{"id":7916,"date":"2017-06-12T10:10:27","date_gmt":"2017-06-12T18:10:27","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/06\/12\/news-1697\/"},"modified":"2017-06-12T10:10:27","modified_gmt":"2017-06-12T18:10:27","slug":"news-1697","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/06\/12\/news-1697\/","title":{"rendered":"A week in security (Jun 05 \u2013 Jun 11)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 12 Jun 2017 16:58:27 +0000<\/strong><\/p>\n<p>Last week, we <a href=\"https:\/\/blog.malwarebytes.com\/101\/2017\/06\/interview-with-a-malware-hunter-pieter-arntz\/\" target=\"_blank\" rel=\"noopener noreferrer\">interviewed<\/a> our very own <a href=\"https:\/\/blog.malwarebytes.com\/author\/metallicamvp\/\" target=\"_blank\" rel=\"noopener noreferrer\">Pieter Arntz<\/a> to get to know him a little better. We also touched on the importance of <a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2017\/06\/https-everywhere\/\" target=\"_blank\" rel=\"noopener noreferrer\">HTTPS<\/a> and focused on a <a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2017\/06\/new-social-engineering-scheme-triggers-on-mouse-movement\/\" target=\"_blank\" rel=\"noopener noreferrer\">new social engineering<\/a> scheme that triggers on mouse movement.<\/p>\n<p>We also took <a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2017\/06\/latentbot\/\" target=\"_blank\" rel=\"noopener noreferrer\">a deeper look at LatentBot<\/a>, a <a href=\"https:\/\/blog.malwarebytes.com\/glossary\/trojan\/\" target=\"_blank\" rel=\"noopener noreferrer\">Trojan<\/a> that is being distributed by the RIG exploit kit; profiled <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/06\/fireball-chinese-malware\/\" target=\"_blank\" rel=\"noopener noreferrer\">Fireball<\/a>, a <a href=\"https:\/\/blog.malwarebytes.com\/threats\/browser-hijacker\/\" target=\"_blank\" rel=\"noopener noreferrer\">browser hijacker<\/a> that is capable of downloading and executing other malware, <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/06\/please-stop-posting-your-x-rays-to-social-media\/\" target=\"_blank\" rel=\"noopener noreferrer\">advised<\/a> blog readers to stop sharing photos of their X-rays to social media; and <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/06\/tech-support-scams-what-are-other-people-doing\/\" target=\"_blank\" rel=\"noopener noreferrer\">named<\/a> the other groups and\/or individuals who are also fighting the good fight against <a href=\"https:\/\/blog.malwarebytes.com\/tech-support-scams\/\" target=\"_blank\" rel=\"noopener noreferrer\">tech support scams<\/a>.<\/p>\n<p>Below are notable news stories and security-related happenings:<\/p>\n<ul>\n<li><a href=\"https:\/\/techcrunch.com\/2017\/06\/05\/apple-test-hints-that-ios-11-will-be-the-end-of-life-for-outdated-32-bit-applications\/\" target=\"_blank\" rel=\"noopener noreferrer\">Apple Test Hints That iOS 11 Will Be The End-of-life For Outdated, 32-bit Applications.<\/a> &#8220;Ahead of Apple\u2019s Worldwide Developer Conference today, and the expected announcement of iOS 11, the company briefly removed older, 32-bit iOS applications from appearing in the App Store\u2019s search results. The change, which appears to have been a short test on Sunday, could have impacted a sizable portion of the App Store\u2019s long tail.&#8221; <em>(Source: TechCrunch)<\/em><\/li>\n<li><a href=\"https:\/\/arstechnica.com\/tech-policy\/2017\/06\/london-attack-internet-regulation-facebook-twitter-google\/\" target=\"_blank\" rel=\"noopener noreferrer\">Tech Firms: We\u2019re Trying To Make Our Sites Hostile To Terrorists.<\/a> &#8220;In the aftermath of the London attack, Facebook, Google, and Twitter have insisted that they already work closely with the UK government to flush out the sharing of extremist content\u2014as fresh calls to crack down on the Internet and end-to-end crypto once again surfaced following a terror atrocity.&#8221; <em>(Source: Ars Technica)<\/em><\/li>\n<li><a href=\"http:\/\/www.csoonline.com\/article\/3199585\/security\/hack-back-law-would-create-cyber-vigilantes.html\" target=\"_blank\" rel=\"noopener noreferrer\">Hack Back Law Would Create Cyber Vigilantes.<\/a> &#8220;Tom Graves (R-GA) released an update to the initial Active Cyber Defense Certainty Act (ACDC) that intends to exempt victims of cyber attacks from being prosecuted for attempting to hack back at their attackers under the Computer Fraud and Abuse Act (CFAA). If enacted, the law allows organizations that are the victims of hacks to conduct their own hacks to identify the assailants, stop the attacks or retrieve stolen files. At a high level, it makes sense. In practice, it is ridiculous.