{"id":15298,"date":"2019-05-13T09:10:03","date_gmt":"2019-05-13T17:10:03","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/05\/13\/news-9047\/"},"modified":"2019-05-13T09:10:03","modified_gmt":"2019-05-13T17:10:03","slug":"news-9047","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/05\/13\/news-9047\/","title":{"rendered":"A week in security (May 6 &#8211; 12)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 13 May 2019 15:55:43 +0000<\/strong><\/p>\n<p>Last week on Labs, we discussed <a rel=\"noreferrer noopener\" aria-label=\"what to do when you discover a data breach (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/101\/2019\/05\/what-to-do-when-you-discover-a-data-breach\/\" target=\"_blank\">what to do when you discover a data breach<\/a>, <a rel=\"noreferrer noopener\" aria-label=\"how 5G could impact cybersecurity strategy (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/101\/2019\/05\/how-5g-could-impact-cybersecurity-strategy\/\" target=\"_blank\">how 5G could impact cybersecurity strategy<\/a>, <a rel=\"noreferrer noopener\" aria-label=\"the top six takeaways for user privacy (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/101\/2019\/05\/the-top-six-takeaways-for-user-privacy\/\" target=\"_blank\">the top six takeaways for user privacy<\/a>, <a rel=\"noreferrer noopener\" aria-label=\"vulnerabilities in financial mobile apps that put consumers and businesses at risk (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/101\/2019\/05\/vulnerabilities-in-financial-mobile-apps-put-consumers-and-businesses-at-risk\/\" target=\"_blank\">vulnerabilities in financial mobile apps that put consumers and businesses at risk<\/a>, and in our series about vital infrastructure, we highlighted <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2019\/05\/vital-infrastructure-financial-institutions\/\" target=\"_blank\">threats that target financial institutions, fintech, and cryptocurrencies<\/a>. <\/p>\n<h3>Other cybersecurity news <\/h3>\n<ul>\n<li><a rel=\"noreferrer noopener\" aria-label=\"Mozilla (opens in a new tab)\" href=\"https:\/\/developer.mozilla.org\/en-US\/docs\/Mozilla\/Add-ons\/AMO\/Policy\/Reviews-2019-05\" target=\"_blank\">Mozilla<\/a> announced their new add-on policies, which will go into effect June 10, 2019. The emphasis is that add-ons inform users about their intentions, and are not allowed to contain obfuscated code. (Source: Mozilla)<\/li>\n<li>The FBI, working in conjunction with authorities in multiple nations, has arrested several individuals in connection with <a rel=\"noreferrer noopener\" aria-label=\"Deep Dot Web (opens in a new tab)\" href=\"https:\/\/gizmodo.com\/reports-police-bust-deep-dot-web-saying-it-made-milli-1834598572\" target=\"_blank\">Deep Dot Web<\/a>, a website that allegedly profiteered by taking commissions on referral links to dark web markets. (Source: Gizmodo)<\/li>\n<li>An international <a rel=\"noreferrer noopener\" aria-label=\"malvertiser (opens in a new tab)\" href=\"https:\/\/www.justice.gov\/opa\/pr\/international-malvertiser-extradited-netherlands-face-hacking-charges-new-jersey\" target=\"_blank\">malvertiser<\/a> was extradited from the Netherlands to face hacking charges in New Jersey. The defendant conspired to expose millions of web users to malicious advertisements designed to hack and infect victims\u2019 computers with malware. (Source: US Department of Justice)<\/li>\n<li>In an attempt to allow users to block online tracking, <a rel=\"noreferrer noopener\" aria-label=\"Google (opens in a new tab)\" href=\"https:\/\/thehackernews.com\/2019\/05\/chrome-samesite-cookies.html\" target=\"_blank\">Google<\/a> has announced two new features\u2014Improved SameSite Cookies and Fingerprinting Protection\u2014that will be previewed by Google in the Chrome web browser later this year. (Source: The Hacker News)<\/li>\n<li>A slew of high-severity flaws have been disclosed in the <a rel=\"noreferrer noopener\" aria-label=\"PrinterLogic (opens in a new tab)\" href=\"https:\/\/threatpost.com\/printerlogic-remote-code-execution\/144383\/\" target=\"_blank\">PrinterLogic<\/a> printer management service, which could enable a remote attacker to execute code on workstations running the PrinterLogic agent. (Source: ThreatPost)<\/li>\n<li>On Monday, May 6, accounting firm <a rel=\"noreferrer noopener\" aria-label=\"Wolters Kluwer (opens in a new tab)\" href=\"https:\/\/wolterskluwer.com\/company\/newsroom\/news\/2019\/05\/media-statement---network-and-service-interruptions.html\" target=\"_blank\">Wolters Kluwer<\/a> started seeing technical anomalies in a number of their platforms and applications. After investigating, they discovered the installation of malware. As a precaution, they decided to take a broader range of platforms and applications