{"id":9497,"date":"2017-09-25T09:10:09","date_gmt":"2017-09-25T17:10:09","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/09\/25\/news-3270\/"},"modified":"2017-09-25T09:10:09","modified_gmt":"2017-09-25T17:10:09","slug":"news-3270","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/09\/25\/news-3270\/","title":{"rendered":"A week in security (September 18 &#8211; September 24)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 25 Sep 2017 16:24:17 +0000<\/strong><\/p>\n<p>Last week, we kept you updated on our blog about the infected versions of <a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2017\/09\/infected-ccleaner-downloads-from-official-servers\/\" target=\"_blank\" rel=\"noopener\">CCleaner that were offered as downloads on the official servers<\/a>.<\/p>\n<p>We also warned you against a <a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2017\/09\/cve-2017-0199-used-to-deliver-modified-rms-agent-rat\/\" target=\"_blank\" rel=\"noopener\">fake IRS notice that delivers a customized spying tool<\/a>, <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/09\/dont-let-these-gaming-threats-give-you-a-game-over\/\" target=\"_blank\" rel=\"noopener\">some of the threats currently facing gamers<\/a>, and a <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/09\/netflix-scam-warning\/\" target=\"_blank\" rel=\"noopener\">Netflix scam that has been doing the rounds in Europe<\/a>.<\/p>\n<p>Mac users learned <a href=\"https:\/\/blog.malwarebytes.com\/101\/2017\/09\/how-to-tell-if-your-mac-is-infected\/\" target=\"_blank\" rel=\"noopener\">how to tell if their Mac is infected<\/a> and <a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2017\/09\/ftc-providing-partial-refunds-for-advanced-tech-support-victims\/\" target=\"_blank\" rel=\"noopener\">Advanced Tech Support victims learned how to apply for a (partial) refund<\/a>.<\/p>\n<p>Elsewhere:<\/p>\n<h3>Consumer news<\/h3>\n<ul>\n<li>The <a href=\"https:\/\/www.nytimes.com\/2017\/09\/22\/your-money\/equifax-breach.html\" target=\"_blank\" rel=\"noopener\">pain caused by the Equifax breach was analyzed<\/a> in depth by the NY Times.<\/li>\n<li>And just as easily <a href=\"https:\/\/www.theregister.co.uk\/2017\/09\/21\/equifax_fooled_again_company_teets_out_links_to_website_parodying_it\/\" target=\"_blank\" rel=\"noopener\">Equifax was fooled again<\/a>. They referred users to a parody site like phishers might have used. Luckily this time it was run by a security researcher.<\/li>\n<li>A new twist in ransomware was provided by \u201c<a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/nransom-joke-locker-demands-nude-pics-as-payment-\/\" target=\"_blank\" rel=\"noopener\">nRansomware<\/a>\u201d, a program that locks up your computer and only releases it after you send in 10 nude pictures.<\/li>\n<li>The rise in the number of phishing sites has been huge. <a href=\"http:\/\/www.itproportal.com\/features\/almost-15-million-new-phishing-sites-pop-up-every-month\/\" target=\"_blank\" rel=\"noopener\">Almost 1.5 million new phishing sites pop up every month<\/a><\/li>\n<\/ul>\n<h3>Business news<\/h3>\n<ul>\n<li>A group of extortionists has been <a href=\"https:\/\/www.csoonline.com\/article\/3209132\/security\/scammers-demand-bitcoin-in-ddos-extortion-scheme-deliver-empty-threats.html\" target=\"_blank\" rel=\"noopener\">sending out threats to perform DDOS attacks on companies<\/a> unless they pay a set amount in BitCoin. The perpetrators are claiming to be affiliated with Anonymous or Lizard Squad.<\/li>\n<li>An absent-minded security staffer <a href=\"https:\/\/www.theregister.co.uk\/2017\/09\/22\/oh_dear_adobe_security_blog_leaks_private_key_info\/\" target=\"_blank\" rel=\"noopener\">accidentally leaked Adobe&#8217;s private PGP key<\/a> onto the internet.<\/li>\n<li><a href=\"https:\/\/www.theregister.co.uk\/2017\/09\/22\/iot_botnet_slinging_spam\/\" target=\"_blank\" rel=\"noopener\">The ProxyM IoT botnet has turned from DDOS to spam<\/a>. A device infected with ProxyM sends on average about 400 emails per day. Campaigns so far have promoted adult hookup sites.<\/li>\n<li>The U.S. <a href=\"https:\/\/www.grahamcluley.com\/sec-reveals-hackers-might-have-used-stolen-data-for-insider-trading\/\" target=\"_blank\" rel=\"noopener\">Securities and Exchange Commission (SEC) has revealed that attackers might have used data they stole in a security breach<\/a> for illicit insider trading.<\/li>\n<li><a href=\"https:\/\/www.upguard.com\/breaches\/cloud-leak-viacom\" target=\"_blank\" rel=\"noopener\">Viacom exposed a vast array of internal access credentials and critical data<\/a> that could be used to cause immense harm to the multinational corporation\u2019s business operations.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>Stay safe!<\/p>\n<p><em>Malwarebytes Labs Team<\/em><\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2017\/09\/week-security-september-18-september-24\/\">A week in security (September 18 &#8211; September 24)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2017\/09\/week-security-september-18-september-24\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 25 Sep 2017 16:24:17 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2017\/09\/week-security-september-18-september-24\/' title='A week in security (September 18 - September 24)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2017\/01\/photodune-702886-calendar-l.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A compilation of notable security news and blog posts from the 18th of September to the 24th of September.  Read all about the CCleaner supply chain attack and a lot of other security news.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/\" rel=\"category tag\">Security world<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/ats\/\" rel=\"tag\">ats<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ccleaner\/\" rel=\"tag\">ccleaner<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/equifax\/\" rel=\"tag\">Equifax<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ice\/\" rel=\"tag\">ice<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/irs\/\" rel=\"tag\">IRS<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/mac\/\" rel=\"tag\">mac<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/netflix\/\" rel=\"tag\">netflix<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/weekly-blog-roundup\/\" rel=\"tag\">weekly blog roundup<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2017\/09\/week-security-september-18-september-24\/' title='A week in security (September 18 - September 24)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2017\/09\/week-security-september-18-september-24\/\">A week in security (September 18 &#8211; September 24)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[15073,14861,12310,7201,11187,10454,3287,10497,10498,10506],"class_list":["post-9497","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-ats","tag-ccleaner","tag-equifax","tag-ice","tag-irs","tag-mac","tag-netflix","tag-security-world","tag-week-in-security","tag-weekly-blog-roundup"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/9497","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=9497"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/9497\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=9497"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=9497"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=9497"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}