&#8221; <em>(Source: CSO)<\/em><\/li>\n<li><a href=\"https:\/\/www.helpnetsecurity.com\/2017\/06\/06\/stealthy-ddos-attacks\/\" target=\"_blank\" rel=\"noopener noreferrer\">Stealthy DDoS Attacks Distract From More Destructive Security Threats.<\/a> &#8220;Despite several headline-dominating, high-volume DDoS attacks over the past year, the vast majority (98%) of the DDoS attack attempts against Corero customers during Q1 2017 were less than 10 Gbps per second in volume. In addition, almost three-quarters (71%) of the attacks mitigated by Corero lasted 10 minutes or less.&#8221; <em>(Source: Help Net Security)<\/em><\/li>\n<li><a href=\"http:\/\/www.darkreading.com\/endpoint\/wannacry-exploit-could-infect-windows-10\/d\/d-id\/1329049?\" target=\"_blank\" rel=\"noopener noreferrer\">WannaCry Exploit Could Infect Windows 10.<\/a> &#8220;WannaCry targeted a Server Message Block (SMB) critical vulnerability that Microsoft patched with MS17-010 on March 14, 2017. While WannaCry damage was mostly limited to machines running Windows 7, a different version of EternalBlue could infect Windows 10.&#8221; <em>(Source: Dark Reading)<\/em><\/li>\n<li><a href=\"https:\/\/www.infosecurity-magazine.com\/opinions\/two-factors-better-one\/\" target=\"_blank\" rel=\"noopener noreferrer\">Why Two Factors Are Better Than One.<\/a> &#8220;In fact, a recent study conducted by the Pew Research Center illustrates why reliance on the single factor of ID and password may not provide sufficient protection. The study found that 39% of online adults have shared their password to one of their online accounts with a friend or family member. In addition, 25% admit that they often use passwords that are less secure because simpler passwords are easier to remember.&#8221; <em>(Source: InfoSecurity Magazine)<\/em><\/li>\n<li><a href=\"http:\/\/www.computerweekly.com\/news\/450420159\/Singapore-Australia-forge-cyber-security-ties\" target=\"_blank\" rel=\"noopener noreferrer\">Singapore, Australia Forge Cyber Security Ties.<\/a> &#8220;In a two-year memorandum of understanding (MoU) inked by the two countries on 2 June 2017, the Cyber Security Agency of Singapore and the Australian government will conduct regular information exchanges on cyber threats, share best practices to promote innovation in cyber security and build cyber security capabilities.&#8221; <em>(Source: Computer Weekly)<\/em><\/li>\n<li><a href=\"https:\/\/www.wired.com\/2017\/06\/end-net-neutrality-shackle-internet-things\/\" target=\"_blank\" rel=\"noopener noreferrer\">The End Of Net Neutrality Could Shackle The Internet Of Things.<\/a> &#8220;Net Neutrality isn&#8217;t the simplest concept to grasp. Explaining it works best via example: Net neutrality means, say, that internet providers like AT&amp;T, Comcast, and Verizon, which also have their own television and streaming video services, can&#8217;t create &#8216;slow lanes&#8217; for competing services. They can&#8217;t gum up traffic from sites such as Netflix and Dish&#8217;s SlingTV in favor of their own.&#8221; <em>(Source: Wired)<\/em><\/li>\n<li><a href=\"https:\/\/www.hackread.com\/russian-hackers-control-malware-via-britney-spears-instagram-posts\/\" target=\"_blank\" rel=\"noopener noreferrer\">Russian Hackers Control Malware Via Britney Spears Instagram Posts.<\/a> &#8220;A group of Russian-speaking hackers has been attacking multiple governments for years now. Not only that, but they also experimented with different methods of conducting those attacks with the help of the social media websites. Their approach was pretty clever, and they used those sites for concealment of the espionage malware.&#8221; <em>(Source: HackRead)<\/em><\/li>\n<li><a href=\"http:\/\/www.darkreading.com\/endpoint\/slack-telegram-other-chat-apps-being-used-as-malware-control-channels\/d\/d-id\/1329063?\" target=\"_blank\" rel=\"noopener noreferrer\">Slack, Telegram, Other Chat Apps Being Used As Malware Control Channels.<\/a> &#8220;Researchers at Trend Micro took a closer look at platforms including chat programs, self-hosted chat clients, and social networks to see whether their application programming interfaces (APIs) could be turned into C&amp;C infrastructure. API refers to definitions, protocols, and tools that a program uses to interact and perform specific tasks.&#8221; <em>(Source: Dark Reading)<\/em><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2017\/06\/06\/how-to-spot-potentially-scammy-ads-in-search-results\/\" target=\"_blank\" rel=\"noopener noreferrer\">Google Ads For Tech Support Scams \u2013 Would You Spot One?