{"id":16164,"date":"2019-08-26T08:10:05","date_gmt":"2019-08-26T16:10:05","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2019\/08\/26\/news-9907\/"},"modified":"2019-08-26T08:10:05","modified_gmt":"2019-08-26T16:10:05","slug":"news-9907","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/08\/26\/news-9907\/","title":{"rendered":"A week in security (August 19 \u2013 25)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 26 Aug 2019 15:38:39 +0000<\/strong><\/p>\n<p>Last week on Malwarebytes Labs, we reported on <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2019\/08\/magecart-criminals-caught-stealing-poker-face\/\" target=\"_blank\">the presence of Magecart<\/a> on a type of poker software; outlined <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/awareness\/2019\/08\/bluetooth-vulnerability-can-be-exploited-in-key-negotiation-of-bluetooth-knob-attacks\/\" target=\"_blank\">how the Key Negotiation of Bluetooth (KNOB) attack works<\/a>; followed the money on a <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/scams\/2019\/08\/the-lucrative-business-of-bitcoin-sextortion-scams\/\" target=\"_blank\">Bitcoin sextortion<\/a> campaign; looked back at <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/researchers-corner\/2019\/08\/def-con-27-retrospective-badge-life-redux\/\" target=\"_blank\">DEF CON 27<\/a>; and reported on continuing <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/ransomware\/2019\/08\/ransomware-continues-assault-against-cities-and-businesses\/\" target=\"_blank\">ransomware attacks<\/a> on several US cities.<\/p>\n<h3>Other cybersecurity news<\/h3>\n<ul>\n<li>After turning away two vulnerability reports brought about by the same independent security researcher, Valve Corporation, the company behind the Steam video gaming platform <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/arstechnica.com\/information-technology\/2019\/08\/valve-says-turning-away-researcher-reporting-steam-vulnerability-was-a-mistake\/\" target=\"_blank\">admitted its mistake<\/a> and updated its policies. (Source: Ars Technica)<\/li>\n<li>The Security Service of Ukraine (SBU) arrested power plant operators after finding <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/cointelegraph.com\/news\/ukraine-crypto-miners-arrested-for-compromising-nuclear-plant-security\" target=\"_blank\">cryptominers in Ukraine\u2019s Yuzhnoukrainsk nuclear power plant<\/a>, which compromised its security. (Source: Coin Telegraph)<\/li>\n<li><a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.welivesecurity.com\/2019\/08\/22\/first-spyware-android-ahmyth-google-play\/\" target=\"_blank\">A couple of spyware apps<\/a> built based on an open-sourced espionage tool called AhMyth were found in the Google Play Store. The company has since removed these apps. (Source: ESET\u2019s WeLiveSecurity Blog)<\/li>\n<li>Google is the latest company to join Twitter and Facebook to <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.cnbc.com\/2019\/08\/22\/google-shutters-more-than-200-youtube-channels-amid-hong-kong-protests.html\" target=\"_blank\">clean up their backyard<\/a> of hundreds of YouTube channels spreading misinformation about protests in Hong Kong. (Source: CNBC)<\/li>\n<li>According to a report, <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.helpnetsecurity.com\/2019\/08\/23\/facebook-phishing-surges\/\" target=\"_blank\">Facebook phishing attacks surged in Q2 of this year<\/a>, and Microsoft remained the most phished brand for five consecutive quarters. (Source: Help Net Security)<\/li>\n<li>NordVPN, a popular VPN service, was found to be <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.hackread.com\/hackers-cloned-nordvpn-website-for-banking-trojan\/\" target=\"_blank\">one of the many brands cloned by cybercriminals<\/a> in a malware campaign to spread the Bolik banking Trojan. (Source: HackRead)<\/li>\n<li>State-sponsored espionage teams from China, Russia, and Vietnam are <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.darkreading.com\/threat-intelligence\/state-sponsored-cyberattacks-target-medical-research\/d\/d-id\/1335590\" target=\"_blank\">now targeting medical research<\/a>, report says. (Source: Dark Reading)<\/li>\n<li>Syrk ransomware found to be masquerading as an \u201caimbot\u201d <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.cyren.com\/blog\/articles\/open-source-ransomware-targets-fortnite-users\" target=\"_blank\">targeted Fortnite players<\/a>. (Source: Cyren Blog)<\/li>\n<li><a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/nakedsecurity.sophos.com\/2019\/08\/21\/hoax-alert-facebook-deadline-on-making-your-content-public-is-fake\/\" target=\"_blank\">A fresh Facebook hoax<\/a> about making private content public flooded the social platform. (Source: Sophos\u2019s Naked Security Blog)<\/li>\n<li>On the above vein, <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/nakedsecurity.sophos.com\/2019\/08\/21\/hoax-alert-facebook-deadline-on-making-your-content-public-is-fake\/\" target=\"_blank\">an old Instagram hoax<\/a> became known and fooled several celebrities and politicians. (Source: WIRED)<\/li>\n<\/ul>\n<p>Stay safe!