{"id":15723,"date":"2019-07-08T08:10:02","date_gmt":"2019-07-08T16:10:02","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/07\/08\/news-9470\/"},"modified":"2019-07-08T08:10:02","modified_gmt":"2019-07-08T16:10:02","slug":"news-9470","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2019\/07\/08\/news-9470\/","title":{"rendered":"A week in security (July 1 \u2013 7)"},"content":{"rendered":"<p><strong>Credit to Author: Pieter Arntz| Date: Mon, 08 Jul 2019 15:08:33 +0000<\/strong><\/p>\n<p>Last week on Malwarebytes Labs, we explained <a rel=\"noreferrer noopener\" aria-label=\"what to do when you find stalkerware (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/stalkerware\/2019\/07\/helping-survivors-of-domestic-abuse-what-to-do-when-you-find-stalkerware\/\" target=\"_blank\">what to do when you find stalkerware<\/a>, how <a rel=\"noreferrer noopener\" aria-label=\"cooperating apps and automatic permissions are setting you up for failure (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/awareness\/2019\/07\/cooperating-apps-and-automatic-permissions-are-setting-you-up-for-failure\/\" target=\"_blank\">cooperating apps and automatic permissions are setting you up for failure<\/a>, and why you should <a rel=\"noreferrer noopener\" aria-label=\"steer clear of Bitcoin Cash generators (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/crypto\/2019\/07\/steer-clear-of-bitcoin-cash-generators\/\" target=\"_blank\">steer clear of Bitcoin Cash generators<\/a>.<\/p>\n<h3>Other cybersecurity news:<\/h3>\n<ul>\n<li>A former Chief Information Officer (CIO) of <a rel=\"noreferrer noopener\" aria-label=\"Equifax (opens in a new tab)\" href=\"https:\/\/www.zdnet.com\/article\/former-equifax-executive-sent-behind-bars-for-insider-trading-after-data-breach\/\" target=\"_blank\">Equifax<\/a> has been issued a prison sentence for insider trading on the firm&#8217;s disastrous data breach before the incident became public knowledge. (Source: ZDNet)<\/li>\n<li>A new <a rel=\"noreferrer noopener\" aria-label=\"Ryuk (opens in a new tab)\" href=\"https:\/\/www.darkreading.com\/document.asp?doc_id=1335101\" target=\"_blank\">Ryuk<\/a> ransomware campaign is spreading globally, according to a warning issued by the UK&#8217;s National Cyber Security Centre (NCSC). (Source: DarkReading)<\/li>\n<li><a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.vpnmentor.com\/blog\/report-orvibo-leak\/\" target=\"_blank\">Orvibo<\/a> smart home devices leaked billions of user records including logs that contained everything from<strong> <\/strong>usernames, email addresses, and passwords, to precise locations. (Source: VPNMentor)<\/li>\n<li><a rel=\"noreferrer noopener\" aria-label=\"Chinese authorities (opens in a new tab)\" href=\"http:\/\/www.iphonehacks.com\/2019\/07\/china-border-surveillance-install-spyware.html\" target=\"_blank\">Chinese authorities<\/a> have decided to spy on foreigners crossing the border by installing spyware on Android phones. (Source: iPhoneHacks)<\/li>\n<li><a rel=\"noreferrer noopener\" aria-label=\"Germany (opens in a new tab)\" href=\"https:\/\/www.zdnet.com\/article\/germany-to-publish-standard-on-modern-secure-browsers\/\" target=\"_blank\">Germany<\/a>&#8216;s cybersecurity agency is working on a set of minimum rules that modern web browsers must comply with in order to be considered secure. (Source: ZDNet)<\/li>\n<li>An ongoing attack in the <a rel=\"noreferrer noopener\" aria-label=\"OpenPGP (opens in a new tab)\" href=\"https:\/\/duo.com\/decipher\/openpgp-certificate-attack-worries-experts\" target=\"_blank\">OpenPGP<\/a> community makes users&#8217; certificates unusable and can essentially break the OpenPGP implementation of anyone who tries to import one of the certificates. (Source: Duo Security)<\/li>\n<li>Dubbed <a rel=\"noreferrer noopener\" aria-label=\"Godlua (opens in a new tab)\" href=\"https:\/\/www.techspot.com\/news\/80791-meet-godlua-first-known-malware-leverages-dns-over.html\" target=\"_blank\">Godlua<\/a>, researchers have discovered the first known malware strain that uses the DNS over HTTPS protocol. (Source: TechSpot)<\/li>\n<li><a