{"id":10709,"date":"2017-12-04T11:10:54","date_gmt":"2017-12-04T19:10:54","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/12\/04\/news-4481\/"},"modified":"2017-12-04T11:10:54","modified_gmt":"2017-12-04T19:10:54","slug":"news-4481","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2017\/12\/04\/news-4481\/","title":{"rendered":"A week in security (November 27 \u2013 December 03)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 04 Dec 2017 18:30:33 +0000<\/strong><\/p>\n<p>Last week on Labs, we touched on a huge <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/11\/serious-macos-vulnerability-exposes-the-root-user\/\" target=\"_blank\" rel=\"noopener\">macOS High Sierra vulnerability<\/a>, a <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/12\/paypal-phish-asks-to-verify-transactions-dont-do-it\/\" target=\"_blank\" rel=\"noopener\">PayPal phish<\/a>, and <a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2017\/11\/terror-exploit-kit-goes-https-all-the-way\/\" target=\"_blank\" rel=\"noopener\">Terror EK&#8217;s new tactic<\/a>. We also took a crack at <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/11\/please-dont-buy-this-identity-theft-protection-services\/\" target=\"_blank\" rel=\"noopener\">identity theft protection services<\/a>, <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/11\/persistent-drive-by-cryptomining-coming-to-a-browser-near-you\/\" target=\"_blank\" rel=\"noopener\">drive-by cryptomining<\/a>, and rounded up <a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2017\/11\/an-irisscon-2018-roundup\/\" target=\"_blank\" rel=\"noopener\">interesting talks<\/a> while attending a security conference in Ireland called IRISSCON.<\/p>\n<h3>Other news<\/h3>\n<ul>\n<li>Our friends at Zimperium <a href=\"https:\/\/www.scmagazine.com\/fake-whatsapp-update-on-google-play-promoted-malware-disguised-as-game\/article\/709845\/\" target=\"_blank\" rel=\"noopener\">investigated a fake WhatsApp on Google Play<\/a>, and found that this app displays an advertisement of a malicious game called Cold Jewel Lines (already removed from the Play Store) that further infects users with a second malware &#8220;capable of click fraud, data extraction, and SMS surveillance.&#8221;\u00a0(Source: SC Magazine)<\/li>\n<li>A question to parents: Should you buy your child <a href=\"https:\/\/www.helpnetsecurity.com\/2017\/11\/27\/smart-toys-risk\/\" target=\"_blank\" rel=\"noopener\">smart toys<\/a> for Christmas? Security experts say that whatever your decision is, make sure you read up on the potential risks first. (Source: Help Net Security)<\/li>\n<li>Facebook users, rejoice! The social media network now has <a href=\"https:\/\/newsroom.fb.com\/news\/2017\/11\/continuing-transparency-on-russian-activity\/\" target=\"_blank\" rel=\"noopener\">a tool<\/a> that tells you which posts you have liked that are mere propaganda from Russia. (Source: Facebook Newsroom)<\/li>\n<li><a href=\"https:\/\/www.helpnetsecurity.com\/2017\/11\/27\/imgur-breach\/\" target=\"_blank\" rel=\"noopener\">Imgur confirmed that they have been breached<\/a> for the second time, affecting 1.7 million users. Email addresses and passwords were compromised. (Source: Help Net Security)<\/li>\n<li>Finally, <a href=\"https:\/\/techcrunch.com\/2017\/11\/28\/senators-introduce-revenge-porn-bill\/\" target=\"_blank\" rel=\"noopener\">the &#8220;revenge porn&#8221; bill<\/a> is introduced in the Senate. (Source: TechCrunch)<\/li>\n<li>Vice&#8217;s Motherboard released <a href=\"https:\/\/motherboard.vice.com\/en_us\/article\/a37m4g\/the-motherboard-guide-to-avoiding-state-surveillance-privacy-guide\" target=\"_blank\" rel=\"noopener\">a guide to avoiding (passive and active) state surveillance<\/a>, which can be a handy reference to those who want to achieve more privacy online. (Source: The Motherboard)<\/li>\n<li>What do hotcakes and ransomware have in common? <a href=\"https:\/\/securitybrief.eu\/story\/cybercrime-selling-hotcakes-ransomware-sales-soar-2500-one-year\/\" target=\"_blank\" rel=\"noopener\">They&#8217;re both selling.