<\/a> &#8220;According to Bleeping Computer, the dodgy campaign was spotted on Friday by a US user who posted his observations to a StackExchange thread. The user said that a coworker had searched for &#8216;Target&#8217;, clicked the top result \u2013 which was an ad \u2013 and was redirected to a phishing page that was rigged up to look like a Microsoft tech support page that wanted him to call a &#8216;tech support number&#8217;.&#8221; <em>(Source: Sophos&#8217;s Naked Security Blog)<\/em><\/li>\n<li><a href=\"https:\/\/motherboard.vice.com\/en_us\/article\/russian-vending-machine-fake-instagram-likes\" target=\"_blank\" rel=\"noopener noreferrer\">This Russian Vending Machine Will Sell You Fake Instagram Likes.<\/a> &#8220;For years, those hungry for online validation have bought fake likes, faves, or followers for every social media site imaginable. In exchange for a small sum, dozens of sketchy websites promise anywhere from a couple dozen likes on a single Instagram photo, to a million Twitter followers.&#8221; <em>(Source: Motherboard)<\/em><\/li>\n<li><a href=\"https:\/\/www.thenation.com\/article\/worried-election-hacking-theres-fix\/\" target=\"_blank\" rel=\"noopener noreferrer\">Worried About Election Hacking? There\u2019s A Fix For That.<\/a> &#8220;Revelations regarding top-level inquiries into a cyberattack launched by Russian military intelligence agents on an American voting-systems manufacturer, and of an apparently related attempt to hack the e-mail accounts of local election officials around the United States shortly before the 2016 presidential election, should turn the attention of Congress toward the need to secure this country\u2019s extraordinarily vulnerable electoral processes.&#8221; <em>(Source: The Nation)<\/em><\/li>\n<li><a href=\"https:\/\/www.hackread.com\/14-year-old-japanese-student-caught-creating-ransomware\/\" target=\"_blank\" rel=\"noopener noreferrer\">14-year-old Japanese Student Caught For Creating Ransomware.<\/a> &#8220;The cyber criminal community is quite active is developing nasty ransomware to infect unsuspecting users and demand a large amount of money in return. But who could expect a 14-year-old to develop a ransomware malware on his own?&#8221; <em>(Source: HackRead)<\/em><\/li>\n<li><a href=\"https:\/\/www.helpnetsecurity.com\/2017\/06\/09\/hacking-al-jazeera\/\" target=\"_blank\" rel=\"noopener noreferrer\">Al-Jazeera Reportedly Hit By Systematic Hacking Attempts.<\/a> &#8220;Al-Jazeera, the Doha-based broadcaster owned by the ruling family of Qatar, says the websites and digital platforms of Al-Jazeera Media Network, its parent company, &#8216;are undergoing systematic and continual hacking attempts.&#8217;&#8221; <em>(Source: Help Net Security)<\/em><\/li>\n<li><a href=\"https:\/\/www.scmagazine.com\/botnets-pose-threat-in-midst-of-decline-in-ransomware-attacks\/article\/667068\/\" target=\"_blank\" rel=\"noopener noreferrer\">Sleeping Giant, Botnets Pose Threat As Ransomware Attacks Decline.<\/a> &#8220;Botnet operators are capable of using their malicious networks to execute virtually any task with a success rate of close to 100 percent, according to a June 7 ESET security blog post. These task could be anything from sending spam, distributing ransomware, carrying out DDoS attacks, or cheating advertising networks, or mining Bitcoin, all of which could change on a whim.&#8221; <em>(Source: SC Magazine)<\/em><\/li>\n<li><a href=\"https:\/\/arstechnica.com\/security\/2017\/06\/internet-cameras-expose-private-video-feeds-and-remote-controls\/\" target=\"_blank\" rel=\"noopener noreferrer\">Internet Cameras Have Hard-coded Password That Can\u2019t Be Changed.<\/a> &#8220;Security cameras manufactured by China-based Foscam are vulnerable to remote take-over hacks that allow attackers to view video feeds, download stored files, and possibly compromise other devices connected to a local network. That&#8217;s according to a 12-page report released Wednesday by security firm F-Secure.&#8221; <em>(Source: Ars Technica)<\/em><\/li>\n<li><a href=\"https:\/\/www.hackread.com\/malicious-android-app-installs-impossible-to-remove-adware\/\" target=\"_blank\" rel=\"noopener noreferrer\">Malicious Android App Installs &#8216;Impossible To remove&#8217; Adware.<\/a> &#8220;The IT Security researchers have discovered a new malware that is essentially an Android Package or APK masked as a cleaner app called Ks cleaner and tricks the users into downloading a security update. Once the update is installed, the malware cannot be removed.&#8221; <em>(Source: HackRead)<\/em><\/li>\n<li><a href=\"https:\/\/www.crn.com.au\/feature\/i-admit-it-im-a-cyber-security-professional-and-i-fell-for-a-phishing-email-464535\" target=\"_blank\" rel=\"noopener noreferrer\">I Admit It, I&#8217;m A Cyber Security Professional And I Fell For A Phishing Email.