{"id":8288,"date":"2017-07-10T10:10:03","date_gmt":"2017-07-10T18:10:03","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/07\/10\/news-2062\/"},"modified":"2017-07-10T10:10:03","modified_gmt":"2017-07-10T18:10:03","slug":"news-2062","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/07\/10\/news-2062\/","title":{"rendered":"A week in security (July 03 \u2013 July 09)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 10 Jul 2017 17:18:30 +0000<\/strong><\/p>\n<p>Last week, we released our second quarter Cybercrime Tactics &amp; Techniques report, where we revealed that ransomware outbreaks were dominant during this quarter. You can read the full report on the post below:<\/p>\n<blockquote data-secret=\"eZuu1Kow8L\" class=\"wp-embedded-content\">\n<p><a href=\"https:\/\/blog.malwarebytes.com\/malwarebytes-news\/2017\/07\/report-second-quarter-dominated-by-ransomware-outbreaks\/\">Report: Second quarter dominated by ransomware outbreaks<\/a><\/p>\n<\/blockquote>\n<p><iframe loading=\"lazy\"  src=\"https:\/\/blog.malwarebytes.com\/malwarebytes-news\/2017\/07\/report-second-quarter-dominated-by-ransomware-outbreaks\/embed\/#?secret=eZuu1Kow8L\" width=\"100%\" height=\"420\" frameborder=\"0\" ><\/iframe> <\/p>\n<p>Our researchers continue to share <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/07\/the-key-to-the-old-petya-has-been-published-by-the-malware-author\/\" target=\"_blank\" rel=\"noopener noreferrer\">our findings<\/a>\u00a0on\u00a0<a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/06\/petya-esque-ransomware-is-spreading-across-the-world\/\" target=\"_blank\" rel=\"noopener noreferrer\">EternalPetya<\/a>, the malware that made headlines across the globe due to its similarities with <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/05\/wanacrypt0r-ransomware-hits-it-big-just-before-the-weekend\/\" target=\"_blank\" rel=\"noopener noreferrer\">WanaCryp0r (a.k.a. WannaCry)<\/a>. In case you don&#8217;t want to read all our blog posts, we made <a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/malware-threat-analysis\/2017\/07\/all-this-eternalpetya-stuff-makes-me-wannacry\/\" target=\"_blank\" rel=\"noopener noreferrer\">a summary post<\/a> of what we know so far about EternalBlue and the attack.<\/p>\n<p>Meanwhile, Senior Security Researcher <a href=\"https:\/\/blog.malwarebytes.com\/author\/jeromesegura\/\" target=\"_blank\" rel=\"noopener noreferrer\">J\u00e9r\u00f4me Segura<\/a> revealed that threat actors behind malvertising campaigns may be using such outbreaks as a diversion from their schemes. At least that was what the group called <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/07\/adgholas-malvertising-thrives-shadows-ransomware-outbreaks\/\" target=\"_blank\" rel=\"noopener noreferrer\">AdGholas<\/a> was doing. Segura saw a new wave of <a href=\"https:\/\/blog.malwarebytes.com\/glossary\/drive-by-download\/\" target=\"_blank\" rel=\"noopener noreferrer\">drive-by download attacks<\/a> pushing the <a href=\"https:\/\/blog.malwarebytes.com\/?s=Astrum\" target=\"_blank\" rel=\"noopener noreferrer\">Astrum exploit kit<\/a>.<\/p>\n<p>Below are notable news stories and security-related happenings from last week:<\/p>\n<h3>Latest updates for\u00a0Consumers<\/h3>\n<ul>\n<li><a href=\"https:\/\/www.nytimes.com\/2017\/07\/02\/technology\/hackers-find-ideal-testing-ground-for-attacks-developing-countries.html\" target=\"_blank\" rel=\"noopener noreferrer\">Hackers Find &#8216;Ideal Testing Ground&#8217; For Attacks: Developing Countries.<\/a> &#8220;Security researchers are increasingly looking in countries outside the West to discover the newest, most creative and potentially most dangerous types of cyberattacks being deployed. As developing economies rush to go online, they provide a fertile testing ground for hackers trying their skills in an environment where they can evade detection before deploying them against a company or state that has more advanced defenses.&#8221; <em>(Source: The New York Times)<\/em><\/li>\n<li><a href=\"http:\/\/thehill.com\/policy\/cybersecurity\/340160-senators-introduce-cyber-hygiene-bill\" target=\"_blank\" rel=\"noopener noreferrer\">Senators Introduce &#8216;Cyber Hygiene&#8217; Bill.