{"id":15575,"date":"2019-06-14T06:00:04","date_gmt":"2019-06-14T14:00:04","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/06\/14\/news-9324\/"},"modified":"2019-06-14T06:00:04","modified_gmt":"2019-06-14T14:00:04","slug":"news-9324","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/06\/14\/news-9324\/","title":{"rendered":"This Week in Security News: Spam Campaigns and Cryptocurrency Miners"},"content":{"rendered":"

Credit to Author: Jon Clay (Global Threat Communications)| Date: Fri, 14 Jun 2019 13:25:23 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about advanced targeted attack tools being used to distribute cryptocurrency miners as well as a spam campaign targeting European users.<\/p>\n

Read on:<\/p>\n

Advanced Targeted Attack Tools Found Being Used to Distribute Cryptocurrency Miners<\/a>
<\/strong>Regular cybercriminals appear to be taking a page from targeted attack actors\u2019 playbooks \u2014 or rather, toolkits \u2014 to maximize their profits from illicit activities like cryptojacking.<\/em><\/p>\n

Congress to Take Another Stab at ‘Hack Back’ Legislation<\/a>
<\/strong>Rep. Tom Graves, R-Ga., is reintroducing a bill that would allow companies to go outside of their own networks to identify their attackers and possibly disrupt their activities.<\/em><\/p>\n

Spam Campaign Targets European Users with Microsoft Office Vulnerability (CVE-2017-11882)<\/a>
<\/strong>An active Microsoft Office and WordPad spam campaign is targeting European users, using languages such as Romanian and files that allow attackers to exploit the CVE-2017-11882 vulnerability.<\/em><\/p>\n

License Plates, Photos, Passwords and More Stolen in Two Separate Breaches<\/a>
<\/strong>Two major breaches, one at US Customs and Border Protection and another with a retro gaming site Emuparadise, highlight the need for effective data protection. <\/em><\/p>\n

Major HSM Vulnerabilities Impact Banks, Cloud Providers, Governments<\/a>
<\/strong>Two security researchers have recently revealed vulnerabilities that can be exploited remotely to retrieve sensitive data stored inside special computer components known as HSMs (Hardware Security Modules).<\/em><\/p>\n

Data Breach Disclosed by Online Invitation Firm Evite<\/a>
<\/strong>Online invitation and stationary company Evite notified customers of a data breach that stemmed from an inactive data storage file associated with user accounts.<\/em><\/p>\n

June\u2019s Patch Tuesday Fixes 88 Security Flaws, Including SandboxEscaper\u2019s Zero Days, HoloLens<\/a>
<\/strong>Microsoft\u2019s June Patch Tuesday announced the release of 88 vulnerability patches in this month\u2019s security bulletin, as well as four advisories and one servicing stack update.<\/em><\/p>\n

Have I Been Pwned Is Looking for a New Owner<\/a>
<\/strong>Owner Troy Hunt revealed he\u2019s looking for an acquirer for the breach notification service he set up called \u201cHave I Been Pwned\u201d. Traffic to the site has exploded since January when he uploaded a 773 million record list of breached emails and passwords that could be used for automated unauthorized logins.<\/em><\/p>\n

Shifting Tactics: Breaking Down TA505 Group\u2019s Use of HTML, RATs and Other Techniques in Latest Campaigns<\/a>
<\/strong>In their latest campaign, cybercriminal group TA505 used HTML attachments to deliver malicious .XLS files that lead to downloader and backdoor FlawedAmmyy, mostly to target users in South Korea.<\/em><\/p>\n

MuddyWater Resurfaces, Uses Multi-Stage Backdoor POWERSTATS V3 and New Post-Exploitation Tools<\/a>
<\/strong>Analysis of new campaigns wearing the badge of MuddyWater revealed the use of new tools and payloads, which indicates that the well-known threat actor group is continuously developing their schemes. <\/em><\/p>\n

U.S. Ramping Up Offensive Cyber Measures to Stop Economic Attacks, Bolton Says<\/a>
<\/strong>The U.S. is beginning to use offensive cyber measures in response to commercial espionage, according to John Bolton, President Trump\u2019s national security adviser.<\/em><\/p>\n

CVE-2019-2725 Exploited and Certificate Files Used for Obfuscation to Deliver Monero Miner<\/a>
<\/strong>Feedback from the Trend Micro Smart Protection Network security architecture revealed a cryptocurrency-mining activity involving the CVE-2019-2725 vulnerability, but with an interesting twist \u2014 the malware hides its malicious codes in certificate files as an obfuscation tactic.<\/em><\/p>\n

Do you worry about being targeted by spam campaigns via work tools like Microsoft Office? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.<\/a><\/p>\n

\u00a0<\/em><\/p>\n

\u00a0<\/em><\/p>\n

The post This Week in Security News: Spam Campaigns and Cryptocurrency Miners<\/a> appeared first on <\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Jon Clay (Global Threat Communications)| Date: Fri, 14 Jun 2019 13:25:23 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about advanced targeted attack tools being used to distribute cryptocurrency miners as well as a spam campaign targeting European users. Read on: Advanced Targeted Attack Tools…<\/p>\n

The post This Week in Security News: Spam Campaigns and Cryptocurrency Miners<\/a> appeared first on <\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[10422,714],"class_list":["post-15575","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-current-news","tag-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15575","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=15575"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15575\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=15575"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=15575"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=15575"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}