{"id":15688,"date":"2019-07-01T10:10:14","date_gmt":"2019-07-01T18:10:14","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2019\/07\/01\/news-9436\/"},"modified":"2019-07-01T10:10:14","modified_gmt":"2019-07-01T18:10:14","slug":"news-9436","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2019\/07\/01\/news-9436\/","title":{"rendered":"A week in security (June 24 \u2013 30)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 01 Jul 2019 17:02:56 +0000<\/strong><\/p>\n<p>Last week on Malwarebytes Labs, we peeled back the mystery on an <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2019\/06\/fake-jquery-campaign-leads-to-malvertising-and-ad-fraud-schemes\/\" target=\"_blank\">elusive malware campaign that relied on blank JavaScript injections<\/a>, detailed for readers our <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2019\/06\/greenflash-sundown-exploit-kit-expands-via-large-malvertising-campaign\/\" target=\"_blank\">latest telemetry on the tricky GreenFlash Sundown exploit<\/a>, and looked at one of the top campaigns <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/tech-support-scams\/2019\/06\/recipe-for-success-tech-support-scammers-zero-in-via-paid-search\/\" target=\"_blank\">directing traffic toward scareware pages<\/a> for Microsoft\u2019s Azure Cloud Services. <\/p>\n<p>We also doubled down on our commitment\u2014<a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/android\/2019\/06\/mobile-stalkerware-a-long-history-of-detection\/\" target=\"_blank\">and significantly increased efforts<\/a>\u2014to detect stalkerware on victims\u2019 devices. <\/p>\n<h3>Other cybersecurity news: <\/h3>\n<ul>\n<li>Microsoft\u2019s cybersecurity researchers <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/securityaffairs.co\/wordpress\/87537\/malware\/flawedammyy-rat-memory.html\" target=\"_blank\">discovered a campaign that delivered a remote access Trojan directly into memory<\/a>. (Source: Security Affairs)<\/li>\n<li>A newly-developed malware <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.zdnet.com\/article\/new-silex-malware-is-bricking-iot-devices-has-scary-plans\/\" target=\"_blank\">spread rapidly to wipe the firmware<\/a> on Internet of Things devices. (Source: ZD Net)<\/li>\n<li>Reuters exclusively reported that Western intelligence agencies <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.reuters.com\/article\/us-usa-cyber-yandex-exclusive-idUSKCN1TS2SX\" target=\"_blank\">hacked into Russia\u2019s Internet search company Yandex<\/a>, delivering malware to spy on the site\u2019s users. (Source: Reuters)<\/li>\n<li>Trend Micro showed the relative ease of both <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/cybercrime-and-digital-threats\/crimeware-for-sale-the-commoditization-of-atm-malware-in-the-cybercriminal-underground\" target=\"_blank\">purchasing and deploying ATM malware in today\u2019s world<\/a>. (Source: Trend Micro)<\/li>\n<li>Somerville, MA, became the <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.vice.com\/en_us\/article\/paj4ek\/somerville-becomes-the-second-us-city-to-ban-facial-recognition\" target=\"_blank\">second US city to ban the use of facial recognition<\/a> software in public spaces. (Source: Motherboard)<\/li>\n<li>The developer of an online app that digitally \u201cundressed\u201d women\u2014by removing their clothing using machine learning\u2014eventually <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.vice.com\/en_us\/article\/qv7agw\/deepnude-app-that-undresses-photos-of-women-takes-it-offline\" target=\"_blank\">shut the app down<\/a>. (Source: Motherboard)<\/li>\n<li>Popular work chat platform Slack <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/slack-is-experiencing-worldwide-outage-degraded-performance\/\" target=\"_blank\">experienced worldwide outages<\/a>. (Source: Bleeping Computer). <\/li>\n<li>Following a 14-month investigation involving multiple European intelligence and law enforcement agencies, <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.hackread.com\/crooks-steal-28m-in-crypto-using-google-adwords-spoofed-domains\/\" target=\"_blank\">six suspects were arrested for having allegedly stolen $28 million in cryptocurrency<\/a>. (Source: HackRead)<\/li>\n<\/ul>\n<p>Stay safe, everyone!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/07\/a-week-in-security-june-24-30\/\">A week in security (June 24 \u2013 30)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/07\/a-week-in-security-june-24-30\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 01 Jul 2019 17:02:56 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/07\/a-week-in-security-june-24-30\/' title='A week in security (June 24 \u2013 30)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of cybersecurity news from June 24\u201330, including top malicious web campaigns, updates on the GreenFlash Sundown exploit, a Malwarebytes initiative to double down on stalkerware detection and awareness, and more.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/a-week-in-security\/\" rel=\"category tag\">A week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/atm-attacks\/\" rel=\"tag\">atm attacks<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/atm-fraud\/\" rel=\"tag\">atm fraud<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/atm-malware-strains\/\" rel=\"tag\">atm malware strains<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/atm-scam\/\" rel=\"tag\">ATM scam<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/azure\/\" rel=\"tag\">Azure<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cryptocurrency-scams\/\" rel=\"tag\">cryptocurrency scams<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/facial-recognition\/\" rel=\"tag\">facial recognition<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/fake-jquery\/\" rel=\"tag\">fake jquery<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/greenflas\/\" rel=\"tag\">greenflas<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/internet-of-things\/\" rel=\"tag\">Internet of Things<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/iot\/\" rel=\"tag\">IoT<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/javascript\/\" rel=\"tag\">JavaScript<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/massachusettes\/\" rel=\"tag\">Massachusettes<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/microsoft-azure\/\" rel=\"tag\">Microsoft Azure<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/scareware\/\" rel=\"tag\">scareware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/slack\/\" rel=\"tag\">Slack<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/slack-outage\/\" rel=\"tag\">Slack outage<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/somerville\/\" rel=\"tag\">Somerville<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/spyware\/\" rel=\"tag\">spyware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/stalkerware\/\" rel=\"tag\">stalkerware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/yandex\/\" rel=\"tag\">Yandex<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/07\/a-week-in-security-june-24-30\/' title='A week in security (June 24 \u2013 30)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/07\/a-week-in-security-june-24-30\/\">A week in security (June 24 \u2013 30)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[12969,21903,10669,21907,21910,13617,20200,14753,22119,22158,6269,10495,10871,22159,12967,11901,11514,22160,22161,10443,19409,19314],"class_list":["post-15688","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-a-week-in-security","tag-atm-attacks","tag-atm-fraud","tag-atm-malware-strains","tag-atm-scam","tag-azure","tag-cryptocurrency-scams","tag-facial-recognition","tag-fake-jquery","tag-greenflas","tag-internet-of-things","tag-iot","tag-javascript","tag-massachusettes","tag-microsoft-azure","tag-scareware","tag-slack","tag-slack-outage","tag-somerville","tag-spyware","tag-stalkerware","tag-yandex"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15688","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=15688"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15688\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=15688"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=15688"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=15688"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}