{"id":13536,"date":"2018-10-08T09:10:09","date_gmt":"2018-10-08T17:10:09","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/10\/08\/news-7303\/"},"modified":"2018-10-08T09:10:09","modified_gmt":"2018-10-08T17:10:09","slug":"news-7303","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2018\/10\/08\/news-7303\/","title":{"rendered":"A week in security (October 1 \u2013 7)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 08 Oct 2018 16:31:56 +0000<\/strong><\/p>\n<p>Last week, Malwarebytes <a href=\"https:\/\/blog.malwarebytes.com\/101\/2018\/10\/malwarebytes-is-a-champion-of-national-cyber-security-awareness-month\/\" target=\"_blank\" rel=\"noopener\">welcomed<\/a> National Cybersecurity Awareness Month by renewing our pledge to do what we do best: offer the best protection for our customers and promote security awareness for all.<\/p>\n<p>On Labs, we <a href=\"https:\/\/blog.malwarebytes.com\/101\/business\/2018\/10\/bring-your-own-security-byos-good-idea-or-not\/\" target=\"_blank\" rel=\"noopener\">raised<\/a> the question of whether it is a good idea to bring your own security or not, <a href=\"https:\/\/blog.malwarebytes.com\/malwarebytes-news\/2018\/10\/fileless-malware-part-deux\/\" target=\"_blank\" rel=\"noopener\">talked<\/a> a little bit more about fileless malware, <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2018\/10\/fortnite-gamers-targeted-by-data-theft-malware\/\" target=\"_blank\" rel=\"noopener\">homed in<\/a> on a malware campaign targeting Fortnite gamers, and <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/hacking\/2018\/10\/lojack-for-computers-used-to-attack-european-government\/\" target=\"_blank\" rel=\"noopener\">looked into<\/a> LoJack, a bootkit malware that has been targeting government entities.<\/p>\n<h3>Other cybersecurity news:<\/h3>\n<ul>\n<li>Google Chrome extension developers were the <a href=\"https:\/\/www.zdnet.com\/article\/phishing-campaign-targets-developers-of-chrome-extensions\/\" target=\"_blank\" rel=\"noopener\">target of a phishing campaign<\/a>\u00a0going after their credentials. (Source: ZDNet)<\/li>\n<li>If you think you won&#8217;t fall for dubious links or email attachments, perhaps <a href=\"https:\/\/krebsonsecurity.com\/2018\/10\/voice-phishing-scams-are-getting-more-clever\/\" target=\"_blank\" rel=\"noopener\">a real-life human on the phone<\/a>\u2014who speaks professionally, uses a trusted number, and assures you throughout the conversation that there&#8217;s nothing wrong\u2014could. (Source: KrebsOnSecurity)<\/li>\n<li>The FBI and DHS warned the American public of <a href=\"https:\/\/www.scmagazine.com\/home\/news\/rdp-attacks-on-the-rise-warns-fbi-dhs\/\" target=\"_blank\" rel=\"noopener\">the rise of Remote Desktop Protocol (RDP) attacks<\/a>. (Source: SC Magazine)<\/li>\n<li>Researchers discovered that <a href=\"https:\/\/www.helpnetsecurity.com\/2018\/10\/02\/vulnerable-android-password-managers\/\" target=\"_blank\" rel=\"noopener\">password managers in Android can be tricked<\/a> into entering true valid credentials into phishing apps. (Source: Help Net Security)<\/li>\n<li>Meet Torii, the <a href=\"https:\/\/www.infosecurity-magazine.com\/news\/torii-iot-botnet-takes-mirai-to\/\" target=\"_blank\" rel=\"noopener\">new IoT botnet<\/a> that puts the Mirai botnet to shame. (Source: Infosecurity Magazine)<\/li>\n<li>That&#8217;s novel: Seattle law enforcement <a href=\"https:\/\/arstechnica.com\/tech-policy\/2018\/10\/police-to-seattles-techies-streamers-sign-up-for-our-anti-swatting-service\/\" target=\"_blank\" rel=\"noopener\">encourages techies and streamers to sign up<\/a> to their anti-swatting service. (Source: Ars Technica)<\/li>\n<li>Adobe patches <a href=\"https:\/\/nakedsecurity.sophos.com\/2018\/10\/03\/update-now-adobe-fixes-85-serious-flaws-in-acrobat-and-reader\/\" target=\"_blank\" rel=\"noopener\">more than 80 serious flaws<\/a> in Acrobat and Reader. (Source: Sophos&#8217;s Naked Security Blog)<\/li>\n<li>Five out of six routers are found to have <a href=\"https:\/\/www.zdnet.com\/article\/new-study-finds-5-of-every-6-routers-are-inadequately-updated-for-security-flaws\/\" target=\"_blank\" rel=\"noopener\">inadequate security updates<\/a>. Yikes! (Source: ZDNet)<\/li>\n<li>Evil entrepreneurs in the hacking underground <a href=\"https:\/\/www.csoonline.com\/article\/3308878\/blockchain\/cybercriminals-are-using-blockchain-to-improve-security-should-you.html\" target=\"_blank\" rel=\"noopener\">are using blockchain<\/a> to improve <em>their<\/em>\u00a0security posture. (Source: CSO)<\/li>\n<li>Hack the Marine Corps, a challenge to hack public-facing Marine Corps websites, <a href=\"https:\/\/www.fifthdomain.com\/dod\/marine-corps\/2018\/10\/03\/hacking-for-good-uncovers-over-150-marine-corps-vulnerabilities\/\" target=\"_blank\" rel=\"noopener\">uncovers 150 vulnerabilities<\/a>. (Source: Fifth Domain)<\/li>\n<\/ul>\n<p>Stay safe, everyone!