{"id":15592,"date":"2019-06-17T10:10:03","date_gmt":"2019-06-17T18:10:03","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2019\/06\/17\/news-9341\/"},"modified":"2019-06-17T10:10:03","modified_gmt":"2019-06-17T18:10:03","slug":"news-9341","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/06\/17\/news-9341\/","title":{"rendered":"A week in security (June 10 \u2013 16)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 17 Jun 2019 17:09:19 +0000<\/strong><\/p>\n<p>Last week on Malwarebytes Labs, we revealed to readers <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2019\/06\/cybersecurity-pros-think-the-enemy-is-winning\/\" target=\"_blank\">the mindset of security pros<\/a> as to why they lack confidence in their ability to prevent their organizations getting breached. We also reported on Maine Governor Janet Mills <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/privacy-2\/2019\/06\/maine-governor-signs-isp-privacy-bill\/\" target=\"_blank\">implementing the state\u2019s own privacy protections<\/a>, how Apple can <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/privacy-2\/2019\/06\/apple-ios-13-will-better-protect-user-privacy-but-more-could-be-done\/\" target=\"_blank\">better protect its users\u2019 privacy<\/a>, the <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/threat-spotlight\/2019\/06\/megacortex-continues-trend-of-targeted-ransomware-attacks\/\" target=\"_blank\">continuous trending<\/a> of the MegaCortex ransomware, how <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/social-engineering\/2019\/06\/trolls-abuse-twitter-lists-to-collate-their-targets\/\" target=\"_blank\">cyberbullies and trolls use Twitter Lists<\/a> to home in on their targets, and the newest trend of adware and PUPs <a href=\"https:\/\/blog.malwarebytes.com\/adware\/2019\/06\/adware-and-pups-families-add-push-notifications-as-an-attack-vector\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\">abusing push notifications<\/a> to compromise user systems.<\/p>\n<h3> Other cybersecurity news<\/h3>\n<ul>\n<li><a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/muddywater-resurfaces-uses-multi-stage-backdoor-powerstats-v3-and-new-post-exploitation-tools\/\">Treading the <\/a><a rel=\"noreferrer noopener\" aria-label=\"MuddyWater (opens in a new tab)\" href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/muddywater-resurfaces-uses-multi-stage-backdoor-powerstats-v3-and-new-post-exploitation-tools\/\" target=\"_blank\">MuddyWater<\/a>: This Iranian APT resurfaced with new tools and tactics under its belt, revealed latest analysis report. (Source: TrendLabs Security Intelligence Blog)<\/li>\n<li>A new sextortion scam involves <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.theregister.co.uk\/2019\/06\/10\/kaspersky_cia_sextortion\/\" target=\"_blank\">fraudsters posing as rogue CIA agents<\/a> and telling their marks that they are being probed for online pedophilia\u2014but are willing to settle the matter for $10,000 worth of Bitcoins. (Source: The Register)<\/li>\n<li>A Customs and Border Protection (CBP) <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.wired.com\/story\/hackers-stole-traveler-photos-border-agency-database\/\" target=\"_blank\">subcontractor was compromised<\/a>, and now the threat actor has thousands of images of US travelers and license plates. (Source: WIRED)<\/li>\n<li>VLC users, rejoice! Your favorite media player <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/threatpost.com\/vlc-player-gets-patched-for-two-high-severity-bugs\/145518\/\" target=\"_blank\">patched a lot of bugs recently<\/a>, including two that were marked as high severity. Update now if you haven\u2019t already. (Source: Threatpost)<\/li>\n<li>Taking advantage of the popularity of Google\u2019s Gmail and Calendar apps, threat actors were found targeting users <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.forbes.com\/sites\/daveywinder\/2019\/06\/11\/new-security-warning-issued-for-googles-1-5-billion-gmail-and-calendar-users\/#3a75041e565e\" target=\"_blank\">via malformed and unwanted Google Calendar notifications<\/a>. (Source: Forbes)<\/li>\n<li>Here\u2019s a chilling discovery: Threat actors steal your personal and medical data, <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/thenextweb.com\/security\/2019\/06\/11\/hackers-are-stealing-personal-medical-data-to-impersonate-your-doctor\/\" target=\"_blank\">so they can impersonate your doctor<\/a>. (Source: The Next Web)<\/li>\n<li>A new report revealed that cryptocurrency miners are distributed <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/advanced-targeted-attack-tools-used-to-distribute-cryptocurrency-miners\/\" target=\"_blank\">using advanced targeted attack toolkits<\/a>, such as those used by the Equation Group, and planted onto company computers. (Source: TrendLabs Security Intelligence Blog)<\/li>\n<li>Fishwrap, <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.cyberscoop.com\/twitter-disinformation-recorded-future-old-news\/\" target=\"_blank\">a new disinformation campaign<\/a> on Twitter that uses modified old news and repackages them as new, sought to sow discord amongst users. A