<\/a> &#8220;The Promoting Good Cyber Hygiene Act, introduced by Hatch and Sen. Ed Markey (D-Mass.), would direct the National Institute of Standards and Technology to establish a set of baseline voluntary best practices for safeguarding against cyber intrusions that would be updated annually.&#8221; <em>(Source: The Hill)<\/em><\/li>\n<li><a href=\"https:\/\/www.helpnetsecurity.com\/2017\/07\/03\/windows-10-protect-ransomware\/\" target=\"_blank\" rel=\"noopener noreferrer\">Windows 10 Will Use Protected Folders To Thwart Crypto Ransomware.<\/a> &#8220;Windows 10 Fall Creators Update (the next major update of Microsoft\u2019s popular OS) is scheduled to be released in September, and will come with major new end-to-end security features. As announced last week, the Enhanced Mitigation Experience Toolkit (EMET) is making a partial comeback, along with new vulnerability mitigations, in a new feature called Windows Defender Exploit Guard.&#8221; <em>(Source: Help Net Security)<\/em><\/li>\n<li><a href=\"http:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/slocker-mobile-ransomware-starts-mimicking-wannacry\/\" target=\"_blank\" rel=\"noopener noreferrer\">SLocker Mobile Ransomware Starts Mimicking WannaCry.<\/a> &#8220;The SLocker family is one of the oldest mobile lock screen and file-encrypting ransomware and used to impersonate law enforcement agencies to convince victims to pay their ransom. After laying low for a few years, it had a sudden resurgence last May.&#8221; <em>(Source: Trend Micro&#8217;s TrendLabs Security Intelligence Blog)<\/em><\/li>\n<li><a href=\"https:\/\/www.grahamcluley.com\/now-criminals-ringing-british-mps-ask-passwords\/\" target=\"_blank\" rel=\"noopener noreferrer\">Now Criminals Are Ringing Up British MPs To Ask Them Their Passwords.<\/a> &#8220;Hot on the heels of reports that the passwords of British politicians and their staff are being sold on the web by criminals, and an attack on the Houses of Parliament&#8217;s email system, it has now been revealed that some MPs have been receiving some rather phishy phone calls.&#8221; <em>(Source: Graham Cluley&#8217;s Blog)<\/em><\/li>\n<li><a href=\"https:\/\/www.usatoday.com\/story\/tech\/columnist\/saltzman\/2017\/07\/03\/delete-suspicious-text-messages-on-your-smartphone\/439647001\/\" target=\"_blank\" rel=\"noopener noreferrer\">&#8216;Smishing&#8217; Scams Target Your Text Messages. Here&#8217;s How To Avoid Them.<\/a> &#8220;While the name of this growing threat might sound funny, being a victim of it is no joke. Similar to a \u201cphishing\u201d scam \u2014 where computer users receive an authentic-looking email that appears to be from their bank, Internet Service Provider (ISP), favorite store, or other organization \u2013 &#8216;smishing&#8217; messages are sent to you via SMS (text message) on your mobile phone.&#8221; <em>(Source: USA Today)<\/em><\/li>\n<li><a href=\"https:\/\/ibsintelligence.com\/ibs-journal\/ibs-news\/65-of-major-us-banks-found-to-fail-basic-web-security-testing\/\" target=\"_blank\" rel=\"noopener noreferrer\">65% Of Major US Banks Have Failed Web Security Testing.<\/a> &#8220;Websites run by some of the largest banks in the US have scored the poorest in a new security and privacy analysis audit. The non-profit Online Trust Alliance (OTA) Alliance anonymously audited more than 1,000 websites, ranking their security and privacy practices. None of the sites investigated knew about the test.&#8221; <em>(Source: IBS Intelligence)<\/em><\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/horcrux-is-a-password-manager-designed-for-security-and-paranoid-users\/\" target=\"_blank\" rel=\"noopener noreferrer\">Horcrux Is a Password Manager Designed for Security and Paranoid Users.<\/a> &#8220;Two researchers from the University of Virginia have developed a new password manager prototype that works quite differently from existing password manager clients. The research team describes their password manager \u2014 which they named Horcrux \u2014 as &#8220;a password manager for paranoids,&#8221; due to its security and privacy-focused features and a unique design used for handling user passwords, both while in transit and at rest.