{"id":14567,"date":"2019-02-11T10:10:03","date_gmt":"2019-02-11T18:10:03","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/02\/11\/news-8317\/"},"modified":"2019-02-11T10:10:03","modified_gmt":"2019-02-11T18:10:03","slug":"news-8317","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2019\/02\/11\/news-8317\/","title":{"rendered":"A week in security (February 4 \u2013 8)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 11 Feb 2019 17:05:33 +0000<\/strong><\/p>\n<p>Last week on Malwarebytes Labs, we took a closer look at the <a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2019\/02\/merging-facebook-messenger-whatsapp-and-instagram-a-technical-reputational-hurdle\/\" target=\"_blank\" rel=\"noopener\">technical and reputational challenges for Facebook<\/a> as it tries to integrate secure messaging across Messenger, WhatsApp, and Instagram. We explored Google\u2019s latest attempts to <a href=\"https:\/\/blog.malwarebytes.com\/101\/2019\/02\/google-chrome-announces-plans-improve-url-display-website-identity\/\" target=\"_blank\" rel=\"noopener\">change how the public sees\u2014literally\u2014web browser URLs<\/a>, gave some of our best tips on how to <a href=\"https:\/\/blog.malwarebytes.com\/101\/2019\/02\/how-to-browse-the-internet-safely-at-work\/\" target=\"_blank\" rel=\"noopener\">safely browse the Internet at work<\/a>, and detailed a unique spam campaign involving <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2019\/02\/bogus-john-wick-3-ebooks\/\" target=\"_blank\" rel=\"noopener\">ebooks, the Amazon Kindle web store and\u2026 John Wick<\/a>? Yep.<\/p>\n<h3>Other cybersecurity news<\/h3>\n<ul>\n<li>A Motherboard investigation found that <a href=\"https:\/\/motherboard.vice.com\/en_us\/article\/a3b3dg\/big-telecom-sold-customer-gps-data-911-calls\" target=\"_blank\" rel=\"noopener\">bounty hunters purchased extremely precise location data for AT&amp;T, Sprint, and T-Mobile customers<\/a>. The telecom companies originally sold the data\u2014meant for 911 operators and first responders\u2014to data brokers, who then sold it again. (Source: Motherboard)<\/li>\n<li>Cybersecurity company Agari discovered that several Business Email Compromise (BEC) scammers had <a href=\"https:\/\/www.darkreading.com\/attacks-breaches\/cybercriminals-exploit-gmail-feature-to-scale-up-attacks-\/d\/d-id\/1333800?_mc=NL_DR_EDT_DR_daily_20190206&amp;cid=NL_DR_EDT_DR_daily_20190206&amp;elq_mid=89194&amp;elq_cid=22608367\" target=\"_blank\" rel=\"noopener\">leveraged a Gmail feature to expand and simplify their fraud attempts<\/a>. (Source: Dark Reading)<\/li>\n<li>Developers for the cryptocurrency Zcash <a href=\"http:\/\/fortune.com\/2019\/02\/05\/zcash-vulnerability-cryptocurrency\/\" target=\"_blank\" rel=\"noopener\">discovered and patched a bug<\/a> that could have resulted in\u2026 [checks notes] \u2026an \u201cinfinite amount of counterfeit Zcash.\u201d (Source: Fortune)<\/li>\n<li>Google <a href=\"https:\/\/www.zdnet.com\/article\/google-warns-about-two-ios-zero-days-exploited-in-the-wild\/\" target=\"_blank\" rel=\"noopener\">revealed two zero-day vulnerabilities<\/a> in Apple\u2019s iOS. (Source: ZDNet)<\/li>\n<li>An Australian cybersecurity researcher said her government <a href=\"https:\/\/www.computerworld.com.au\/article\/657157\/government-clamping-down-on-security-research-academic-says\/\" target=\"_blank\" rel=\"noopener\">did not renew a permit allowing her and her university to continue to collaborate internationally on cryptography research<\/a>. (Source: Computerworld)<\/li>\n<li>Unidentified threat actors <a href=\"https:\/\/www.bbc.com\/news\/world-australia-47166590\" target=\"_blank\" rel=\"noopener\">attempted\u2014and failed\u2014to hack into the Australian parliament\u2019s computer network<\/a>. (Source: BBC)<\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2019\/02\/a-week-in-security-january-28-february-3\/\" target=\"_blank\" rel=\"noopener\">Apple removed the Do Not Track feature from its Safari browser<\/a>, a feature that, many agreed, was largely ineffective. (Source: Engadget)<\/li>\n<li>Jeff Bezos, Amazon CEO, Washington Post owner, richest man in the world, and potential risqu\u00e9-text-hacking victim, <a href=\"https:\/\/www.nytimes.com\/2019\/02\/07\/technology\/jeff-bezos-sanchez-enquirer.html\" target=\"_blank\" rel=\"noopener\">accused the National Enquirer of extortion and blackmail<\/a>. (Source: The New York Times)<\/li>\n<li>Facebook began rolling out a feature in its Messenger app for iOS and Android that <a href=\"https:\/\/gizmodo.com\/facebook-finally-rolls-out-option-to-unsend-messages-in-1832361429\" target=\"_blank\" rel=\"noopener\">lets users delete messages up to 10 minutes after sending<\/a>. (Source: Gizmodo)<\/li>\n<li>A Canadian bitcoin exchange <a href=\"https:\/\/thehackernews.com\/2019\/02\/cryptocurrency-exchange-exit-scam.html\" target=\"_blank\" rel=\"noopener\">lost $145 million after the death of its CEO<\/a>, who was the only person with access to the company\u2019s offline storage. (Source: The Hacker News)<\/li>\n<\/ul>\n<p>Stay safe, everyone!