nation-state is likely behind it, says researchers. (Source: Cyberscoop)<\/li>\n<li>Google: <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.wired.com\/story\/google-chrome-ad-blockers-extensions-api\/\" target=\"_blank\">We\u2019re not killing ad blockers<\/a>. Ad blockers: OH, YES YOU ARE. (Source: WIRED)<\/li>\n<li><a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.nytimes.com\/2019\/06\/13\/us\/aclu-surveillance-artificial-intelligence.html\" target=\"_blank\">Surveillance cameras could be weaponized<\/a> with the use of artificial intelligence (AI), according to a report from the American Civil Liberties Union (ACLU). (Source: The New York Times)<\/li>\n<\/ul>\n<p>Stay safe, everyone! <\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/06\/a-week-in-security-june-10-16\/\">A week in security (June 10 \u2013 16)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/06\/a-week-in-security-june-10-16\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 17 Jun 2019 17:09:19 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/06\/a-week-in-security-june-10-16\/' title='A week in security (June 10 \u2013 16)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of security news from June 10\u201316, including MegaCortex, the latest news on privacy, the abuse of Twitter&#8217;s Lists feature, and more.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/a-week-in-security\/\" rel=\"category tag\">A week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/aclu\/\" rel=\"tag\">ACLU<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ad-blockers\/\" rel=\"tag\">ad blockers<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/adware\/\" rel=\"tag\">adware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ai\/\" rel=\"tag\">AI<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/american-civil-liberties-union\/\" rel=\"tag\">American Civil Liberties Union<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/apt\/\" rel=\"tag\">APT<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/artificial-intelligence\/\" rel=\"tag\">artificial intelligence<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/breach\/\" rel=\"tag\">breach<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cbp\/\" rel=\"tag\">CBP<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/customs-and-border-protection\/\" rel=\"tag\">Customs and Border Protection<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cyberbullying\/\" rel=\"tag\">cyberbullying<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/disinformation-campaign\/\" rel=\"tag\">disinformation campaign<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/fishwrap\/\" rel=\"tag\">fishwrap<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/google-calendar-notification-abuse\/\" rel=\"tag\">Google Calendar notification abuse<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/healthcare-security\/\" rel=\"tag\">healthcare security<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/maine\/\" rel=\"tag\">Maine<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/muddywaters\/\" rel=\"tag\">MuddyWaters<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/privacy\/\" rel=\"tag\">privacy<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/pups\/\" rel=\"tag\">PUPs<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/push-notifications\/\" rel=\"tag\">push notifications<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/sextortion\/\" rel=\"tag\">sextortion<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/trolling\/\" rel=\"tag\">trolling<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/twitter-list-abuse\/\" rel=\"tag\">twitter list abuse<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/vlc\/\" rel=\"tag\">VLC<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/06\/a-week-in-security-june-10-16\/' title='A week in security (June 10 \u2013 16)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/06\/a-week-in-security-june-10-16\/\">A week in security (June 10 \u2013 16)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[12969,8668,18910,10468,10245,22048,11029,11113,11510,22049,22050,6503,22051,22052,22053,13179,21973,22054,5897,2130,20991,18952,21461,22046,22055],"class_list":["post-15592","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-a-week-in-security","tag-aclu","tag-ad-blockers","tag-adware","tag-ai","tag-american-civil-liberties-union","tag-apt","tag-artificial-intelligence","tag-breach","tag-cbp","tag-customs-and-border-protection","tag-cyberbullying","tag-disinformation-campaign","tag-fishwrap","tag-google-calendar-notification-abuse","tag-healthcare-security","tag-maine","tag-muddywaters","tag-privacy","tag-pups","tag-push-notifications","tag-sextortion","tag-trolling","tag-twitter-list-abuse","tag-vlc"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15592","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=15592"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15592\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=15592"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=15592"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=15592"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}