{"id":16988,"date":"2019-11-25T06:10:02","date_gmt":"2019-11-25T14:10:02","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2019\/11\/25\/news-10725\/"},"modified":"2019-11-25T06:10:02","modified_gmt":"2019-11-25T14:10:02","slug":"news-10725","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/11\/25\/news-10725\/","title":{"rendered":"A week in security (November 18 \u2013 24)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 25 Nov 2019 12:55:31 +0000<\/strong><\/p>\n<p> Last week on Malwarebytes Labs, we looked at <a rel=\"noreferrer noopener\" aria-label=\"stalkerware\u2019s legal enforcement problem (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/stalkerware\/2019\/11\/stalkerwares-legal-enforcement-problem\/\" target=\"_blank\">stalkerware\u2019s legal enforcement problem<\/a>, announced our <a rel=\"noreferrer noopener\" aria-label=\"cooperation with other security vendors and advocacy groups to launch Coalition Against Stalkerware (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/malwarebytes-news\/2019\/11\/malwarebytes-teams-up-with-security-vendors-and-advocacy-groups-to-launch-coalition-against-stalkerware\/\" target=\"_blank\">cooperation with other security vendors and advocacy groups to launch Coalition Against Stalkerware<\/a>, published our <a rel=\"noreferrer noopener\" aria-label=\"fall 2019 review of exploit kits (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/exploits-and-vulnerabilities\/2019\/11\/exploit-kits-fall-2019-review\/\" target=\"_blank\">fall 2019 review of exploit kits<\/a>, looked at how <a rel=\"noreferrer noopener\" aria-label=\"Deepfake on LinkedIn makes for malign interference campaigns (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/social-engineering\/2019\/11\/deepfakes-and-linkedin-malign-interference-campaigns\/\" target=\"_blank\">Deepfake on LinkedIn makes for malign interference campaigns<\/a>, rounded up our <a rel=\"noreferrer noopener\" aria-label=\"knowledge about the Disney+ security and service issues (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/hacking-2\/2019\/11\/disney-security-and-service-issues-heres-what-we-know-so-far\/\" target=\"_blank\">knowledge about the Disney+ security and service issues<\/a>, <a rel=\"noreferrer noopener\" aria-label=\"explained juice jacking (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/explained\/2019\/11\/explained-juice-jacking\/\" target=\"_blank\">explained juice jacking<\/a>, analyzed how a <a rel=\"noreferrer noopener\" aria-label=\"web skimmer phishes credit card data via a rogue payment service platform (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/web-threats\/2019\/11\/web-skimmer-phishes-credit-card-data-via-rogue-payment-service-platform\/\" target=\"_blank\">web skimmer phishes credit card data via a rogue payment service platform<\/a>, and lastly, we looked at <a rel=\"noreferrer noopener\" aria-label=\"upcoming IoT bills and guidelines (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/privacy\/2019\/11\/iot-bills-and-guidelines-a-global-response\/\" target=\"_blank\">upcoming IoT bills and guidelines<\/a>. <\/p>\n<h3>Other cybersecurity news<\/h3>\n<ul>\n<li>Cybercriminals hitting US city and state governments with ransomware has become increasingly popular in recent times. Again, <a rel=\"noreferrer noopener\" aria-label=\"Louisiana (opens in a new tab)\" href=\"https:\/\/www.techspot.com\/news\/82830-louisiana-government-systems-hit-ransomware-attack.html\" target=\"_blank\">Louisiana<\/a> has been targeted. (Source: TechSpot)<\/li>\n<li><a rel=\"noreferrer noopener\" aria-label=\"National Veterinary Associates (opens in a new tab)\" href=\"https:\/\/krebsonsecurity.com\/2019\/11\/ransomware-bites-400-veterinary-hospitals\/\" target=\"_blank\">National Veterinary Associates<\/a> was hit by a ransomware attack late last month that affected more than half of those properties. (Source: KrebsOnSecuirty)<\/li>\n<li>After a deadline was missed for receiving a ransom payment, the group behind Maze Ransomware has published data and files stolen from security staffing firm <a rel=\"noreferrer noopener\" aria-label=\"Allied Universal (opens in a new tab)\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/allied-universal-breached-by-maze-ransomware-stolen-data-leaked\/\" target=\"_blank\">Allied Universal<\/a>. (Source: BleepingComputer) <\/li>\n<li>A <a rel=\"noreferrer noopener\" aria-label=\"WhatsApp (opens in a new tab)\" href=\"https:\/\/www.dailymail.co.uk\/sciencetech\/article-7697085\/WhatsApp-flaw-leaves-users-data-vulnerable-attack-hackers.html\" target=\"_blank\">WhatsApp<\/a> flaw that could let hackers steal users&#8217; chat messages, pictures and private information by letting users download a video file containing malicious code. (Source: The DailyMail UK)<\/li>\n<li>A malicious campaign is active that spoofs an urgent update email from Microsoft to infect user&#8217;s systems with the <a rel=\"noreferrer noopener\" aria-label=\"Cyborg (opens in a new tab)\" href=\"https:\/\/www.techradar.com\/news\/dont-download-this-windows-10-update-its-packed-with-ransomware\" target=\"_blank\">Cyborg<\/a> ransomware. (Source: TechRadar)<\/li>\n<li><a rel=\"noreferrer noopener\" aria-label=\"Microsoft (opens in a new tab)\" href=\"https:\/\/www.independent.co.uk\/life-style\/gadgets-and-tech\/news\/elon-musk-ai-openai-microsoft-artificial-intelligence-funding-a9016736.html\" target=\"_blank\">Microsoft<\/a> has invested $1 billion in the Elon Musk-founded artificial intelligence venture that plans to mimic the human brain using computers. (Source: Independent UK)<\/li>\n<li><a rel=\"noreferrer noopener\" aria-label=\"Unique data leak (opens in a new tab)\" href=\"https:\/\/www.dataviper.io\/blog\/2019\/pdl-data-exposure-billion-people\/\" target=\"_blank\">Unique data leak<\/a> contains personal and social information of 1.2 billion people that appear to originate from 2 different data enrichment companies. (Source: DataViper)<\/li>\n<li>The US branch of the telecommunications giant <a rel=\"noreferrer noopener\" aria-label=\"T-Mobile (opens in a new tab)\" href=\"https:\/\/securityaffairs.co\/wordpress\/94235\/data-breach\/t-mobile-data-breach-wireless-customers.html\" target=\"_blank\">T-Mobile<\/a> disclosed a security breach that, according to the company, impacted a small number of customers of its prepaid service. (Source: SecurityAffairs)<\/li>\n<li>A hacker has published more than 2TB of data from the <a rel=\"noreferrer noopener\" aria-label=\"Cayman National Bank (opens in a new tab)\" href=\"https:\/\/headleaks.com\/2019\/11\/18\/hacker-publishes-2tb-of-data-from-cayman-national-bank-bXovQUVIc2Vua2dCNHloZG1ZbnVQdz09\" target=\"_blank\">Cayman National Bank<\/a>. This includes more than 640,000 emails and the data of more than 1400 customers. (Source: HeadLeaks)<\/li>\n<li>A ransomware outbreak has besieged a <a rel=\"noreferrer noopener\" aria-label=\"Wisconsin based IT company (opens in a new tab)\" href=\"https:\/\/krebsonsecurity.com\/2019\/11\/110-nursing-homes-cut-off-from-health-records-in-ransomware-attack\/\" target=\"_blank\">Wisconsin based IT company<\/a> that provides cloud data hosting, security and access management to more than 100 nursing homes across the United States. (Source: KrebsOnSecuirty)<\/li>\n<\/ul>\n<p>  Stay safe, everyone!  <\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/11\/a-week-in-security-november-18-24\/\">A week in security (November 18 \u2013 24)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/11\/a-week-in-security-november-18-24\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 25 Nov 2019 12:55:31 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/11\/a-week-in-security-november-18-24\/' title='A week in security (November 18 \u2013 24)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of cybersecurity news from November 18 &#8211; 24, including Coalition against stalkerware, exploit kits, ransomware, data leaks, and juice jacking.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/a-week-in-security\/\" rel=\"category tag\">A week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/coalition-against-stalkerware\/\" rel=\"tag\">Coalition Against Stalkerware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/data-leaks\/\" rel=\"tag\">data leaks<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/deepfake\/\" rel=\"tag\">deepfake<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/disney\/\" rel=\"tag\">Disney+<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/exploit-kits\/\" rel=\"tag\">exploit kits<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/iot\/\" rel=\"tag\">IoT<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/juice-jacking\/\" rel=\"tag\">juice jacking<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/linkedin\/\" rel=\"tag\">LinkedIn<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ransomware\/\" rel=\"tag\">ransomware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/stalkerware\/\" rel=\"tag\">stalkerware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/web-skimmer\/\" rel=\"tag\">web skimmer<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/11\/a-week-in-security-november-18-24\/' title='A week in security (November 18 \u2013 24)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/11\/a-week-in-security-november-18-24\/\">A week in security (November 18 \u2013 24)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[12969,23476,15700,17608,5370,10528,10495,23504,11448,3765,19409,23515],"class_list":["post-16988","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-a-week-in-security","tag-coalition-against-stalkerware","tag-data-leaks","tag-deepfake","tag-disney","tag-exploit-kits","tag-iot","tag-juice-jacking","tag-linkedin","tag-ransomware","tag-stalkerware","tag-web-skimmer"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/16988","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=16988"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/16988\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=16988"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=16988"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=16988"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}