&#8221; <em>(Source: Bleeping Computer)<\/em><\/li>\n<li><a href=\"https:\/\/www.helpnetsecurity.com\/2017\/07\/07\/kodi-boxes-malware\/\" target=\"_blank\" rel=\"noopener noreferrer\">Why Kodi Boxes Can Pose A Serious Malware Threat.<\/a> &#8220;When new streaming devices, such as the Amazon Firestick and Apple TV, were first introduced, many were intrigued by the ease by which they could watch &#8216;over the top&#8217; content from the Internet, such as Netflix or Hulu, on their living room televisions.&#8221; <em>(Source: Help Net Security)<\/em><\/li>\n<li><a href=\"https:\/\/motherboard.vice.com\/en_us\/article\/3kndgv\/as-worlds-largest-dark-web-market-vanishes-dodgy-links-promise-a-way-back-in\" target=\"_blank\" rel=\"noopener noreferrer\">As World&#8217;s Largest Dark Web Market Vanishes, Dodgy Links Promise A Way Back In.<\/a> &#8220;On Wednesday, AlphaBay, the largest market on the dark web disappeared. Since AlphaBay is wholly inaccessible, customers and vendors are locked out of their accounts, and, perhaps more importantly, cut off from any bitcoins they stored on the site. In order to purchase items on AlphaBay, users need to send bitcoins to the site&#8217;s own wallets.&#8221; <em>(Source: Motherboard)<\/em><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h3>Latest updates for Businesses<\/h3>\n<ul>\n<li><a href=\"https:\/\/www.reuters.com\/article\/us-usa-cyber-energy-idUSKBN19L2Z9\" target=\"_blank\" rel=\"noopener noreferrer\">U.S. Warns Businesses Of Hacking Campaign Against Nuclear, Energy Firms.<\/a> &#8220;Since at least May, hackers used tainted &#8216;phishing&#8217; emails to &#8216;harvest credentials&#8217; so they could gain access to networks of their targets, according to a joint report from the U.S. Department of Homeland Security and Federal Bureau of Investigation.&#8221; <em>(Source: Reuters)<\/em><\/li>\n<li><a href=\"https:\/\/www.bna.com\/basic-cybersecurity-hygiene-n73014460961\" target=\"_blank\" rel=\"noopener noreferrer\">Basic Cybersecurity Hygiene Tips Are Ransomware Vaccine.<\/a> &#8220;Some companies that were hit told their employees to not use internal information technology systems and shut down email. Although that may be one way to halt the cyberattack\u2019s spread, companies can take other steps to maintain business continuity and help lessen the impact of any future attack, the pros said.&#8221; <em>(Source: Bloomberg BNA)<\/em><\/li>\n<li><a href=\"http:\/\/windowsitpro.com\/security\/six-things-do-secure-your-linux-system\" target=\"_blank\" rel=\"noopener noreferrer\">Six Things to Do to Secure Your Linux System.<\/a> &#8220;I bring this up only to illustrate that the next malware round can strike at anytime and on any platform. In fact, on Tuesday, at the same time Petya was wrecking havoc on Windows, a patch was made available for a vulnerability in systemd, the default init system in most modern Linux distributions, that could be leveraged by remote attackers to run malicious code by using a specially crafted DNS response.&#8221; <em>(Source: Windows IT Pro)<\/em><\/li>\n<li><a href=\"http:\/\/www.businesscloud.co.uk\/magazine\/small-businesses-dying-because-of-cyber-threat\" target=\"_blank\" rel=\"noopener noreferrer\">Small Businesses &#8216;Dying&#8217; Because Of Cyber Threat.<\/a> &#8220;The managing director of a major cyber security player has warned small businesses to take the cyber threat more seriously. Paul Harris, managing director of Manchester-based Secarma, says that half of all cyber-attacks are upon small firms which could be destroyed overnight.&#8221; <em>(Source: Business Cloud)<\/em><\/li>\n<li><a href=\"http:\/\/www.linuxinsider.com\/story\/84652.html\" target=\"_blank\" rel=\"noopener noreferrer\">IoT Fuels Growth Of Linux Malware.<\/a> &#8220;Malware targeting Linux systems is growing, largely due to a proliferation of devices created to connect to the Internet of Things. That is one of the findings in a report WatchGuard Technologies, a maker of network security appliances, released last week.