<\/a>\u00a0(Source: Security Brief)<\/li>\n<li>Fake Victoria&#8217;s Secret apps are found being advertised on the Dark Web, prompting security experts to posit that <a href=\"http:\/\/www.telegraph.co.uk\/technology\/2017\/11\/28\/hackers-target-victorias-secret-shoppers-run-up-christmas\/\" target=\"_blank\" rel=\"noopener\">criminals may be targeting VS shoppers<\/a> this Christmas season. (Source: The Telegraph)<\/li>\n<li>Afraid of <a href=\"https:\/\/www.helpnetsecurity.com\/2017\/11\/30\/insider-breaches\/\" target=\"_blank\" rel=\"noopener\">insider threats<\/a>? According to NTT security, most of them happen by accident. (Source: Help Net Security)<\/li>\n<li>Cryptocurrency is more popular than ever at this point. This, of course, sprung up the creation of cryptocurrency apps. Be warned, though: a majority of these popular apps <a href=\"https:\/\/koddos.net\/blog\/popular-cryptocurrency-apps-expose-users-data-theft\/\" target=\"_blank\" rel=\"noopener\">do not protect user information<\/a>. (Source: Kroddos)<\/li>\n<\/ul>\n<p>Stay safe everyone!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2017\/12\/a-week-in-security-november-27-december-03\/\">A week in security (November 27 \u2013 December 03)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2017\/12\/a-week-in-security-november-27-december-03\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 04 Dec 2017 18:30:33 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/2017\/12\/a-week-in-security-november-27-december-03\/' title='A week in security (November 27 \u2013 December 03)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2017\/12\/shutterstock_527624266.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A compilation of notable security news and blog posts from Monday, November 27 to Sunday, December 3, including smart toys, another security breach, ransomware, and things to ponder when shopping for gifts this Christmas season.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/\" rel=\"category tag\">Security world<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/a-week-in-security\/\" rel=\"tag\">a week in security<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/conference\/\" rel=\"tag\">conference<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cryptocurrency\/\" rel=\"tag\">cryptocurrency<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/insider-threats\/\" rel=\"tag\">insider threats<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/paypal\/\" rel=\"tag\">PayPal<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/phishing\/\" rel=\"tag\">phishing<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/privacy\/\" rel=\"tag\">privacy<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ransomware\/\" rel=\"tag\">ransomware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/recap\/\" rel=\"tag\">recap<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/revenge-porn\/\" rel=\"tag\">revenge porn<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/smart-toys\/\" rel=\"tag\">smart toys<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/terror-ek\/\" rel=\"tag\">Terror EK<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/weekly-blog-roundup\/\" rel=\"tag\">weekly blog roundup<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/whatsapp\/\" rel=\"tag\">whatsapp<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/2017\/12\/a-week-in-security-november-27-december-03\/' title='A week in security (November 27 \u2013 December 03)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2017\/12\/a-week-in-security-november-27-december-03\/\">A week in security (November 27 \u2013 December 03)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[12969,11759,11052,14348,11372,3924,5897,3765,10503,16353,10497,13155,11945,10498,10506,10440],"class_list":["post-10709","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-a-week-in-security","tag-conference","tag-cryptocurrency","tag-insider-threats","tag-paypal","tag-phishing","tag-privacy","tag-ransomware","tag-recap","tag-revenge-porn","tag-security-world","tag-smart-toys","tag-terror-ek","tag-week-in-security","tag-weekly-blog-roundup","tag-whatsapp"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/10709","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=10709"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/10709\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=10709"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=10709"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=10709"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}