bank of Valetta<\/a>, which went dark for a day after the fraudulent transfers of \u20ac13 million, is now looking to get the money back. (Source: WeLiveSecurity)<\/li>\n<\/ul>\n<p>Stay safe, everyone!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2019\/02\/week-security-february-11-17\/\">A week in security (February 11 &#8211; 17)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2019\/02\/week-security-february-11-17\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 18 Feb 2019 16:30:22 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/2019\/02\/week-security-february-11-17\/' title='A week in security (February 11 - 17)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of security news from February 11-17 covering sextortion, Facebook phishing, Emotet, exploit kits, whole team security, anti-phishing plan, and lots more.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/\" rel=\"category tag\">Security world<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/anti-phishing-plan\/\" rel=\"tag\">anti-phishing-plan<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/bank-of-valetta\/\" rel=\"tag\">bank of valetta<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/emotet\/\" rel=\"tag\">emotet<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/exploit-kits\/\" rel=\"tag\">exploit kits<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/sextortion\/\" rel=\"tag\">sextortion<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/sgx\/\" rel=\"tag\">sgx<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/vfemail\/\" rel=\"tag\">VFEmail<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/whole-team-security\/\" rel=\"tag\">whole team security<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/wordpress-plugin\/\" rel=\"tag\">wordpress plugin<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/2019\/02\/week-security-february-11-17\/' title='A week in security (February 11 - 17)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2019\/02\/week-security-february-11-17\/\">A week in security (February 11 &#8211; 17)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[20959,20960,15715,10528,10497,18952,20961,20899,10498,20962,20963],"class_list":["post-14625","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-anti-phishing-plan","tag-bank-of-valetta","tag-emotet","tag-exploit-kits","tag-security-world","tag-sextortion","tag-sgx","tag-vfemail","tag-week-in-security","tag-whole-team-security","tag-wordpress-plugin"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/14625","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=14625"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/14625\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=14625"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=14625"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=14625"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}