{"id":10457,"date":"2017-11-13T13:10:02","date_gmt":"2017-11-13T21:10:02","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/11\/13\/news-4230\/"},"modified":"2017-11-13T13:10:02","modified_gmt":"2017-11-13T21:10:02","slug":"news-4230","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2017\/11\/13\/news-4230\/","title":{"rendered":"A week in security (November 6 \u2013 November 12)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 13 Nov 2017 20:47:53 +0000<\/strong><\/p>\n<p>After coming out victorious in a case against PUPs, Malwarebytes CEO Marcin Kleczynski has this to say:<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"550\">\n<p lang=\"en\" dir=\"ltr\">We fought for our users and we won.<\/p>\n<p>&mdash; Marcin Kleczynski (@mkleczynski) <a href=\"https:\/\/twitter.com\/mkleczynski\/status\/928652154985906177?ref_src=twsrc%5Etfw\">November 9, 2017<\/a><\/p>\n<\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>And my, do we feel like <em>champions!<\/em><\/p>\n<p>You can read more about this\u00a0<a href=\"https:\/\/blog.malwarebytes.com\/malwarebytes-news\/2017\/11\/winning-the-battle-against-pups-on-your-computer-and-in-u-s-district-court\/\" target=\"_blank\" rel=\"noopener\">here<\/a>.<\/p>\n<hr \/>\n<p>Last week, we looked into <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/11\/a-look-into-the-global-drive-by-cryptocurrency-mining-phenomenon\/\" target=\"_blank\" rel=\"noopener\">the cryptocurrency mining phenomenon<\/a>, rising <a href=\"https:\/\/blog.malwarebytes.com\/101\/2017\/11\/part-2-all-rise-mind-these-digital-crimes-and-arm-your-business-against-them\/\" target=\"_blank\" rel=\"noopener\">digital crimes that target businesses<\/a>\u2014the final supplement of a two-part series\u2014<a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/social-engineering-cybercrime\/2017\/11\/phoney-whatsapp-used-unicode-to-slip-under-googles-radar\/\" target=\"_blank\" rel=\"noopener\">a bogus WhatsApp app<\/a> that got through the Google Play store because the actor behind it used Unicode, and\u00a0<a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/11\/of-scammers-and-cute-puppies\/\" target=\"_blank\" rel=\"noopener\">puppy scams<\/a>. We also revealed <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/11\/stay-away-from-bitcoin-multiplier-scam\/\" target=\"_blank\" rel=\"noopener\">a Bitcoin multiplier scam<\/a> that actors behind the Magnitude EK were banking on and <a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2017\/11\/disdain-exploit-kit-served-side-social-engineering\/\" target=\"_blank\" rel=\"noopener\">the coming back of the Disdain EK<\/a>, this time delivering a Neutrino bot.<\/p>\n<p>Lastly, we put out word about potential fakeries from cybercriminals targeting those shopping on <a href=\"https:\/\/blog.malwarebytes.com\/101\/2017\/11\/singles-day-deal-seekers-beware\/\" target=\"_blank\" rel=\"noopener\">Singles&#8217; Day<\/a> and <a href=\"https:\/\/twitter.com\/hasherezade\/status\/918478297163550725\" target=\"_blank\" rel=\"noopener\">a little exercise<\/a> for the talented guys and gals who like to tinker with code, which we followed with <a href=\"https:\/\/blog.malwarebytes.com\/malwarebytes-news\/2017\/11\/how-to-solve-the-malwarebytes-crackme-a-step-by-step-tutorial\/\" target=\"_blank\" rel=\"noopener\">a step-by-step tut<\/a> on how to solve it.<\/p>\n<h3>Other news<\/h3>\n<ul>\n<li>Paradise lost? Breach of law firm, Appleby, <a href=\"https:\/\/qz.com\/1120731\/paradise-papers-a-guide-to-the-major-revelations\/\" target=\"_blank\" rel=\"noopener\">exposes information of the rich<\/a>. And so are their tax schemes. <em>(Source: Quartz)<\/em><\/li>\n<li>There&#8217;s <a href=\"https:\/\/www.computing.co.uk\/ctg\/news\/3020443\/tor-flaw-results-in-user-ip-address-leakage\" target=\"_blank\" rel=\"noopener\">a flaw in Tor<\/a> that allows user IP address to leak. This affects macOS and Linux users. <em>(Source: Computing)<\/em><\/li>\n<li>Proofpoint reveals <a href=\"https:\/\/www.infosecurity-magazine.com\/news\/multivector-attack-on-android-users\/\" target=\"_blank\" rel=\"noopener\">a multi-prong attack against Android users<\/a>, wherein users are first faced with a phishing campaign, and then convinces users to install malware, then finally attempted to steal card details. <em>(Source: InfoSecurity Magazine)<\/em><\/li>\n<li><a href=\"https:\/\/motherboard.vice.com\/en_us\/article\/a37njb\/keith-alexander-nsa-hack-back\" target=\"_blank\" rel=\"noopener\">To hack back or not to hack back<\/a>: this has been a longstanding debate from within and without the security