{"id":14915,"date":"2019-03-25T08:10:07","date_gmt":"2019-03-25T16:10:07","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/03\/25\/news-8664\/"},"modified":"2019-03-25T08:10:07","modified_gmt":"2019-03-25T16:10:07","slug":"news-8664","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/03\/25\/news-8664\/","title":{"rendered":"A week in security (March 18 \u2013 24)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 25 Mar 2019 15:46:38 +0000<\/strong><\/p>\n<p>Last week on Malwarebytes Labs, we touched on <a href=\"https:\/\/blog.malwarebytes.com\/101\/2019\/03\/new-research-finds-hospitals-are-easy-targets-for-phishing-attacks\/\" target=\"_blank\" rel=\"noopener\">the susceptibility of hospitals<\/a> against phishing attacks, <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2019\/03\/hackers-gonna-hack-anymore-not-keep-reusing-passwords\/\" target=\"_blank\" rel=\"noopener\">password reuse<\/a>, the <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2019\/03\/researchers-go-hunting-for-netflixs-bandersnatch\/\" target=\"_blank\" rel=\"noopener\">risk of interactive TV shows<\/a> to side-channel attacks, and Facebook&#8217;s new and out-of-character plan to <a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2019\/03\/facebooks-history-betrays-its-privacy-pivot\/\" target=\"_blank\" rel=\"noopener\">promote privacy<\/a> in the platform.<\/p>\n<h3>Other cybersecurity news<\/h3>\n<ul>\n<li>A study highlighted that <a href=\"https:\/\/www.helpnetsecurity.com\/2019\/03\/18\/distrust-personal-data-protection\/\" target=\"_blank\" rel=\"noopener\">20 percent of Americans<\/a> do not trust anyone with the protection of their data, suffer security fatigue, and want tighter controls over how others handle and protect their personal data. (Source: Help Net Security)<\/li>\n<li>Epic Games found themselves in hot water after <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/epic-promises-to-fix-game-launcher-after-privacy-concerns\/\" target=\"_blank\" rel=\"noopener\">multiple accusations<\/a> of its Epic Games Launcher purportedly scanning and collecting information of Steam users without their consent\u2014a significant privacy red flag. They promised to fix this. (Source: Bleeping Computer)<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/spam-warns-about-boeing-737-max-crashes-while-pushing-malware\/\" target=\"_blank\" rel=\"noopener\">Miscreants used the tragic Boeing 737 Max crash<\/a> to push spam containing a malicious .JAR file. This file installs a RAT called Houdini H-Worm and the Adwind information stealer. (Source: Bleeping Computer)<\/li>\n<li>Meet <a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/03\/19\/child-friendly-search-engines-how-safe-is-kiddle\/\" target=\"_blank\" rel=\"noopener\">Kiddle<\/a>, the child-friendly search engine that is powered by Google Safe Search but revealed that it&#8217;s not affiliated with Google. (Source: Sophos&#8217; Naked Security Blog)<\/li>\n<li><a href=\"https:\/\/www.imperva.com\/blog\/now-patched-google-photos-vulnerability-let-hackers-track-your-friends-and-location-history\/\" target=\"_blank\" rel=\"noopener\">A Google Photos vulnerability<\/a>\u00a0could have allowed hackers to track when, where, and with whom photos were taken. Good news: It&#8217;s now patched. (Source: Imperva Blog)<\/li>\n<li>Formjacking, the stealing of information entered in forms, <a href=\"https:\/\/www.itworldcanada.com\/article\/beware-of-rise-of-formjacking-says-symantec\/416064\" target=\"_blank\" rel=\"noopener\">is on the rise<\/a>. And companies should focus on it. (Source: IT World Canada)<\/li>\n<li>Business email compromise (BEC)\u2014or at least its core methodology\u2014<a href=\"https:\/\/www.agari.com\/email-security-blog\/bec-goes-mobile\/\" target=\"_blank\" rel=\"noopener\">began moving from email to SMS<\/a>. (Source: Agari Blog)<\/li>\n<li>A malicious spam campaign pretending to originate from the Center for Disease Control and Prevention (CDC) contained news about a new flu pandemic. <a href=\"https:\/\/myonlinesecurity.co.uk\/fake-cdc-flu-pandemic-warning-delivers-gandcrab-5-2-ransomware\/\" target=\"_blank\" rel=\"noopener\">It also contained a GandCrab attachment<\/a>. (Source: My Online Security)<\/li>\n<li>Millions of users downloaded <a href=\"https:\/\/www.scmagazine.com\/home\/security-news\/malware\/a-compromised-iphone-app-was-found-to-be-using-malware-to-infect-users-by-calling-22-known-malicious-domains\/\" target=\"_blank\" rel=\"noopener\">a compromised iPhone app<\/a> that called to nearly two dozen malicious servers to serve malvertising to devices. (Source: SC Magazine)<\/li>\n<li>Learn4Life, a recovery program for at-risk teens, is <a href=\"https:\/\/www.prnewswire.com\/news-releases\/teens-learn-to-battle-cyber-threats-300816833.html\" target=\"_blank\" rel=\"noopener\">teaching students about network security<\/a>\u2014something they wouldn&#8217;t likely learn from traditional high school. (Source PR Newswire)<\/li>\n<\/ul>\n<p>Stay safe, everyone!