{"id":17185,"date":"2019-12-13T06:00:14","date_gmt":"2019-12-13T14:00:14","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/12\/13\/news-10921\/"},"modified":"2019-12-13T06:00:14","modified_gmt":"2019-12-13T14:00:14","slug":"news-10921","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/12\/13\/news-10921\/","title":{"rendered":"This Week in Security News: December Patch Tuesday Updates and Retail Cyberattacks Set to Soar 20 Percent During 2019 Holiday Season"},"content":{"rendered":"

Credit to Author: Jon Clay (Global Threat Communications)| Date: Fri, 13 Dec 2019 13:32:53 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the threat campaign Waterbear and how it uses API hooking to evade security product detection. Also, read about December Patch Tuesday updates from Microsoft and Adobe.<\/p>\n

Read on:<\/p>\n

Waterbear is Back, Uses API Hooking to Evade Security Product Detection<\/strong><\/a><\/p>\n

Previously, Waterbear has been used for lateral movement, decrypting and triggering payloads with its loader component. In most cases, the payloads are backdoors that can receive and load additional modules. However, recently Trend Micro discovered a piece of Waterbear payload with a brand new purpose: hiding its network behaviors from a specific security product by API hooking techniques.<\/em><\/p>\n

Microsoft December 2019 Patch Tuesday Plugs Windows Zero-Day<\/strong><\/a><\/p>\n

Microsoft has released today the December 2019 Patch Tuesday security updates. This month’s updates include fixes for 36 vulnerabilities, including a zero-day in the Windows operating system that has been exploited in the wild.<\/em><\/p>\n

(Almost) Hollow and Innocent: Monero Miner Remains Undetected via Process Hollowing<\/strong><\/a><\/p>\n

Recently, Trend Micro found a cryptomining threat using process hollowing and a dropper component that requires a specific set of command line arguments to trigger its malicious behavior, leaving no trace for malicious activity detection or analysis to reference the file as malicious.<\/em><\/p>\n

2020 Predictions: Black Hats Begin to Target Facial Recognition Technology<\/strong><\/a><\/p>\n

Research interest in defeating facial recognition technology is booming. Adversaries are likely taking notice, but don’t expect widespread adoption overnight. Jon Clay, director of threat communication at Trend Micro, points out that techniques ranging from deep fakes to adversarial machine learning are likely still in an early stage.<\/em><\/p>\n

US, UK Governments Unite to Indict Hacker Behind Dreaded Dridex Malware<\/strong><\/a><\/p>\n

Maksim Yakubets, who allegedly runs Russia-based Evil Corp, the cybercriminal organization that developed and distributed banking malware Dridex, has been indicted in the United States by the U.S. Treasury Department\u2019s Office of Foreign Assets Control (OFAC).<\/em><\/p>\n

Trend Micro, McAfee and Bitdefender Top Cloud Workload Security List<\/strong><\/a><\/p>\n

Trend Micro, McAfee and Bitdefender were named among the leaders in a new report from Forrester Research on cloud workload security that covered 13 vendors. <\/em><\/p>\n

BEC Scam Successfully Steals US $1 Million Using Look-Alike Domains<\/strong><\/a><\/p>\n

A Chinese venture capital firm lost US $1 million to scammers who successfully came between a deal the firm had with an Israeli startup. The business email compromise (BEC) campaign used by the attackers consisted of 32 emails and look-alike domains to trick both parties of their authenticity.<\/em><\/p>\n

Retail Cyberattacks Set to Soar 20% in 2019 Holiday Season<\/strong><\/a><\/p>\n

As cybercriminals grow more sophisticated and holiday shoppers continue to flock online, researchers warn internet-based retailers could face a 20 percent uptick in cyberattacks this holiday season compared to last year.<\/em><\/p>\n

Bug in Ryuk Ransomware\u2019s Decryptor Can Lead to Loss of Data in Certain Files<\/strong><\/a><\/p>\n

Ryuk\u2019s decryptor tool could cause data loss instead of reinstating file access to users. According to a blog post from Emsisoft, a bug with how the tool decrypts files could lead to incomplete recoveries, contrary to what the decryptor is meant to achieve.<\/em><\/p>\n

Hacker Hacks Hacking Platform, Gets Paid $20,000 By the Hacked Hackers<\/strong><\/a><\/p>\n

HackerOne operates as a conduit between ethical hackers looking for vulnerabilities, and organizations like General Motors, Goldman Sachs, Google, Microsoft, Twitter, and the U.S. Pentagon, want to patch those security holes before malicious threat actors can exploit them. One of the hackers registered with the platform hacked HackerOne instead and was paid $20,000 (\u00a315,250) by HackerOne as a result.<\/em><\/p>\n

\u00a0<\/em>Trickbot\u2019s Updated Password-Grabbing Module Targets More Apps, Services<\/strong><\/a><\/p>\n

Researchers from Security Intelligence have reported on a sudden increase of Trickbot\u2019s activities in Japan, and Trend Micro researchers have found updates to the password-grabbing (pwgrab) module and possible changes to the Emotet variant that drops Trickbot.<\/em><\/p>\n

Ransomware Recap: Snatch and Zeppelin Ransomware<\/strong><\/a><\/p>\n

Two ransomware families with noteworthy features \u2013 Snatch and Zeppelin \u2013were spotted this week. Snatch ransomware is capable of forcing Windows machines to reboot into Safe Mode. Zeppelin ransomware, on the other hand, was responsible for infecting healthcare and IT organizations across Europe and the U.S.<\/em><\/p>\n

Brian Krebs is the CISO MAG Cybersecurity Person of the Year<\/strong><\/a><\/p>\n

For the first time, CISO Mag named a Cybersecurity Person of the Year, who is defined as someone\u00a0who been committed to bringing awareness into the realm of cybersecurity. In addition to recognizing Brian Krebs of KrebsOnSecurity.com, two other individuals were recognized: Trend Micro\u2019s Rik Ferguson<\/strong>, VP of security research, and\u00a0web security expert Troy Hunt<\/strong>. <\/em><\/p>\n

Do you think retail cyberattacks will soar higher than 20 percent this holiday season? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.<\/a><\/p>\n

The post This Week in Security News: December Patch Tuesday Updates and Retail Cyberattacks Set to Soar 20 Percent During 2019 Holiday Season<\/a> appeared first on <\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Jon Clay (Global Threat Communications)| Date: Fri, 13 Dec 2019 13:32:53 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the threat campaign Waterbear and how it uses API hooking to evade security product detection. Also, read about December Patch Tuesday updates from Microsoft and…<\/p>\n

The post This Week in Security News: December Patch Tuesday Updates and Retail Cyberattacks Set to Soar 20 Percent During 2019 Holiday Season<\/a> appeared first on <\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[10422,714,23590],"class_list":["post-17185","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-current-news","tag-security","tag-this-week-in-security-news"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17185","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=17185"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17185\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=17185"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=17185"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=17185"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}