{"id":15208,"date":"2019-04-29T08:10:07","date_gmt":"2019-04-29T16:10:07","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2019\/04\/29\/news-8957\/"},"modified":"2019-04-29T08:10:07","modified_gmt":"2019-04-29T16:10:07","slug":"news-8957","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/04\/29\/news-8957\/","title":{"rendered":"A week in security (April 22 \u2013 28)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 29 Apr 2019 15:31:03 +0000<\/strong><\/p>\n<p>Last week on Labs, we looked at <a href=\"https:\/\/blog.malwarebytes.com\/101\/2019\/04\/of-hoodies-and-headphones-a-spotlight-on-risks-surrounding-audio-output-devices\/\" target=\"_blank\" rel=\"noopener noreferrer\">security threats to headphones<\/a>, <a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2019\/04\/consumers-have-few-legal-options-for-protecting-privacy\/\" target=\"_blank\" rel=\"noopener noreferrer\">privacy options<\/a> in the world of law, and wandered through the FBI\u2019s 2018 IC3 <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2019\/04\/a-look-inside-the-fbis-2018-ic3-online-crime-report\/\" target=\"_blank\" rel=\"noopener noreferrer\">online crime report<\/a>. We also explored another <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2019\/04\/github-hosted-magecart-skimmer-used-against-hundreds-of-e-commerce-sites\/\" target=\"_blank\" rel=\"noopener noreferrer\">MageCart attack<\/a>, and we released our <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2019\/04\/labs-cybercrime-tactics-and-techniques-report-finds-businesses-hit-with-235-percent-more-threats-in-q1\/\" target=\"_blank\" rel=\"noopener noreferrer\">2019 Q1 Crime Tactics and Techniques report<\/a>.<\/p>\n<h3 id=\"mce_22\" class=\"editor-rich-text__tinymce mce-content-body\" role=\"textbox\" aria-label=\"Write heading\u2026\" data-is-placeholder-visible=\"false\">Other cybersecurity news<\/h3>\n<ul>\n<li>Fooling automated surveillance cameras: Bypassing neural network frameworks with <a href=\"https:\/\/arxiv.org\/pdf\/1904.08653.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">colourful abstract signs<\/a>. Well, rectangles, to be more accurate. (Source: Arvix)<\/li>\n<li>VPN traffic raises concerns: Users of NordVPN <a href=\"https:\/\/www.theregister.co.uk\/2019\/04\/26\/nordvpn_strange_traffic_domains\/\" target=\"_blank\" rel=\"noopener noreferrer\">query traffic<\/a> they consider to be unusual related to the popular app. (Source: The Register)<\/li>\n<li>Who keeps your data safe? People think <a href=\"https:\/\/www.helpnetsecurity.com\/2019\/04\/26\/consumers-trust-banks-most-with-their-personal-data\/\" target=\"_blank\" rel=\"noopener noreferrer\">banks are best<\/a>, but a majority still fear identity theft. (Source: Help Net Security)<span class=\"Apple-converted-space\">\u00a0<\/span><\/li>\n<li>Microsoft abandons password expiration for Windows 10: MS joins the growing trend for not finding a huge amount of value in <a href=\"https:\/\/blogs.technet.microsoft.com\/secguide\/2019\/04\/24\/security-baseline-draft-for-windows-10-v1903-and-windows-server-v1903\/\" target=\"_blank\" rel=\"noopener noreferrer\">needless password changes<\/a>. (Source: Microsoft)<\/li>\n<li>Biometrics take a hit in Danish passports: A glitch is responsible for switching <a href=\"http:\/\/cphpost.dk\/news\/fingerprint-errors-found-in-over-200000-danish-passports.html\" target=\"_blank\" rel=\"noopener noreferrer\">left and right hand prints<\/a> tied to up to a quarter of a million travel documents. (Source: Copenhagen Post)<\/li>\n<li>A primer to credential stuffing: a nice summary of what, exactly, is involved with <a href=\"https:\/\/www.zdnet.com\/article\/an-inside-look-at-how-credential-stuffing-operations-work\/\" target=\"_blank\" rel=\"noopener noreferrer\">this most common of bad Internet practices<\/a>. (Source: ZDNET)<\/li>\n<li>Cryptominer targets enterprise, ignores consumers: Beapy almost exclusively <a href=\"https:\/\/www.scmagazine.com\/home\/security-news\/new-cryptomining-worm-beapy-targets-asian-enterprises-while-ignoring-consumers\/\" target=\"_blank\" rel=\"noopener noreferrer\">targets businesses in Asia<\/a>, letting consumers temporarily off the hook. (Source: SCMag)<\/li>\n<li>Fake social: As bogus social media profiles continue to spread, can end-users <a href=\"https:\/\/www.infosecurity-magazine.com\/news\/fake-social-accounts-multiply-can-1\/\" target=\"_blank\" rel=\"noopener noreferrer\">tell the difference<\/a>? (Source: Infosecurity Magazine)<\/li>\n<li>Emotet variant up to no good: compromised devices are being turned into proxy command and control servers, in an effort to make the attack <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/emotet-uses-compromised-devices-as-proxy-command-servers\/\" target=\"_blank\" rel=\"noopener noreferrer\">slightly less overt<\/a>. (Source: Bleeping Computer)<\/li>\n<li>Avoiding Apple ID phish attacks: They sometimes feel like they\u2019re everywhere, and occasionally look quite convincing. Learn how to <a href=\"https:\/\/heimdalsecurity.com\/blog\/apple-id-phishing-scams\/\" target=\"_blank\" rel=\"noopener noreferrer\">spot the signs of a scam<\/a>. (Source: Heimdal Security)<\/li>\n<\/ul>\n<p>Stay safe, everyone!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2019\/04\/a-week-in-security-april-22-28\/\">A week in security (April 22 \u2013 28)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2019\/04\/a-week-in-security-april-22-28\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 29 Apr 2019 15:31:03 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/2019\/04\/a-week-in-security-april-22-28\/' title='A week in security (April 22 \u2013 28)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of security news from April 22\u201328, covering phishing, CCTV evasion, VPNs, and keeping data safe.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/\" rel=\"category tag\">Security world<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/apple\/\" rel=\"tag\">Apple<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cryptominer\/\" rel=\"tag\">cryptominer<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/emotet\/\" rel=\"tag\">emotet<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/malware\/\" rel=\"tag\">malware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/phishing\/\" rel=\"tag\">phishing<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/week-in-security\/\" rel=\"tag\">week in security<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/2019\/04\/a-week-in-security-april-22-28\/' title='A week in security (April 22 \u2013 28)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2019\/04\/a-week-in-security-april-22-28\/\">A week in security (April 22 \u2013 28)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[2211,15079,15715,3764,3924,10497,10498],"class_list":["post-15208","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-apple","tag-cryptominer","tag-emotet","tag-malware","tag-phishing","tag-security-world","tag-week-in-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15208","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=15208"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15208\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=15208"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=15208"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=15208"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}