<\/a> &#8220;Both emails lacked any attachments that could have aroused suspicions. On both emails there was a call to action &#8211; a &#8216;Renew your Business Name&#8217; link was in the ASIC email, and a &#8216;View Your Bill&#8217; link was in the Origin email.&#8221; <em>(Source: CRN)<\/em><\/li>\n<li><a href=\"http:\/\/www.csoonline.com\/article\/3199997\/phishing\/don-t-like-mondays-neither-do-attackers.html\" target=\"_blank\" rel=\"noopener noreferrer\">Don\u2019t Like Mondays? Neither Do Attackers.<\/a> &#8220;Monday may be our least favorite day of the week, but Thursday is when security professionals should watch out for cybercriminals, researchers say. Timing is everything. Attackers pay as close attention to when they send out their booby-trapped emails as they do in crafting how these emails look.&#8221; <em>(Source: CSO)<\/em><\/li>\n<li><a href=\"https:\/\/www.forbes.com\/sites\/danwoods\/2017\/06\/08\/keeping-threat-intelligence-ahead-of-the-bad-guys\/#70f39d8472bd\" target=\"_blank\" rel=\"noopener noreferrer\">Keeping Threat Intelligence Ahead Of The Bad Guys.<\/a> &#8220;Over the course of my recent series on establishing a cybersecurity portfolio, I\u2019ve recommended five steps for businesses to engage in as they determine the security investments that are right for them: 1) Determine Needs; 2) Allocate Spending According to Risk; 3) Design Your Portfolio; 4) Choose the Right Products; and 5) Rebalance as Needed. These steps are akin to the process you would go through with your broker when creating a strong financial portfolio, with a diversified spread of investments and an adaptable strategy that can change along with your needs at a given time.&#8221; <em>(Source: Forbes)<\/em><\/li>\n<\/ul>\n<p>Safe surfing, everyone!<\/p>\n<p><em>The Malwarebytes Labs Team<\/em><\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2017\/06\/a-week-in-security-jun-05-jun-11\/\">A week in security (Jun 05 \u2013 Jun 11)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2017\/06\/a-week-in-security-jun-05-jun-11\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 12 Jun 2017 16:58:27 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/2017\/06\/a-week-in-security-jun-05-jun-11\/' title='A week in security (Jun 05 \u2013 Jun 11)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2017\/01\/photodune-702886-calendar-l.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A compilation of notable security news and blog posts from the 5th of June to the 11th. We touched on topics like HTTPS, a nasty adware, LatentBot, and other fighters against tech support scams.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/\" rel=\"category tag\">Security world<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/cybersecurity\/\" rel=\"tag\">cybersecurity<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/exploit-kit\/\" rel=\"tag\">exploit kit<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/fireball\/\" rel=\"tag\">fireball<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/malware\/\" rel=\"tag\">malware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/pieter-arntz\/\" rel=\"tag\">Pieter Arntz<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/recap\/\" rel=\"tag\">recap<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/security\/\" rel=\"tag\">security<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/social-engineering\/\" rel=\"tag\">Social Engineering<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/weekly-blog-roundup\/\" rel=\"tag\">weekly blog roundup<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/2017\/06\/a-week-in-security-jun-05-jun-11\/' title='A week in security (Jun 05 \u2013 Jun 11)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2017\/06\/a-week-in-security-jun-05-jun-11\/\">A week in security (Jun 05 \u2013 Jun 11)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[4500,10534,12558,3764,10523,10503,714,10497,10510,10498,10506],"class_list":["post-7916","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-cybersecurity","tag-exploit-kit","tag-fireball","tag-malware","tag-pieter-arntz","tag-recap","tag-security","tag-security-world","tag-social-engineering","tag-week-in-security","tag-weekly-blog-roundup"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7916","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=7916"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7916\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=7916"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=7916"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=7916"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}