{"id":15246,"date":"2019-05-03T08:00:01","date_gmt":"2019-05-03T16:00:01","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/05\/03\/news-8995\/"},"modified":"2019-05-03T08:00:01","modified_gmt":"2019-05-03T16:00:01","slug":"news-8995","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2019\/05\/03\/news-8995\/","title":{"rendered":"This Week in Security News: BEC Attacks and Botnet Malware"},"content":{"rendered":"

Credit to Author: Jon Clay (Global Threat Communications)| Date: Fri, 03 May 2019 14:00:25 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the prevalence and impact of BEC attacks. Also, find out how botnet malware can perform remote code execution, DDoS attacks and cryptocurrency mining.<\/p>\n

Read on:<\/p>\n

Tech Support Scam Employs New Trick by Using Iframe to Freeze Browsers<\/a><\/strong><\/p>\n

Trend Micro discovered a new technical support scam (TSS) campaign that makes use of iframe in combination with basic pop-up authentication to freeze a user\u2019s browser.<\/em>\u00a0<\/em><\/p>\n

Cybersecurity Pros Could Work for Multiple Agencies Under Bill Passed by Senate<\/a><\/strong><\/p>\n

Skilled federal cybersecurity workers could be rotated among civilian agencies under bipartisan legislation the Senate passed to help fill specific gaps in the workforce.<\/em>\u00a0<\/em><\/p>\n

\n

New Cybersecurity Report Warns CIOs — ‘If You’re Breached Or Hacked, It’s Your Own Fault’<\/a><\/strong><\/p>\n

A new\u00a0cybersecurity survey<\/a>\u00a0conducted by endpoint management specialists\u00a01E<\/a>\u00a0and technology market researchers\u00a0Vanson Bourne<\/a>, a survey that questioned 600\u00a0IT operations and IT security decision-makers across the U.S. and U.K., and found that\u00a060% of the organizations had been breached in the last two years and 31% had been breached more than once.<\/em><\/div>\n
<\/div>\n<\/p><\/div>\n

AESDDoS Botnet Malware Exploits CVE-2019-3396 to Perform Remote Code Execution, DDoS Attacks, and Cryptocurrency Mining<\/a><\/strong><\/p>\n

Trend Micro\u2019s honeypot sensors detected an AESDDoS botnet malware variant exploiting a server-side template injection vulnerability in a collaboration software program used by DevOps professionals.<\/em>\u00a0<\/em><\/p>\n

U.K. Prime Minister Theresa May Fires Defense Secretary Gavin Williamson Over Huawei Leak<\/a><\/strong><\/p>\n

British Prime Minister Theresa May fired Defense Secretary Gavin Williamson, saying he leaked sensitive information surrounding a review into the use of equipment from China\u2019s Huawei Technologies Co. in the U.K.\u2019s telecoms network.<\/em>\u00a0<\/em><\/p>\n

This Hacker Is Selling Dangerous Windows 0-Day Hacks For Past 3 Years<\/a><\/strong><\/p>\n

A\u00a0<\/span>report by\u00a0ZDNet<\/a>\u00a0has revealed that a mysterious hacker is selling Windows zero-day exploits to the world\u2019s most notorious cybercrime groups for the past three years. At least three cyber-espionage groups also known as\u00a0Advanced Persistent Threats\u00a0(APTs) are regular customers of this hacker.<\/em><\/p>\n

Docker Hub Repository Suffers Data Breach, 190,000 Users Potentially Affected<\/a><\/strong><\/p>\n

In an email sent to their customers on April 26, Docker reported that the online repository of their popular container platform suffered a data breach that affected 190,000 users.<\/em>\u00a0<\/em><\/p>\n

IC3: BEC Cost Organizations US$1.2 Billion in 2018<\/a><\/strong><\/p>\n

In the recently published 2018 Internet Crime Report by the FBI\u2019s Internet Crime Complaint Center (IC3), the agency states that in 2018 alone, it received 20,373 BEC\/email account compromise (EAC) complaints that racked up a total of over US$1.2 billion in adjusted losses.<\/em>\u00a0<\/em><\/p>\n

Trend Forward Capital\u2019s First Startup Pitch Competition in Dallas<\/a><\/strong><\/p>\n

Trend Forward Capital, in a partnership with Veem, is bringing its Forward Thinker Award and pitch competition to Dallas on May 20.<\/em>\u00a0<\/em><\/p>\n

BEC Scammers Steal US$1.75 Million From an Ohio Church<\/a><\/strong><\/p>\n

The Saint Ambrose Catholic Parish in Brunswick, Ohio was the victim of a BEC attack when cybercriminals gained access to employee email accounts and used them to trick other members of the organization into wiring the payments into a fraudulent bank account.<\/em>\u00a0<\/em><\/p>\n

\n

Cybersecurity Experts Share Tips And Insights For World Password Day<\/a><\/strong><\/p>\n

May 2 is World Password Day. World Password Day falls on the first Thursday in May each year and is intended to raise awareness of password best practices and the need for strong passwords.\u00a0<\/em><\/p>\n<\/p><\/div>\n

Confluence Vulnerability Opens Door to GandCrab<\/a><\/strong><\/p>\n

A vulnerability in a popular devops tool could leave companies with a dose of ransomware to go with their organizational agility, according to researchers at Trend Micro and Alert Logic.<\/em><\/p>\n

Were you surprised by the amount of business email compromise complaints the FBI received in 2018? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.<\/a><\/p>\n

The post This Week in Security News: BEC Attacks and Botnet Malware<\/a> appeared first on <\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Jon Clay (Global Threat Communications)| Date: Fri, 03 May 2019 14:00:25 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the prevalence and impact of BEC attacks. Also, find out how botnet malware can perform remote code execution, DDoS attacks and cryptocurrency mining. Read on:…<\/p>\n

The post This Week in Security News: BEC Attacks and Botnet Malware<\/a> appeared first on <\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[21729,11052,10422,21409,3764,714],"class_list":["post-15246","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-bec-attacks","tag-cryptocurrency","tag-current-news","tag-huawei","tag-malware","tag-security"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15246","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=15246"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15246\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=15246"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=15246"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=15246"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}