{"id":17804,"date":"2020-02-24T09:10:21","date_gmt":"2020-02-24T17:10:21","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2020\/02\/24\/news-11537\/"},"modified":"2020-02-24T09:10:21","modified_gmt":"2020-02-24T17:10:21","slug":"news-11537","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2020\/02\/24\/news-11537\/","title":{"rendered":"A week in security (February 17 \u2013 23)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 24 Feb 2020 16:32:34 +0000<\/strong><\/p>\n<p>Last week on Malwarebytes Labs, we highlighted the benefits and concerns of<a rel=\"noreferrer noopener\" aria-label=\" identity-as-a-service (IDaaS) (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/explained\/2020\/02\/harnessing-the-power-of-identity-management-idaas-in-the-cloud\/\" target=\"_blank\"> identity-as-a-service (IDaaS)<\/a>, an identity management scheme deployed from the cloud; reported on scammers and squatters taking advantage of <a rel=\"noreferrer noopener\" aria-label=\"Rudy Giuliani\u2019s Twitter typos (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/scams\/2020\/02\/rudy-giulianis-twitter-mishaps-invite-typosquatters-and-scammers\/\" target=\"_blank\">Rudy Giuliani\u2019s Twitter typos<\/a>; and gave a high-level overview of <a rel=\"noreferrer noopener\" aria-label=\"RobinHood (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/threat-spotlight\/2020\/02\/threat-spotlight-robbinhood-ransomware-takes-the-drivers-seat\/\" target=\"_blank\">Ro<\/a><a href=\"https:\/\/blog.malwarebytes.com\/threat-spotlight\/2020\/02\/threat-spotlight-robbinhood-ransomware-takes-the-drivers-seat\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"RobinHood (opens in a new tab)\">b<\/a><a rel=\"noreferrer noopener\" aria-label=\"RobinHood (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/threat-spotlight\/2020\/02\/threat-spotlight-robbinhood-ransomware-takes-the-drivers-seat\/\" target=\"_blank\">binHood<\/a>, the latest ransomware baddie to specifically target organizations.<\/p>\n<h3>Other cybersecurity news<\/h3>\n<ul>\n<li>Hundreds of Israeli soldiers\u2019 mobile phones were compromised after Hamas cyber militants <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.forbes.com\/sites\/zakdoffman\/2020\/02\/16\/terrorist-android-malware-exposed-here-are-the-hamas-apps-that-targeted-israeli-soldiers\/#5ebb815623ae\" target=\"_blank\">catfished them into downloading malware<\/a>. (Source: Forbes)<\/li>\n<li>LokiBot was found <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/lokibot-impersonates-popular-game-launcher-and-drops-compiled-c-code-file\/\" target=\"_blank\">impersonating Epic Games&#8217; client installer<\/a>. (Source: Trend Micro Security Intelligence Blog)<\/li>\n<li>Almost half of Internet-connected <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.zdnet.com\/article\/cybersecurity-warning-almost-half-of-connected-medical-devices-are-vulnerable-to-hackers-exploiting-bluekeep\/\" target=\"_blank\">medical devices suffer from the BlueKeep vulnerability<\/a>. (Source: ZDNet)<\/li>\n<li>Voatz, a voting app, was found to be <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.meritalk.com\/articles\/mit-researchers-raise-security-privacy-concerns-with-voatz-app\/\" target=\"_blank\">insecure and vulnerable to hacking<\/a>, according to MIT researchers. (Source: MeriTalk)<\/li>\n<li><a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/windows-linux-devices-at-risk-due-to-unsigned-peripheral-firmware\/\" target=\"_blank\">Unsigned peripheral firmware<\/a> in Wi-Fi adapters, USB hubs, track pads, and cameras put Windows and Linux systems at risk of attack, according to researchers from Eclypsium. (Source: Bleeping Computer)<\/li>\n<li>Researchers from Cisco and Jamila Kaya have found <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.inc.com\/jason-aten\/many-chrome-extensions-are-stealing-your-personal-information-heres-how-to-tell-if-youre-at-risk.html\" target=\"_blank\">hundreds of fraudulent Chrome extension apps<\/a> that were only designed to capture user information. (Source: Inc.com)<\/li>\n<li><a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.fifthdomain.com\/home\/2020\/02\/19\/could-this-attack-signal-the-future-of-ransomware\/\" target=\"_blank\">Evolutionary ransomware<\/a> was seen targeting a pipeline operator. Experts signal this as potential change in the way ransomware will behave in the future. (Source: Fifth Domain)<\/li>\n<li>A popular video gaming channel on YouTube <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.hackread.com\/popular-youtube-gaming-channel-hacked-crypto-scam\/\" target=\"_blank\">got hacked by crypto scammers<\/a> to collect Bitcoin from its 1.8 million subscribers. (Source: HackRead)<\/li>\n<li>Speaking of