{"id":7730,"date":"2017-05-22T13:10:01","date_gmt":"2017-05-22T21:10:01","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/05\/22\/news-1515\/"},"modified":"2017-05-22T13:10:01","modified_gmt":"2017-05-22T21:10:01","slug":"news-1515","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/05\/22\/news-1515\/","title":{"rendered":"A week in security (May 15 \u2013 May 21)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 22 May 2017 13:59:59 +0000<\/strong><\/p>\n<p>Last week was dominated by the WannaCry ransomware and the discussions ensuing it. We published:<\/p>\n<ul>\n<li>A <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/05\/wanna-cry-some-more-ransomware-roundup-special-edition\/\" target=\"_blank\" rel=\"noopener noreferrer\">quick roundup<\/a> of everything we found out in the first few days.<\/li>\n<li>How did it spread? Was it by email, was it a targeted attack? <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/05\/how-did-wannacry-ransomworm-spread\/\" target=\"_blank\" rel=\"noopener noreferrer\">Or was it just the worm?<\/a><\/li>\n<li>We found a <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/05\/wannadecrypt-your-files\/\" target=\"_blank\" rel=\"noopener noreferrer\">decryptor that works in some cases<\/a> and explained how to use it.<\/li>\n<\/ul>\n<p>Others discussed:<\/p>\n<ul>\n<li>Who\u2019s to blame? <a href=\"http:\/\/www.networkworld.com\/article\/3196222\/security\/microsoft-to-nsa-wannacry-is-your-fault.html\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft points at the NSA<\/a> for stockpiling vulnerabilities.<\/li>\n<li>Kaspersky pointed out <a href=\"https:\/\/securelist.com\/blog\/research\/78431\/wannacry-and-lazarus-group-the-missing-link\/\" target=\"_blank\" rel=\"noopener noreferrer\">similarities to the Lazarus APT<\/a>.<\/li>\n<li>The security researcher that registered the first killswitch got <a href=\"https:\/\/www.forbes.com\/sites\/thomasbrewster\/2017\/05\/15\/media-hounds-wannacry-ransomware-hero\/#401833835091\" target=\"_blank\" rel=\"noopener noreferrer\">doxxed by the British tabloids<\/a>.<\/li>\n<li>And statistics showing that <a href=\"http:\/\/www.techradar.com\/news\/wannacry-hit-windows-7-systems-hardest-new-research-shows\" target=\"_blank\" rel=\"noopener noreferrer\">Windows 7 computers were hit the hardest<\/a>.<\/li>\n<\/ul>\n<p>In other news we celebrated <a href=\"https:\/\/blog.malwarebytes.com\/101\/fyi\/2017\/05\/privacy-awareness-week-primer\/\" target=\"_blank\" rel=\"noopener noreferrer\">Privacy Awareness Week<\/a>, highlighting the two\u00a0main themes:<\/p>\n<ol>\n<li>Share with care.<\/li>\n<li>Trust and transparency.<\/li>\n<\/ol>\n<p>And we gave out some pointers on what to consider and how to act when you have reason to believe that your personal <a href=\"https:\/\/blog.malwarebytes.com\/101\/2017\/05\/draftinformation-stolen-what-now\/\" target=\"_blank\" rel=\"noopener noreferrer\">information was stolen<\/a>.<\/p>\n<p>Other important security news:<\/p>\n<ul>\n<li>Researchers from Carnegie Mellon University, Seagate, and the Swiss Federal Institute of\u00a0Zurich published a paper entitled &#8220;Vulnerabilities in MLC NAND Flash Memory Programming: Experimental Analysis, Exploits, and Mitigation Techniques.&#8221; Our friends at Bleeping computer <a href=\"https:\/\/www.bleepingcomputer.com\/news\/hardware\/ssd-drives-vulnerable-to-attacks-that-corrupt-user-data\/\" target=\"_blank\" rel=\"noopener noreferrer\">explained the found vulnerability of SSD drives<\/a>.<\/li>\n<li>A Croatian security investigator has discovered a new network worm that uses 7 tools and exploits from the US intelligence service NSA. The <a href=\"https:\/\/latesthackingnews.com\/2017\/05\/21\/new-smb-worm-loose-uses-7-nsa-exploits\/\" target=\"_blank\" rel=\"noopener noreferrer\">worm is called EternalRocks<\/a>, but its original name is \u201cMicroBotMassiveNet\u201c.<\/li>\n<li>Wikileaks has brought out information about other <a href=\"http:\/\/thehackernews.com\/2017\/05\/athena-cia-windows-hacking.html\" target=\"_blank\" rel=\"noopener noreferrer\">CIA tools called Athena and Hera<\/a>, spyware designed to take full, remote control over infected Windows PCs.<\/li>\n<\/ul>\n<p>In non-security news, we were amazed by this jewel telling us that <a href=\"http:\/\/onlinelibrary.wiley.com\/doi\/10.1002\/aenm.201700358\/full\" target=\"_blank\" rel=\"noopener noreferrer\">scientists at UCLA and the University of Connecticut managed to create a protein-based battery-like device<\/a> that extracts energy from the human body which could potentially be used to power implants like pacemakers.<\/p>\n<p>Safe surfing, everyone!<\/p>\n<p><em>The Malwarebytes Labs Team<\/em><\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2017\/05\/a-week-in-security-may-15-may-21-2\/\">A week in security (May 15 \u2013 May 21)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2017\/05\/a-week-in-security-may-15-may-21-2\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 22 May 2017 13:59:59 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/2017\/05\/a-week-in-security-may-15-may-21-2\/' title='A week in security (May 15 \u2013 May 21)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2017\/01\/photodune-702886-calendar-l.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A compilation of notable security news and blog posts from the 15th of May to the 21st. We covered WannaCry, Privacy Awareness week, and what to do when you suspect stolen personal data.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/\" rel=\"category tag\">Security world<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/biohack\/\" rel=\"tag\">biohack<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/eternalrocks\/\" rel=\"tag\">eternalrocks<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/privacy-awareness-week\/\" rel=\"tag\">privacy awareness week<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ssd-vulnerability\/\" rel=\"tag\">ssd vulnerability<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/stolen-data\/\" rel=\"tag\">stolen data<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/wannacry\/\" rel=\"tag\">WannaCry<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/weekly-blog-roundup\/\" rel=\"tag\">weekly blog roundup<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/wikileaks\/\" rel=\"tag\">wikileaks<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/2017\/05\/a-week-in-security-may-15-may-21-2\/' title='A week in security (May 15 \u2013 May 21)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2017\/05\/a-week-in-security-may-15-may-21-2\/\">A week in security (May 15 \u2013 May 21)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[12334,12335,12293,10497,12336,12337,12252,10498,10506,6722],"class_list":["post-7730","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-biohack","tag-eternalrocks","tag-privacy-awareness-week","tag-security-world","tag-ssd-vulnerability","tag-stolen-data","tag-wannacry","tag-week-in-security","tag-weekly-blog-roundup","tag-wikileaks"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7730","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=7730"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7730\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=7730"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=7730"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=7730"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}