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/08\/a-week-in-security-august-19-25\/\">A week in security (August 19 \u2013 25)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/08\/a-week-in-security-august-19-25\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 26 Aug 2019 15:38:39 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/08\/a-week-in-security-august-19-25\/' title='A week in security (August 19 \u2013 25)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of the latest cybersecurity news for the week of August 19\u201325, including Magecart attacks on poker software, a new Bluetooth vulnerability, continuing ransomware attacks on US cities, Bitcoin sextortion, and a look back at one researcher\u2019s DEF CON experience.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/a-week-in-security\/\" rel=\"category tag\">A week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/ahmyth\/\" rel=\"tag\">AhMyth<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/apt\/\" rel=\"tag\">APT<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/awis\/\" rel=\"tag\">awis<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/bitcoin-sextortion\/\" rel=\"tag\">Bitcoin sextortion<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/bolik-banking-trojan\/\" rel=\"tag\">Bolik banking Trojan<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/crypomining\/\" rel=\"tag\">crypomining<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/def-con-27\/\" rel=\"tag\">DEF CON 27<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/facebook\/\" rel=\"tag\">facebook<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/facebook-hoax\/\" rel=\"tag\">facebook hoax<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/fortnite\/\" rel=\"tag\">fortnite<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/google\/\" rel=\"tag\">Google<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/hong-kong\/\" rel=\"tag\">hong kong<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/instagram-hoax\/\" rel=\"tag\">Instagram hoax<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/key-negotiation-of-bluetooth\/\" rel=\"tag\">Key Negotiation of Bluetooth<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/knob-attack\/\" rel=\"tag\">KNOB attack<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/magecart\/\" rel=\"tag\">Magecart<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/misinformation\/\" rel=\"tag\">misinformation<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/nordvpn\/\" rel=\"tag\">NordVPN<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ransomware\/\" rel=\"tag\">ransomware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/recap\/\" rel=\"tag\">recap<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/security-service-of-ukraine\/\" rel=\"tag\">Security Service of Ukraine<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/sodinokibi\/\" rel=\"tag\">Sodinokibi<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/spyware\/\" rel=\"tag\">spyware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/syrk-ransomware\/\" rel=\"tag\">Syrk ransomware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/twitter\/\" rel=\"tag\">twitter<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/valve-corporation\/\" rel=\"tag\">Valve Corporation<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/week-in-security\/\" rel=\"tag\">week in security<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/weekly-blog-roundup\/\" rel=\"tag\">weekly blog roundup<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/youtube\/\" rel=\"tag\">youtube<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/yuzhnoukrainsk\/\" rel=\"tag\">Yuzhnoukrainsk<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/08\/a-week-in-security-august-19-25\/' title='A week in security (August 19 \u2013 25)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/08\/a-week-in-security-august-19-25\/\">A week in security (August 19 \u2013 25)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[12969,22728,11029,22647,22715,22729,22730,22731,3589,22732,18501,1670,5729,22733,22708,22709,19622,22734,22735,3765,10503,22736,22299,10443,22737,454,22738,10498,10506,2593,22739],"class_list":["post-16164","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-a-week-in-security","tag-ahmyth","tag-apt","tag-awis","tag-bitcoin-sextortion","tag-bolik-banking-trojan","tag-crypomining","tag-def-con-27","tag-facebook","tag-facebook-hoax","tag-fortnite","tag-google","tag-hong-kong","tag-instagram-hoax","tag-key-negotiation-of-bluetooth","tag-knob-attack","tag-magecart","tag-misinformation","tag-nordvpn","tag-ransomware","tag-recap","tag-security-service-of-ukraine","tag-sodinokibi","tag-spyware","tag-syrk-ransomware","tag-twitter","tag-valve-corporation","tag-week-in-security","tag-weekly-blog-roundup","tag-youtube","tag-yuzhnoukrainsk"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/16164","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=16164"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/16164\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=16164"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=16164"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=16164"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}