{"id":16896,"date":"2019-11-15T07:00:01","date_gmt":"2019-11-15T15:00:01","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/11\/15\/news-10634\/"},"modified":"2019-11-15T07:00:01","modified_gmt":"2019-11-15T15:00:01","slug":"news-10634","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/11\/15\/news-10634\/","title":{"rendered":"This Week in Security News: APT33 Botnets Used for Extreme Narrow Targeting and Microsoft\u2019s Patch Tuesday Arrives with A Patch for An IE Zero-Day"},"content":{"rendered":"

Credit to Author: Jon Clay (Global Threat Communications)| Date: Fri, 15 Nov 2019 14:05:44 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the APT33 threat group that is using live C&C servers for extremely narrow targeting. Also, read about Trend Micro\u2019s complete smart factory solutions and November Patch Tuesday updates.<\/p>\n

Read on:<\/p>\n

Trend Micro Enhances Protection for Industrial Orgs<\/strong><\/a><\/p>\n

This week, Trend Micro announced its complete smart factory solutions, designed to provide enhanced visibility and protection for embattled industrial control system (ICS) environments. The solutions will secure across all layers of Industry 4.0, mitigating this growing area of cyber risk to keep operations running.<\/em><\/p>\n

Faster and More Accurate Malware Detection Through Predictive Machine Learning<\/strong><\/a><\/p>\n

Machine learning gives traditional cybersecurity solutions the edge it needs to catch destructive threats such as ransomware before it gets deployed in a system, which saves organizations\u2019 time, money, and reputations. <\/em><\/p>\n

Microsoft’s November 2019 Patch Tuesday Arrives with a Patch for an IE Zero-Day<\/strong><\/a><\/p>\n

Microsoft has released the November 2019 Patch Tuesday security updates. This month’s updates include a patch for a vulnerability in the Internet Explorer scripting engine that hackers have been seen exploiting in the wild.<\/em><\/p>\n

Amazon Patches Ring Video Doorbell Pro Vulnerability that Threatens Network Security<\/strong><\/a><\/p>\n

Researchers at Bitdefender discovered a vulnerability in Amazon\u2019s Ring Video Doorbell Pro that, if exploited, could allow a threat actor to get network or Wi-Fi credentials. Amazon fixed the issue back in September, but the vulnerability was only recently disclosed.<\/em><\/p>\n

ASP.NET Service Provider SmartASP.net Targeted by Ransomware Attack<\/strong><\/a><\/p>\n

Less than a week after\u00a0ransomware attacks disrupted operations of various Spanish companies and government services in the Canadian territory of Nunavut, another company has disclosed that that they were hit by an attack, this time involving the encryption of the customer data of SmarterASP.net, a popular hosting service provider for the web application framework ASP.NET.<\/em><\/p>\n

BlueKeep Exploit Will Get an Update Following Recent Attacks<\/strong><\/a><\/p>\n

Reports from security researchers have shed light on the recent BlueKeep attacks that installed cryptocurrency miners on compromised devices. In November, Kevin Beaumont noticed that his honeypots kept crashing and later determined that the cause was the BlueKeep exploit module. These blue screen of death (BSOD) crashes in the honeypots were the issues that helped Beaumont discover the real-world attacks.<\/em><\/p>\n

YouTube Videos Promise Private Key Generator for Bitcoin Addresses, Lead Users to Info-Stealing Trojan Instead<\/strong><\/a><\/p>\n

YouTube videos were being used in a scam to deliver an information-stealing Trojan called Predator the Thief (detected by Trend Micro as TrojanSpy.MSIL.PREDATOR.AA). Discovered by security researcher Frost, the threat actors use the videos to promote a tool that can generate a bitcoin address\u2019 private key.<\/em><\/p>\n

New 5G Flaws Can Track Phone Locations and Spoof Emergency Alerts<\/strong><\/a><\/p>\n

Security researchers at Purdue University and the University of Iowa have found nearly a dozen 5G vulnerabilities, which they say can be used to track a victim\u2019s real-time location, spoof emergency alerts that can trigger panic or silently disconnect a 5G-connected phone from the network altogether.<\/em><\/p>\n

DDoS Attacks That Employ TCP Amplification Cause Network Congestion, Secondary Outages<\/strong><\/a><\/p>\n

Over the past month, threat actors have been using a relatively non-conventional approach to mount a flurry of distributed denial-of-service (DDoS) attacks through Transmission Control Protocol (TCP) amplification.<\/em><\/p>\n

APT33 Mounts Focused, Highly Targeted Botnet Attacks Against U.S. Victims<\/strong><\/a><\/p>\n

The Iran-linked, espionage-focused advanced threat group known as APT33 has been spotted using more than a dozen obfuscated botnets to carry out narrowly targeted attacks against government and academic targets. As of last month, researchers counted 10 live bot C2s in active operation.<\/em><\/p>\n

There Is a Skills Shortage, but It Isn\u2019t Your Real Problem<\/strong><\/a><\/p>\n

Without automated event correlation and analysis, the skills problem ceases to be a crisis.\u00a0Bill Malik, vice president of infrastructure strategies at Trend Micro, discusses how organizations can use\u00a0automation, a managed detection and response tool (like MRDR) and a cross-platform discovery and response tool (like XDR) to help alleviate the information security skills gap.<\/em><\/p>\n

Is your company taking steps and using solutions to alleviate the information security skills shortage? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.<\/a><\/p>\n

The post This Week in Security News: APT33 Botnets Used for Extreme Narrow Targeting and Microsoft\u2019s Patch Tuesday Arrives with A Patch for An IE Zero-Day<\/a> appeared first on <\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Jon Clay (Global Threat Communications)| Date: Fri, 15 Nov 2019 14:05:44 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the APT33 threat group that is using live C&C servers for extremely narrow targeting. Also, read about Trend Micro\u2019s complete smart factory solutions and November…<\/p>\n

The post This Week in Security News: APT33 Botnets Used for Extreme Narrow Targeting and Microsoft\u2019s Patch Tuesday Arrives with A Patch for An IE Zero-Day<\/a> appeared first on <\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[10422,714],"class_list":["post-16896","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-current-news","tag-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/16896","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=16896"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/16896\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=16896"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=16896"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=16896"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}