{"id":15440,"date":"2019-05-31T06:00:02","date_gmt":"2019-05-31T14:00:02","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/05\/31\/news-9189\/"},"modified":"2019-05-31T06:00:02","modified_gmt":"2019-05-31T14:00:02","slug":"news-9189","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/05\/31\/news-9189\/","title":{"rendered":"This Week in Security News: Trickbots and Infected Containers"},"content":{"rendered":"

Credit to Author: Jon Clay (Global Threat Communications)| Date: Fri, 31 May 2019 13:05:27 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn how a Trickbot attacked a school district\u2019s networks and how infected cryptocurrency-mining containers target docker hosts with exposed APIs.<\/p>\n

Read on:<\/p>\n

Trickbot Attack Forces Ohio School District to Cancel Classes<\/a><\/strong><\/p>\n

A school district in Ohio suspended classes on Monday, May 20, because of a Trickbot attack on its network and computers.<\/em><\/p>\n

 <\/p>\n

The IoT Attack Surface: Threats and Security Solutions<\/a><\/strong><\/p>\n

Part of adopting the IoT is anticipating what else the technology brings to the environments it is being applied to \u2014 not least of which are security concerns that can give rise to successful attacks on IoT systems and devices.<\/em><\/p>\n

Hacker Has Designs on Canva Data, Steals Info Belonging to 139M Users<\/a><\/strong><\/p>\n

The graphic design website Canva was hacked in a data theft incident, which exposed usernames, email addresses, encrypted passwords, customer names and more. <\/em><\/p>\n

CVE-2019-0725: An Analysis of Its Exploitability<\/a><\/strong><\/p>\n

A remote code execution vulnerability from May\u2019s Patch Tuesday is particularly hard to ignore: CVE-2019-0725, an RCE vulnerability in Windows Dynamic Host Configuration Protocol (DHCP) Server<\/em>, which <\/em>doesn\u2019t require user interaction and affects all versions of Windows Server<\/em>.<\/em><\/p>\n

New Mirai Variant Uses Multiple Exploits to Target Routers and Other Devices<\/a><\/strong><\/p>\n

Trend Micro discovered a new variant of Mirai that uses a total of 13 different exploits in a single campaign – the first Mirai variant to do so – and has backdoor and distributed denial-of-service (DDoS) capabilities. <\/em><\/p>\n

First American Hit with Class Action Lawsuit Over Massive Data Exposure<\/a><\/strong><\/p>\n

Insurance giant First American Financial is facing a class action lawsuit for negligence after it left more than 885 million sensitive documents dating as far back as 2003<\/em> exposed online.\u00a0 <\/em><\/p>\n

CVE-2019-11815: A Cautionary Tale About CVSS Scores<\/a><\/strong><\/p>\n

At first glance, the details for Linux kernel vulnerability CVE-2019-11815\u2019s score from CVSS seem like a worst-case scenario but assessing a vulnerability\u2019s potential impact goes beyond the attack vector, privileges, and CIA impact of the base score.<\/em><\/p>\n

Flipboard Says Hackers Stole User Details<\/a><\/strong><\/p>\n

Flipboard, a news aggregator service and mobile news app, has started notifying users of a security incident during which hackers had access to internal systems for more than nine months.<\/em><\/p>\n

Infected Cryptocurrency-Mining Containers Target Docker Hosts With Exposed APIs, Use Shodan to Find Additional Victims<\/a><\/strong><\/p>\n

By analyzing the logs and traffic data coming to and from a honeypot, Trend Micro found a container that came from a public and accessible Docker Hub repository named zoolu2 that contained images with the binary of a Monero cryptocurrency miner.<\/em><\/p>\n

Nearly 1 Million Systems Affected By ‘Wormable’ BlueKeep Vulnerability (CVE-2019-0708)<\/a><\/strong><\/p>\n

Almost a million systems are reportedly vulnerable to BlueKeep, a critical vulnerability in remote desktop services, but Microsoft\u2019s Patch Tuesday for May already rolled out patches for BlueKeep and security advisories were released to help users address the vulnerability. <\/em><\/p>\n

Under GDPR, UK Data Breach Reports Quadruple<\/a><\/strong><\/p>\n

The United Kingdom has seen the number of data breach notifications more than quadruple since Europe’s GDPR privacy law went into full force a result of\u00a0mandatory reporting<\/a>\u00a0driving better visibility<\/em><\/p>\n

Where you surprised that a Trickbot attack could cause school districts to cancel classes? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.<\/a><\/p>\n

The post This Week in Security News: Trickbots and Infected Containers<\/a> appeared first on <\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Jon Clay (Global Threat Communications)| Date: Fri, 31 May 2019 13:05:27 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn how a Trickbot attacked a school district\u2019s networks and how infected cryptocurrency-mining containers target docker hosts with exposed APIs. Read on: Trickbot Attack Forces Ohio School…<\/p>\n

The post This Week in Security News: Trickbots and Infected Containers<\/a> appeared first on <\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[10422,714],"class_list":["post-15440","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-current-news","tag-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15440","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=15440"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15440\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=15440"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=15440"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=15440"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}