offline. (Source: Wolters Kluwer)<\/li>\n<li>After getting pounded with ransomware and malware for deploying distributed denial-of-service (DDoS) attacks, unpatched <a rel=\"noreferrer noopener\" aria-label=\"Confluence (opens in a new tab)\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/confluence-servers-hacked-to-install-miners-and-rootkits\/\" target=\"_blank\">Confluence<\/a> servers are now compromised to mine for cryptocurrency. (Source: Bleeping Computer)<\/li>\n<li>The FBI is investigating a ransomware attack on <a rel=\"noreferrer noopener\" aria-label=\"Baltimore (opens in a new tab)\" href=\"https:\/\/baltimore.cbslocal.com\/2019\/05\/10\/fbi-investigating-baltimore-city-ransomware-attack\/\" target=\"_blank\">Baltimore<\/a> City\u2019s network that shut down some of the city services. (Source: CBS Baltimore)<\/li>\n<li>The <a rel=\"noreferrer noopener\" aria-label=\"Dharma (opens in a new tab)\" href=\"https:\/\/www.technadu.com\/dharma-ransomware-abuses-eset-go-undetected\/66991\/\" target=\"_blank\">Dharma<\/a> ransomware tries to divert victim\u2019s attention by using an old ESET tool. While the user is dealing with the installation of the ESET Remover, Dharma runs in the background. (Source: TechNadu)<\/li>\n<li>The FBI and Department Homeland Security have jointly issued a new Malware Analysis Report warning of the dangers of <a rel=\"noreferrer noopener\" aria-label=\"ELECTRICFISH (opens in a new tab)\" href=\"https:\/\/www.scmagazine.com\/home\/security-news\/apts-cyberespionage\/u-s-intel-agencies-issue-analysis-of-north-koreas-electricfish-tunneling-tool\/\" target=\"_blank\">ELECTRICFISH<\/a>, a tunneling tool used for traffic funneling and data exfiltration by a North Korea government hacking group. (Source: SCMagazine)<\/li>\n<\/ul>\n<p> Stay safe, everyone! <\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2019\/05\/a-week-in-security-may-6-12\/\">A week in security (May 6 &#8211; 12)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2019\/05\/a-week-in-security-may-6-12\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 13 May 2019 15:55:43 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/2019\/05\/a-week-in-security-may-6-12\/' title='A week in security (May 6 - 12)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of security news from May 6\u201312, including breaches, privacy, financials, takedowns, and new ransomware tactics.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/\" rel=\"category tag\">Security world<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/5g\/\" rel=\"tag\">5G<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/baltimore\/\" rel=\"tag\">baltimore<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/confluence\/\" rel=\"tag\">confluence<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/data-breach\/\" rel=\"tag\">data breach<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/dharma\/\" rel=\"tag\">dharma<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/electricfish\/\" rel=\"tag\">electricfish<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/financial\/\" rel=\"tag\">financial<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/fintech\/\" rel=\"tag\">fintech<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/google\/\" rel=\"tag\">Google<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/mozilla\/\" rel=\"tag\">mozilla<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/privacy\/\" rel=\"tag\">privacy<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/seep-dot-web\/\" rel=\"tag\">seep dot web<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/wolters-kluwer\/\" rel=\"tag\">wolters kluwer<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/2019\/05\/a-week-in-security-may-6-12\/' title='A week in security (May 6 - 12)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2019\/05\/a-week-in-security-may-6-12\/\">A week in security (May 6 &#8211; 12)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[18063,8907,21782,11172,21783,21784,12746,17258,1670,13271,5897,10497,21785,10498,21786],"class_list":["post-15298","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-5g","tag-baltimore","tag-confluence","tag-data-breach","tag-dharma","tag-electricfish","tag-financial","tag-fintech","tag-google","tag-mozilla","tag-privacy","tag-security-world","tag-seep-dot-web","tag-week-in-security","tag-wolters-kluwer"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15298","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=15298"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15298\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=15298"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=15298"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=15298"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}