{"id":15992,"date":"2019-08-05T08:10:15","date_gmt":"2019-08-05T16:10:15","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/08\/05\/news-9736\/"},"modified":"2019-08-05T08:10:15","modified_gmt":"2019-08-05T16:10:15","slug":"news-9736","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/08\/05\/news-9736\/","title":{"rendered":"A week in security (July 29 &#8211; August 4)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 05 Aug 2019 15:44:37 +0000<\/strong><\/p>\n<p>Last week on Malwarebytes Labs we discussed the <a rel=\"noreferrer noopener\" aria-label=\"security and privacy changes in Android Q (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/mobile\/2019\/07\/mobile-menace-monday-dark-android-q-rises\/\" target=\"_blank\">security and privacy changes in Android Q<\/a>, <a rel=\"noreferrer noopener\" aria-label=\"how to get your Equifax money and stay safe doing it (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/awareness\/2019\/07\/how-to-get-your-equifax-money-and-stay-safe\/\" target=\"_blank\">how to get your Equifax money and stay safe doing it<\/a>, and we looked at the strategy of getting<a rel=\"noreferrer noopener\" aria-label=\"how to get the board to invest in government cybersecurity (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/business-2\/2019\/08\/making-the-case-how-to-get-board-to-invest-in-government-cybersecurity\/\" target=\"_blank\"> a board of directors to invest in government cybersecurity.<\/a> We also reviewed how a <a rel=\"noreferrer noopener\" aria-label=\"Capital One breach exposed over 100 million credit card applications (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/reports\/2019\/08\/capital-one-breach-exposes-over-100-million-credit-card-applications\/\" target=\"_blank\">Capital One breach exposed over 100 million credit card applications<\/a>, analyzed the <a rel=\"noreferrer noopener\" aria-label=\"exploit kit activity in the summer of 2019 (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2019\/07\/exploit-kits-summer-2019-review\/\" target=\"_blank\">exploit kit activity in the summer of 2019<\/a>, and warned users about a <a rel=\"noreferrer noopener\" aria-label=\"QR code scam that can clean out your bank account (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/scams\/2019\/07\/qr-code-scam-can-clean-out-your-bank-account\/\" target=\"_blank\">QR code scam that can clean out your bank account.<\/a>  <\/p>\n<p>The busy week in security continued with looks at <a rel=\"noreferrer noopener\" aria-label=\"Magecart and others intensifying web skimming (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/web-threats\/2019\/08\/no-summer-break-for-magecart-as-web-skimming-intensifies\/\" target=\"_blank\">Magecart and others intensifying web skimming<\/a>, <a rel=\"noreferrer noopener\" aria-label=\"everything you need to know about ATM attacks and fraud: part 2 (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/101\/2019\/08\/atm-attacks-and-fraud-part-2\/\" target=\"_blank\">ATM attacks and fraud<\/a>, and an <a rel=\"noreferrer noopener\" aria-label=\"examined the Lord Exploit Kit (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2019\/08\/say-hello-to-lord-exploit-kit\/\" target=\"_blank\">examination of the Lord Exploit Kit<\/a>. <\/p>\n<h3>Other cybersecurity news<\/h3>\n<ul>\n<li> The <a rel=\"noreferrer noopener\" aria-label=\"Georgia State Patrol (opens in a new tab)\" href=\"https:\/\/www.scmagazine.com\/home\/security-news\/ransomware\/georgia-state-patrol-agency-infected-with-ransomware\/\" target=\"_blank\">Georgia State Patrol<\/a> was reportedly the target of a July 26 ransomware attack that has necessitated the precautionary shutdown of its servers and network. (Source: SC Magazine)<\/li>\n<li> <a rel=\"noreferrer noopener\" aria-label=\"Houston County Schools (opens in a new tab)\" href=\"https:\/\/securityaffairs.co\/wordpress\/89370\/malware\/houston-county-schools-malware-attack.html\" target=\"_blank\">Houston County Schools<\/a> in Alabama delayed the school year\u2019s opening scheduled for August 1st due to a malware attack. (Source: Security Affairs)<\/li>\n<li>Over 95% of the 1,600 vulnerabilities discovered by Google&#8217;s <a rel=\"noreferrer noopener\" aria-label=\"Project Zero (opens in a new tab)\" href=\"https:\/\/www.techspot.com\/news\/81281-over-95-1600-vulnerabilities-discovered-google-project-zero.html\" target=\"_blank\">Project Zero<\/a> were fixed within 90 days. (Source: Techspot)<\/li>\n<li>Researchers who discovered several severe vulnerabilities now uncovered two more flaws that could allow attackers to hack <a rel=\"noreferrer noopener\" aria-label=\"WPA3 (opens in a new tab)\" href=\"https:\/\/thehackernews.com\/2019\/08\/hack-wpa3-wifi-password.html\" target=\"_blank\">WPA3<\/a> protected WiFi passwords. (Source: The Hacker News)<\/li>\n<li>Germany&#8217;s data protection commissioner investigates revelations that <a rel=\"noreferrer noopener\" aria-label=\"Google (opens in a new tab)\" href=\"https:\/\/www.theregister.co.uk\/2019\/08\/02\/germany_probes_google_over_privacy_of_voice_recordings\/\" target=\"_blank\">Google<\/a> contract-workers were listening to recordings made via smart speakers. (Source: The