rel=\"noreferrer noopener\" aria-label=\"IronPython (opens in a new tab)\" href=\"http:\/\/blog.ptsecurity.com\/2019\/07\/ironpython-darkly-how-we-uncovered.html\" target=\"_blank\">IronPython<\/a>, darkly: how researchers uncovered an attack on government entities in Europe. (Source: PT Security)<\/li>\n<li><a rel=\"noreferrer noopener\" aria-label=\"Attunity (opens in a new tab)\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/netflix-ford-td-bank-data-exposed-by-open-amazon-s3-buckets\/\" target=\"_blank\">Attunity<\/a>, a company that is currently working with at least half of all Fortune 100 companies, including Netflix, leaked both its clients&#8217; and its own data. (Source: BleepingComputer)<\/li>\n<li>The <a rel=\"noreferrer noopener\" aria-label=\"US Cyber Command (opens in a new tab)\" href=\"https:\/\/www.theregister.co.uk\/2019\/07\/03\/outlook_flaw_iran\/\" target=\"_blank\">US Cyber Command<\/a> has issued an alert that hackers have been actively going after CVE-2017-11774. The flaw is a sandbox escape bug in Outlook. (Source: The Register)<\/li>\n<\/ul>\n<p>Stay safe, everyone!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/07\/a-week-in-security-july-1-7\/\">A week in security (July 1 \u2013 7)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/07\/a-week-in-security-july-1-7\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Pieter Arntz| Date: Mon, 08 Jul 2019 15:08:33 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/07\/a-week-in-security-july-1-7\/' title='A week in security (July 1 \u2013 7)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of cybersecurity news from July 1-7, including stalkerware, Bitcoin generators, app permissions, Chinese spyware, some giant leaks, and a new malware attack method.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/a-week-in-security\/\" rel=\"category tag\">A week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/bitcoin\/\" rel=\"tag\">bitcoin<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/bitcoin-generators\/\" rel=\"tag\">bitcoin generators<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cash-generators\/\" rel=\"tag\">cash generators<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/china\/\" rel=\"tag\">china<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/equifax\/\" rel=\"tag\">Equifax<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/germany\/\" rel=\"tag\">germany<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/godlua\/\" rel=\"tag\">godlua<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ironpython\/\" rel=\"tag\">ironpython<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/openpgp\/\" rel=\"tag\">openpgp<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/permissions\/\" rel=\"tag\">permissions<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ryuk\/\" rel=\"tag\">ryuk<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/smart-home\/\" rel=\"tag\">smart home<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/stalkerware\/\" rel=\"tag\">stalkerware<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/07\/a-week-in-security-july-1-7\/' title='A week in security (July 1 \u2013 7)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/07\/a-week-in-security-july-1-7\/\">A week in security (July 1 \u2013 7)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[12969,10490,22173,22174,402,12310,1195,22175,22176,22177,12507,19317,12597,19409],"class_list":["post-15723","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-a-week-in-security","tag-bitcoin","tag-bitcoin-generators","tag-cash-generators","tag-china","tag-equifax","tag-germany","tag-godlua","tag-ironpython","tag-openpgp","tag-permissions","tag-ryuk","tag-smart-home","tag-stalkerware"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15723","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=15723"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/15723\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=15723"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=15723"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=15723"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}