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/10\/week-security-october-1-7\/\">A week in security (October 1 \u2013 7)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/10\/week-security-october-1-7\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 08 Oct 2018 16:31:56 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/2018\/10\/week-security-october-1-7\/' title='A week in security (October 1 \u2013 7)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of the security news from October 1\u20137 including National Cybersecurity Awareness Month, LoJack, fileless malware, and BYOS.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/\" rel=\"category tag\">Security world<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/adobe\/\" rel=\"tag\">adobe<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/android\/\" rel=\"tag\">Android<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/anti-swatting\/\" rel=\"tag\">anti-swatting<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/blockchain\/\" rel=\"tag\">blockchain<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/bring-your-own-security\/\" rel=\"tag\">bring your own security<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/byos\/\" rel=\"tag\">byos<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/chrome-extension\/\" rel=\"tag\">Chrome Extension<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/fake-fortnite\/\" rel=\"tag\">Fake Fortnite<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/fortnite\/\" rel=\"tag\">fortnite<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/hack-the-marine-corps\/\" rel=\"tag\">hack the marine corps<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/iot\/\" rel=\"tag\">IoT<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/iot-botnet\/\" rel=\"tag\">IoT botnet<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/lojack\/\" rel=\"tag\">Lojack<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/national-cybersecurity-awareness-month\/\" rel=\"tag\">national cybersecurity awareness month<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ncsam\/\" rel=\"tag\">NCSAM<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/not-botnet\/\" rel=\"tag\">not botnet<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/password-manager\/\" rel=\"tag\">password manager<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/phishing\/\" rel=\"tag\">phishing<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/phishing-campaign\/\" rel=\"tag\">phishing campaign<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/rdp\/\" rel=\"tag\">rdp<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/recap\/\" rel=\"tag\">recap<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/rip-attacks\/\" rel=\"tag\">rip attacks<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/sc-magazine\/\" rel=\"tag\">SC Magazine<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/swatting\/\" rel=\"tag\">swatting<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/torii\/\" rel=\"tag\">Torii<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/voice-phishing\/\" rel=\"tag\">voice phishing<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/vulnerabilities\/\" rel=\"tag\">vulnerabilities<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/week-in-security\/\" rel=\"tag\">week in security<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/weekly-blog-roundup\/\" rel=\"tag\">weekly blog roundup<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/zdnet\/\" rel=\"tag\">ZDNet<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/2018\/10\/week-security-october-1-7\/' title='A week in security (October 1 \u2013 7)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2018\/10\/week-security-october-1-7\/\">A week in security (October 1 \u2013 7)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[11414,10462,19701,11526,19687,19688,11424,18831,18501,19702,10495,16944,19689,15355,15497,19703,11347,3924,19704,18324,10503,19705,12125,10497,10745,19706,19707,10752,10498,10506,19708],"class_list":["post-13536","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-adobe","tag-android","tag-anti-swatting","tag-blockchain","tag-bring-your-own-security","tag-byos","tag-chrome-extension","tag-fake-fortnite","tag-fortnite","tag-hack-the-marine-corps","tag-iot","tag-iot-botnet","tag-lojack","tag-national-cybersecurity-awareness-month","tag-ncsam","tag-not-botnet","tag-password-manager","tag-phishing","tag-phishing-campaign","tag-rdp","tag-recap","tag-rip-attacks","tag-sc-magazine","tag-security-world","tag-swatting","tag-torii","tag-voice-phishing","tag-vulnerabilities","tag-week-in-security","tag-weekly-blog-roundup","tag-zdnet"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/13536","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=13536"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/13536\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=13536"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=13536"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=13536"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}