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2019\/02\/week-security-february-4-8\/\">A week in security (February 4 \u2013 8)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2019\/02\/week-security-february-4-8\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 11 Feb 2019 17:05:33 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/2019\/02\/week-security-february-4-8\/' title='A week in security (February 4 \u2013 8)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of security news from February 4 \u2013 8, including Facebook&#8217;s secure messaging integration, Google&#8217;s changes to URLs, a scam involving the Kindle store and John Wick, and more. <\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/\" rel=\"category tag\">Security world<\/a><\/li>\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/amazon\/\" rel=\"tag\">amazon<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/apple\/\" rel=\"tag\">Apple<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/att\/\" rel=\"tag\">AT&amp;T<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/australia\/\" rel=\"tag\">Australia<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/bitcoin\/\" rel=\"tag\">bitcoin<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/bounty-hunters\/\" rel=\"tag\">bounty hunters<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cryptocurrency\/\" rel=\"tag\">cryptocurrency<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cryptography\/\" rel=\"tag\">cryptography<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cybersecurity\/\" rel=\"tag\">cybersecurity<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/do-not-track\/\" rel=\"tag\">Do Not Track<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ebooks\/\" rel=\"tag\">ebooks<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/facebook\/\" rel=\"tag\">facebook<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/google\/\" rel=\"tag\">Google<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/instagram\/\" rel=\"tag\">Instagram<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/internet\/\" rel=\"tag\">internet<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/jeff-bezos\/\" rel=\"tag\">Jeff Bezos<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/john-wick\/\" rel=\"tag\">John wick<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/kindle\/\" rel=\"tag\">kindle<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/messenger\/\" rel=\"tag\">messenger<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/safari\/\" rel=\"tag\">safari<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/secure-messaging\/\" rel=\"tag\">secure messaging<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/sprint\/\" rel=\"tag\">Sprint<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/t-mobile\/\" rel=\"tag\">T-Mobile<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/urls\/\" rel=\"tag\">URLs<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/whatsapp\/\" rel=\"tag\">whatsapp<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/zcash\/\" rel=\"tag\">Zcash<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/zero-day\/\" rel=\"tag\">zero day<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/2019\/02\/week-security-february-4-8\/' title='A week in security (February 4 \u2013 8)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/2019\/02\/week-security-february-4-8\/\">A week in security (February 4 \u2013 8)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[5588,2211,14182,1709,10490,20887,11052,11047,4500,20888,20889,3589,1670,2143,4314,9671,20830,20831,18100,10543,20890,10497,17650,13197,20891,10498,10440,14678,11524],"class_list":["post-14567","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-amazon","tag-apple","tag-att","tag-australia","tag-bitcoin","tag-bounty-hunters","tag-cryptocurrency","tag-cryptography","tag-cybersecurity","tag-do-not-track","tag-ebooks","tag-facebook","tag-google","tag-instagram","tag-internet","tag-jeff-bezos","tag-john-wick","tag-kindle","tag-messenger","tag-safari","tag-secure-messaging","tag-security-world","tag-sprint","tag-t-mobile","tag-urls","tag-week-in-security","tag-whatsapp","tag-zcash","tag-zero-day"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/14567","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=14567"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/14567\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=14567"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=14567"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=14567"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}