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2019\/03\/week-security-march-18-24\/\">A week in security (March 18 \u2013 24)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2019\/03\/week-security-march-18-24\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 25 Mar 2019 15:46:38 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/2019\/03\/week-security-march-18-24\/' title='A week in security (March 18 \u2013 24)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of cybersecurity news from March 18\u201324, including Facebook&#8217;s privacy pivot, password reuse, new research on hospital phishing attacks, infected iPhone apps, and more.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/\" rel=\"category tag\">Security world<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/bandersnatch\/\" rel=\"tag\">bandersnatch<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/bec-cdc-spam\/\" rel=\"tag\">bec. cdc spam<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/business-email-compromise\/\" rel=\"tag\">Business Email Compromise<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/center-for-disease-control-and-prevention\/\" rel=\"tag\">center for disease control and prevention<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cybersecurity\/\" rel=\"tag\">cybersecurity<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/education\/\" rel=\"tag\">education<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/epic-games\/\" rel=\"tag\">epic games<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/facebook\/\" rel=\"tag\">facebook<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/formjacking\/\" rel=\"tag\">formjacking<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/gandcrab\/\" rel=\"tag\">gandcrab<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/google-photos\/\" rel=\"tag\">google photos<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/iphone\/\" rel=\"tag\">iPhone<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/kiddle\/\" rel=\"tag\">kiddle<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/learn4life\/\" rel=\"tag\">learn4life<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/malicious-app\/\" rel=\"tag\">malicious app<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/netflix\/\" rel=\"tag\">netflix<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/network-security\/\" rel=\"tag\">network security<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/password-reuse\/\" rel=\"tag\">Password reuse<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/phishing\/\" rel=\"tag\">phishing<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/privacy\/\" rel=\"tag\">privacy<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/security-fatigue\/\" rel=\"tag\">security fatigue<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/steam\/\" rel=\"tag\">steam<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/vulnerabilities\/\" rel=\"tag\">vulnerabilities<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/2019\/03\/week-security-march-18-24\/' title='A week in security (March 18 \u2013 24)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2019\/03\/week-security-march-18-24\/\">A week in security (March 18 \u2013 24)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[21344,21364,11140,21365,4500,253,15965,3589,20043,17363,21366,8826,21367,21368,21369,3287,11074,20665,3924,5897,12082,10497,11227,10752,10498],"class_list":["post-14915","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-bandersnatch","tag-bec-cdc-spam","tag-business-email-compromise","tag-center-for-disease-control-and-prevention","tag-cybersecurity","tag-education","tag-epic-games","tag-facebook","tag-formjacking","tag-gandcrab","tag-google-photos","tag-iphone","tag-kiddle","tag-learn4life","tag-malicious-app","tag-netflix","tag-network-security","tag-password-reuse","tag-phishing","tag-privacy","tag-security-fatigue","tag-security-world","tag-steam","tag-vulnerabilities","tag-week-in-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/14915","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=14915"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/14915\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=14915"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=14915"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=14915"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}