industry. Keith Alexander, ex-NSA Director, weighed in on the debate, advising companies to <em>never<\/em> hack back as this might start wars. <em>(Source: Motherboard)<\/em><\/li>\n<li>According to a DHS testing, the Boeing 757 aircraft is found to be <a href=\"http:\/\/www.aviationtoday.com\/2017\/11\/08\/boeing-757-testing-shows-airplanes-vulnerable-hacking-dhs-says\/\" target=\"_blank\" rel=\"noopener\">vulnerable to hackers<\/a>. <em>(Source: Aviation Today)<\/em><\/li>\n<li><a href=\"https:\/\/teiss.co.uk\/news\/admin-rights-usage-organisations\/\" target=\"_blank\" rel=\"noopener\">Companies granting a lot of admin rights<\/a> to employees can actually leave them vulnerable to cyber attacks. <em>(Source: TEISS)<\/em><\/li>\n<li>Mozilla&#8217;s <a href=\"https:\/\/www.csoonline.com\/article\/3236471\/security\/mozillas-privacy-not-included-guide-reveals-if-holiday-gifts-will-spy-on-you.html\" target=\"_blank\" rel=\"noopener\">&#8220;Privacy Not Included&#8221; guide<\/a> reveals gadgets and devices one might not acquire for loved ones as they can spy on them. <em>(Source: CSO)<\/em><\/li>\n<li>No, your Netflix account has been suspended. If you see an email saying otherwise, watch out! <a href=\"https:\/\/www.wired.com\/story\/netflix-phishing-scam\/\" target=\"_blank\" rel=\"noopener\">It&#8217;s a phishing campaign.<\/a> <em>(Source: Wired)<\/em><\/li>\n<\/ul>\n<p>Safe surfing, everyone!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2017\/11\/a-week-in-security-november-6-november-12\/\">A week in security (November 6 \u2013 November 12)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2017\/11\/a-week-in-security-november-6-november-12\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 13 Nov 2017 20:47:53 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2017\/11\/a-week-in-security-november-6-november-12\/' title='A week in security (November 6 \u2013 November 12)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2017\/01\/photodune-702886-calendar-l.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>Learn what happened in the world of security during the week of November 6 through 12. Bitcoin multiplier scams, exploit kits, cryptocurrency mining, and a bogus WhatsApp app.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/\" rel=\"category tag\">Security world<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/a-week-in-security\/\" rel=\"tag\">a week in security<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/bitcoin-multiplier\/\" rel=\"tag\">bitcoin multiplier<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cryptocurrency\/\" rel=\"tag\">cryptocurrency<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cryptocurrency-mining\/\" rel=\"tag\">cryptocurrency mining<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/disdain-ek\/\" rel=\"tag\">Disdain EK<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/neutrino-bot\/\" rel=\"tag\">neutrino bot<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/puppy-scam\/\" rel=\"tag\">puppy scam<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/pups\/\" rel=\"tag\">PUPs<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/recap\/\" rel=\"tag\">recap<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/singles-day\/\" rel=\"tag\">Singles&#8217; Day<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/whatsapp-magnitude-ek\/\" rel=\"tag\">whatsapp. magnitude ek<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2017\/11\/a-week-in-security-november-6-november-12\/' title='A week in security (November 6 \u2013 November 12)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2017\/11\/a-week-in-security-november-6-november-12\/\">A week in security (November 6 \u2013 November 12)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[12969,16597,11052,16598,16599,10501,16600,2130,10503,10497,16536,10498,16601],"class_list":["post-10457","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-a-week-in-security","tag-bitcoin-multiplier","tag-cryptocurrency","tag-cryptocurrency-mining","tag-disdain-ek","tag-neutrino-bot","tag-puppy-scam","tag-pups","tag-recap","tag-security-world","tag-singles-day","tag-week-in-security","tag-whatsapp-magnitude-ek"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/10457","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=10457"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/10457\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=10457"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=10457"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=10457"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}