{"id":15859,"date":"2019-07-22T10:27:55","date_gmt":"2019-07-22T18:27:55","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/07\/22\/news-9604\/"},"modified":"2019-07-22T10:27:55","modified_gmt":"2019-07-22T18:27:55","slug":"news-9604","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/07\/22\/news-9604\/","title":{"rendered":"A week in security (July 15 \u2013 21)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 22 Jul 2019 15:50:35 +0000<\/strong><\/p>\n<p>Last week on Malwarebytes Labs, we took <a rel=\"noreferrer noopener\" aria-label=\"an extensive look at Sodinokibi (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/threat-spotlight\/2019\/07\/threat-spotlight-sodinokibi-ransomware-attempts-to-fill-gandcrab-void\/\" target=\"_blank\">an extensive look at Sodinokibi<\/a>, one of the new ransomware strains found in the wild that many believe picked up where GandCrab left off. We also profiled <a rel=\"noreferrer noopener\" aria-label=\"Extenbro (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/trojans\/2019\/07\/extenbro-a-new-dns-changer-trojan-protecting-adware\/\" target=\"_blank\">Extenbro<\/a>, a Trojan that protects adware; reported on the UK&#8217;s <a rel=\"noreferrer noopener\" aria-label=\"new Facebook reporting tool (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/scams\/2019\/07\/new-facebook-ad-reporting-tool-launches-in-uk\/\" target=\"_blank\">new Facebook reporting tool<\/a>, homed in on <a rel=\"noreferrer noopener\" aria-label=\"new Magecart strategies (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2019\/07\/no-mans-land-how-a-magecart-group-is-running-a-web-skimming-operation-from-a-war-zone\/\" target=\"_blank\">new Magecart strategies<\/a> that render them &#8216;&#8221;bulletproof;&#8221; identified <a rel=\"noreferrer noopener\" aria-label=\"challenges faced by the education sector (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/vital-infrastructure\/2019\/07\/vital-infrastructure-education\/\" target=\"_blank\">challenges faced by the education sector<\/a> in the age of cybersecurity; and looked at <a rel=\"noreferrer noopener\" aria-label=\"how older generations' handle current tech (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/awareness\/2019\/07\/hi-honey-its-mom-my-phone-is-acting-funny-again\/\" target=\"_blank\">how older generations keep up with the fast-paced evolution of tech<\/a>.<\/p>\n<h3>Other cybersecurity news:<\/h3>\n<ul>\n<li>An exploit called <a rel=\"noreferrer noopener\" aria-label=\"Media File Jacking (opens in a new tab)\" href=\"https:\/\/venturebeat.com\/2019\/07\/15\/symantec-reveals-whatsapp-and-telegram-exploit-that-gives-hackers-access-to-your-personal-media\/\" target=\"_blank\">Media File Jacking<\/a> gives hackers access to the personal media files of WhatsApp and Telegram users, allowing for the interception, misuse, or manipulation of files. (Source: Venture Beat)<\/li>\n<li>Remember the Zoom webcam vulnerability? RingCentral and Zhumu, two other video conferencing software programs, are also <a rel=\"noreferrer noopener\" aria-label=\"affected by the same flaw (opens in a new tab)\" href=\"https:\/\/www.buzzfeednews.com\/article\/nicolenguyen\/ringcentral-and-zhumu-customers-vulnerability\" target=\"_blank\">affected by the same flaw<\/a>. (Source: BuzzFeed News)<\/li>\n<li><a rel=\"noreferrer noopener\" aria-label=\"A bug in Instagram (opens in a new tab)\" href=\"https:\/\/threatpost.com\/researcher-bypasses-instagram-2fa\/146466\/\" target=\"_blank\">A bug in Instagram<\/a> that allows someone to bypass 2FA to hack any account was made public. Facebook quickly fixed the issue. (Source: Threatpost)<\/li>\n<li>Sodinokibi isn&#8217;t the only ransomware borne from older ransomware. <a rel=\"noreferrer noopener\" aria-label=\"DoppelPaymer (opens in a new tab)\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/new-doppelpaymer-ransomware-emerges-from-bitpaymers-code\/\" target=\"_blank\">DoppelPaymer<\/a> emerged from BitPaymer, too. (Source: Bleeping Computer)<\/li>\n<li>Schools continue to be vulnerable on the cybersecurity side. And while ransomware is their current big problem, <a href=\"https:\/\/www.washingtonpost.com\/national\/cyberattacks-inflict-deep-harm-at-technology-rich-schools\/2019\/07\/16\/4e8a61d2-a7ba-11e9-8733-48c87235f396_story.html?utm_term=.7d19e8d5a913\">DDoS attacks<\/a> are the second. (Source: The Washington Post)<\/li>\n<li>FaceApp has been in hot water these past few days due to its connection with Russia. The company broke its silence and <a rel=\"noreferrer noopener\" aria-label=\"denied storing users' photographs without permission (opens in a new tab)\" href=\"https:\/\/www.theguardian.com\/technology\/2019\/jul\/17\/faceapp-denies-storing-users-photographs-without-permission\" target=\"_blank\">denied storing users&#8217; photographs without permission<\/a>. (Source: The Guardian)<\/li>\n<li><a rel=\"noreferrer noopener\" aria-label=\"EvilGnome (opens in a new tab)\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/new-evilgnome-backdoor-spies-on-linux-users-steals-their-files\/\" target=\"_blank\">EvilGnome<\/a>, a new backdoor, was found to target and spy on Linux users. (Source: Bleeping Computer)<\/li>\n<li>To prove a point, researchers made an Android app that targets insulin pumps, either to withhold or give lethal dosages of insulin, <a rel=\"noreferrer noopener\" aria-label=\"threatening patient lives (opens in a new tab)\" href=\"https:\/\/www.wired.com\/story\/medtronic-insulin-pump-hack-app\/\" target=\"_blank\">threatening patient lives<\/a>. (Source: WIRED)<\/li>\n<li>Some browser extensions are found to have collected browsing histories of millions of users. <a rel=\"noreferrer noopener\" aria-label=\"This gigantic leaking is dubbed DataSpii (opens in a new tab)\" href=\"https:\/\/arstechnica.com\/information-technology\/2019\/07\/dataspii-inside-the-debacle-that-dished-private-data-from-apple-tesla-blue-origin-and-4m-people\/\" target=\"_blank\">This