&#8221; <em>(Source: Linux Insider)<\/em><\/li>\n<li><a href=\"http:\/\/www.zdnet.com\/article\/at-30000-for-a-flaw-bug-bounties-are-big-and-getting-bigger\/\" target=\"_blank\" rel=\"noopener noreferrer\">At $30,000 For A Flaw, Bug Bounties Are Big And Getting Bigger.<\/a> &#8220;Hackers are being paid as much as $30,000 for finding a single critical flaw in a company&#8217;s systems, and the amount companies are willing to pay is increasing. While the use of such bug hunting programmes is still limited, some large organisations are offering hackers rewards for spotting flaws in their systems.&#8221; <em>(Source: ZDNet)<\/em><\/li>\n<li><a href=\"https:\/\/www.scmagazineuk.com\/dont-fear-gdpr--its-the-key-to-create-a-culture-of-secure-it\/article\/669596\/\" target=\"_blank\" rel=\"noopener noreferrer\">Don&#8217;t Fear GDPR &#8211; It&#8217;s The Key To Create A Culture Of Secure IT.<\/a> &#8220;Many organisations are looking to bring their cyber procedures and capabilities up to scratch ahead of its becoming enforceable, May 2018. But, with an evolving IT threat landscape, new technologies introducing new risk, and a cyber-skills deficit, it&#8217;s important that CIOs and IT directors not only focus on this critical deadline but also look beyond it.&#8221; <em>(Source: SC Magazine UK)<\/em><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>Safe surfing, everyone!<\/p>\n<p><em>The Malwarebytes Labs Team<\/em><\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2017\/07\/a-week-in-security-july-03-july-09\/\">A week in security (July 03 \u2013 July 09)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2017\/07\/a-week-in-security-july-03-july-09\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 10 Jul 2017 17:18:30 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/2017\/07\/a-week-in-security-july-03-july-09\/' title='A week in security (July 03 \u2013 July 09)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2017\/01\/photodune-702886-calendar-l.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A compilation of security news and blog posts from the 3rd of July to the 9th. We go over our latest Cybercrime Tactics &#38; Techniques Report, summarize the Petya ransomware outbreak, and more.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/\" rel=\"category tag\">Security world<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/a-week-in-security\/\" rel=\"tag\">a week in security<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/adgholas\/\" rel=\"tag\">adgholas<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/astrum\/\" rel=\"tag\">astrum<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/eternalpetya\/\" rel=\"tag\">EternalPetya<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/malvertising\/\" rel=\"tag\">malvertising<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/recap\/\" rel=\"tag\">recap<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/wanacrypt0r\/\" rel=\"tag\">WanaCrypt0r<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/wannacry\/\" rel=\"tag\">WannaCry<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/weekly-blog-roundup\/\" rel=\"tag\">weekly blog roundup<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/2017\/07\/a-week-in-security-july-03-july-09\/' title='A week in security (July 03 \u2013 July 09)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2017\/07\/a-week-in-security-july-03-july-09\/\">A week in security (July 03 \u2013 July 09)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[12969,12907,12908,12849,10531,10503,10497,12255,12252,10498,10506],"class_list":["post-8288","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-a-week-in-security","tag-adgholas","tag-astrum","tag-eternalpetya","tag-malvertising","tag-recap","tag-security-world","tag-wanacrypt0r","tag-wannacry","tag-week-in-security","tag-weekly-blog-roundup"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/8288","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=8288"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/8288\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=8288"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=8288"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=8288"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}