crypto, <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.tenable.com\/blog\/cryptocurrency-scams-fake-giveaways-impersonate-followers-of-political-and-other-notable\" target=\"_blank\">scammers are at it again on Twitter<\/a>\u2014with some compromising legitimate accounts while others are inserting themselves into conversations before dropping the fake giveaway. (Source: Tenable Security Blog)<\/li>\n<li>A politician in India was found <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.vice.com\/en_in\/article\/jgedjb\/the-first-use-of-deepfakes-in-indian-election-by-bjp\" target=\"_blank\">using deepfakes technology to reach different linguistic voter bases<\/a> during their current election campaign. Videos of this politician went viral on WhatsApp. (Source: Vice)<\/li>\n<\/ul>\n<p>Stay safe, everyone!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2020\/02\/a-week-in-security-february-17-23\/\">A week in security (February 17 \u2013 23)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2020\/02\/a-week-in-security-february-17-23\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 24 Feb 2020 16:32:34 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/a-week-in-security\/2020\/02\/a-week-in-security-february-17-23\/' title='A week in security (February 17 \u2013 23)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of the previous week\u2019s most notable security stories and events, including cloud identity management, a noteworthy Twitter scam-tastrophy, RobbinHood ransomware, and more.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/a-week-in-security\/\" rel=\"category tag\">A week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/awis\/\" rel=\"tag\">awis<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/bluekeep\/\" rel=\"tag\">BlueKeep<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/catfishing\/\" rel=\"tag\">catfishing<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/chrome-extension\/\" rel=\"tag\">Chrome Extension<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/crypto-scams\/\" rel=\"tag\">Crypto scams<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/deepfakes\/\" rel=\"tag\">deepfakes<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/elections\/\" rel=\"tag\">elections<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/epic-games\/\" rel=\"tag\">epic games<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/firmware\/\" rel=\"tag\">firmware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/idaas\/\" rel=\"tag\">IDaaS<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/identity-as-a-service\/\" rel=\"tag\">identity-as-a-service<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/jamila-kaya\/\" rel=\"tag\">Jamila Kaya<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/lokibot\/\" rel=\"tag\">LokiBot<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ransomware\/\" rel=\"tag\">ransomware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/scammers\/\" rel=\"tag\">scammers<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/twitter\/\" rel=\"tag\">twitter<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/voatz\/\" rel=\"tag\">Voatz<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/week-in-security\/\" rel=\"tag\">week in security<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/weekly-blog-roundup\/\" rel=\"tag\">weekly blog roundup<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/youtube-hack\/\" rel=\"tag\">YouTube hack<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/a-week-in-security\/2020\/02\/a-week-in-security-february-17-23\/' title='A week in security (February 17 \u2013 23)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2020\/02\/a-week-in-security-february-17-23\/\">A week in security (February 17 \u2013 23)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[12969,22647,21966,16658,11424,19975,17473,941,15965,11617,19837,24250,24279,16318,3765,10512,454,24280,10498,10506,24281],"class_list":["post-17804","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-a-week-in-security","tag-awis","tag-bluekeep","tag-catfishing","tag-chrome-extension","tag-crypto-scams","tag-deepfakes","tag-elections","tag-epic-games","tag-firmware","tag-idaas","tag-identity-as-a-service","tag-jamila-kaya","tag-lokibot","tag-ransomware","tag-scammers","tag-twitter","tag-voatz","tag-week-in-security","tag-weekly-blog-roundup","tag-youtube-hack"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17804","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=17804"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17804\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=17804"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=17804"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=17804"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}