Register)<\/li>\n<li> Experts tend to recommend anti-malware protection for all mobile device users and platforms , but 47% of <a rel=\"noreferrer noopener\" aria-label=\"Android Anti-Malware (opens in a new tab)\" href=\"https:\/\/www.darkreading.com\/mobile\/47--of-android-anti-malware-apps-are-flawed\/d\/d-id\/1335422\" target=\"_blank\">Android Anti-Malware<\/a> apps are flawed. (Source: DarkReading)<\/li>\n<li>Many companies don\u2019t know the depth of their<a rel=\"noreferrer noopener\" aria-label=\" IoT (opens in a new tab)\" href=\"https:\/\/www.helpnetsecurity.com\/2019\/08\/02\/iot-related-risk-exposure\/\" target=\"_blank\"> IoT<\/a>-related risk exposure. (Source: Help Net Security)<\/li>\n<li>Apple\u2019s <a rel=\"noreferrer noopener\" aria-label=\"Siri (opens in a new tab)\" href=\"https:\/\/threatpost.com\/apple-suspends-siri-program-privacy-backlash\/146894\/\" target=\"_blank\">Siri<\/a> follows Amazon Alexa and Google Home in facing backlash for its data retention policies. (Source: Threatpost)<\/li>\n<li>There has been a 92% increase in the total number of <a rel=\"noreferrer noopener\" aria-label=\"vulnerabilities (opens in a new tab)\" href=\"https:\/\/www.infosecurity-magazine.com\/news\/bugcrowd-deep-testing\/\" target=\"_blank\">vulnerabilities<\/a> reported in the last year, while the average payout per vulnerability increased this year by 83%. (Source: InfoSecurity magazine)<\/li>\n<li>Multiple German companies were off to a rough start last week when a phishing campaign pushing a data-wiping malware dubbed <a rel=\"noreferrer noopener\" aria-label=\"GermanWiper (opens in a new tab)\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/germanwiper-ransomware-erases-data-still-asks-for-ransom\/\" target=\"_blank\">GermanWiper<\/a> targeted them and asked for a ransom. (Source: BleepingComputer)<\/li>\n<\/ul>\n<p>  Stay safe, everyone!  <\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/malwarebytes-news\/2019\/08\/a-week-in-security-july-29-august-4\/\">A week in security (July 29 &#8211; August 4)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/malwarebytes-news\/2019\/08\/a-week-in-security-july-29-august-4\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 05 Aug 2019 15:44:37 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/malwarebytes-news\/2019\/08\/a-week-in-security-july-29-august-4\/' title='A week in security (July 29 - August 4)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of security news from July 29 &#8211; August 4 including Capital One breach, Lord Exploit Kit, more Magecart skimming, ATM attacks, QR code scams, and Equifax payout.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/malwarebytes-news\/\" rel=\"category tag\">Malwarebytes news<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/android-q\/\" rel=\"tag\">android q<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/atm-attacks\/\" rel=\"tag\">atm attacks<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/board-of-directors\/\" rel=\"tag\">board of directors<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/capital-one\/\" rel=\"tag\">Capital One<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/equifax\/\" rel=\"tag\">Equifax<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/equifax-breach\/\" rel=\"tag\">Equifax breach<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/exploit-kit\/\" rel=\"tag\">exploit kit<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/exploit-kits\/\" rel=\"tag\">exploit kits<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/germanwiper\/\" rel=\"tag\">germanwiper<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/government-cybersecurity\/\" rel=\"tag\">government cybersecurity<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/lord-exploit-kit\/\" rel=\"tag\">Lord exploit kit<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/magecart\/\" rel=\"tag\">Magecart<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/magecart-attacks\/\" rel=\"tag\">MageCart attacks<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/malwarebytes-news\/2019\/08\/a-week-in-security-july-29-august-4\/' title='A week in security (July 29 - August 4)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/malwarebytes-news\/2019\/08\/a-week-in-security-july-29-august-4\/\">A week in security (July 29 &#8211; August 4)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[22599,21903,22600,22561,12310,14598,10534,10528,22601,22530,22602,19622,19873,10546],"class_list":["post-15992","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-android-q","tag-atm-attacks","tag-board-of-directors","tag-capital-one","tag-equifax","tag-equifax-breach","tag-exploit-kit","tag-exploit-kits","tag-germanwiper","tag-government-cybersecurity","tag-lord-exploit-kit","tag-magecart","tag-magecart-attacks","tag-malwarebytes-news"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15992","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=15992"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15992\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=15992"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=15992"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=15992"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}