gigantic leaking is dubbed DataSpii<\/a>, and Chrome and Firefox users are affected. (Source: Ars Technica)<\/li>\n<li><a rel=\"noreferrer noopener\" aria-label=\"Meet Ke3chang (opens in a new tab)\" href=\"https:\/\/www.welivesecurity.com\/2019\/07\/18\/okrum-ke3chang-targets-diplomatic-missions\/\" target=\"_blank\">Meet Ke3chang<\/a>, an APT group that are out to get diplomatic missions. (Source: ESET&#8217;s We Live Security Blog)<\/li>\n<\/ul>\n<p>Stay safe, everyone! <\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/07\/a-week-in-security-july-15-21\/\">A week in security (July 15 \u2013 21)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/07\/a-week-in-security-july-15-21\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 22 Jul 2019 15:50:35 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/07\/a-week-in-security-july-15-21\/' title='A week in security (July 15 \u2013 21)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of cybersecurity news from July 15\u201321, including the Zoom camera vulnerability, Extenbro, Sodinokibi, Magecart, and cybersecurity challenges facing the education sector.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/a-week-in-security\/\" rel=\"category tag\">A week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/2fa-bypass\/\" rel=\"tag\">2fa bypass<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/advanced-persistent-threat\/\" rel=\"tag\">advanced persistent threat<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/android-apps\/\" rel=\"tag\">Android apps<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/apt\/\" rel=\"tag\">APT<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/backdoor\/\" rel=\"tag\">backdoor<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/bitpaymer-ransomware\/\" rel=\"tag\">BitPaymer ransomware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/browser-extensions\/\" rel=\"tag\">browser extensions<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/bulletproof\/\" rel=\"tag\">bulletproof<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/chrome\/\" rel=\"tag\">chrome<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cybersecurity-education\/\" rel=\"tag\">cybersecurity education<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/dataspii\/\" rel=\"tag\">DataSpii<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ddos-attack\/\" rel=\"tag\">DDos attack<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/doppelpaymer\/\" rel=\"tag\">DoppelPaymer<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/evilgnome\/\" rel=\"tag\">EvilGnome<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/extenbro\/\" rel=\"tag\">Extenbro<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/faceapp\/\" rel=\"tag\">FaceApp<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/facebook\/\" rel=\"tag\">facebook<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/facebook-reporting-tool\/\" rel=\"tag\">Facebook reporting tool<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/firefox\/\" rel=\"tag\">firefox<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/generation\/\" rel=\"tag\">generation<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/instagram\/\" rel=\"tag\">Instagram<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ke3chang\/\" rel=\"tag\">Ke3chang<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/magecart\/\" rel=\"tag\">Magecart<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/media-file-jacking\/\" rel=\"tag\">Media File Jacking<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/privacy\/\" rel=\"tag\">privacy<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ringcentral-flaw\/\" rel=\"tag\">RingCentral flaw<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/sodinokibi\/\" rel=\"tag\">Sodinokibi<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/telegram\/\" rel=\"tag\">telegram<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/vital-infrastructure\/\" rel=\"tag\">vital infrastructure<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/whatsapp\/\" rel=\"tag\">whatsapp<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/zhumu-flaw\/\" rel=\"tag\">Zhumu flaw<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/zoom-zero-day\/\" rel=\"tag\">zoom zero-day<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/07\/a-week-in-security-july-15-21\/' title='A week in security (July 15 \u2013 21)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/07\/a-week-in-security-july-15-21\/\">A week in security (July 15 \u2013 21)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[22381,12969,10922,19417,11029,10836,20613,19414,22325,10699,10640,22382,17689,22383,22384,22293,22385,3589,22386,11122,22387,2143,22388,19622,22389,5897,22390,22299,11642,21437,10440,22391,22288],"class_list":["post-15859","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-2fa-bypass","tag-a-week-in-security","tag-advanced-persistent-threat","tag-android-apps","tag-apt","tag-backdoor","tag-bitpaymer-ransomware","tag-browser-extensions","tag-bulletproof","tag-chrome","tag-cybersecurity-education","tag-dataspii","tag-ddos-attack","tag-doppelpaymer","tag-evilgnome","tag-extenbro","tag-faceapp","tag-facebook","tag-facebook-reporting-tool","tag-firefox","tag-generation","tag-instagram","tag-ke3chang","tag-magecart","tag-media-file-jacking","tag-privacy","tag-ringcentral-flaw","tag-sodinokibi","tag-telegram","tag-vital-infrastructure","tag-whatsapp","tag-zhumu-flaw","tag-zoom-zero-day"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15859","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=15859"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15859\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=15859"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=15859"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=15859"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}