{"id":16763,"date":"2019-11-04T09:10:03","date_gmt":"2019-11-04T17:10:03","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/11\/04\/news-10502\/"},"modified":"2019-11-04T09:10:03","modified_gmt":"2019-11-04T17:10:03","slug":"news-10502","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2019\/11\/04\/news-10502\/","title":{"rendered":"A week in security (October 28 \u2013 November 3)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 04 Nov 2019 16:37:57 +0000<\/strong><\/p>\n<p>Last week on Malwarebytes Labs, we celebrated the <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/awareness\/2019\/10\/as-internet-turns-50-more-risks-and-possibilities-emerge\/\" target=\"_blank\">birth of the Internet<\/a> 50 years ago, highlighted reports about the US Federal Trade Commission (FTC) filing <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/stalkerware\/2019\/10\/stalkerware-developer-dealt-new-blow-by-ftc\/\" target=\"_blank\">a case against stalkerware developer Retina-X<\/a>, issued a PSI on <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/social-engineering\/2019\/10\/help-prevent-disaster-donation-scams-from-causing-more-misery\/\" target=\"_blank\">disaster donation scams<\/a>, looked at the <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/business-2\/2019\/10\/smbs-lack-resources-to-defend-against-cyberattacks-plus-pay-more-in-the-aftermath\/\" target=\"_blank\">top cybersecurity challenged SMBs face<\/a>, and provided <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/how-tos-2\/2019\/11\/cybersecurity-for-journalists-how-to-defeat-threat-actors-and-defend-freedom-of-the-press\/\" target=\"_blank\">guidance to journalists<\/a> on how they can defend themselves against threat actors.<\/p>\n<h3>Other cybersecurity news<\/h3>\n<ul>\n<li>A new infostealer called <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.securityweek.com\/raccoon-malware-service-gains-momentum\" target=\"_blank\">Raccoon<\/a> emerged as the new malware-as-a-service (MaaS) that is causing a lot of buzz in the underground. (Source: SecurityWeek)<\/li>\n<li>Notorious Russian APT, <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blogs.microsoft.com\/on-the-issues\/2019\/10\/28\/cyberattacks-sporting-anti-doping\/\" target=\"_blank\">Fancy Bear<\/a>, was found targeting sporting and anti-doping organizations worldwide. (Source: Microsoft)<\/li>\n<li>Millions of <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/nakedsecurity.sophos.com\/2019\/10\/28\/adobe-database-exposes-7-5-million-creative-cloud-users\/\" target=\"_blank\">Adobe Creative Cloud<\/a> users exposed due to a misconfiguration. (Source: Sophos\u2019s Naked Security Blog)<\/li>\n<li>The online store of the <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/techcrunch.com\/2019\/10\/28\/american-cancer-society-credit-card-malware\/\" target=\"_blank\">American Cancer Society<\/a> was found infected with malware by Magecart. (Source: TechCrunch)<\/li>\n<li>According to a report from the FTC, younger adults are more susceptible to <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.washingtonpost.com\/business\/2019\/10\/28\/this-might-surprise-you-seniors-are-not-more-susceptible-scams-younger-adults-are\/\" target=\"_blank\">fraud<\/a> compared to senior adults. (Source: The Washington Post)<\/li>\n<li>Systems used in the state-run <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/in.reuters.com\/article\/uk-india-npcil-malware\/nuclear-power-corp-of-india-says-detected-malware-in-its-systems-idINKBN1X91FM\" target=\"_blank\">Nuclear Power Corp of India<\/a> were found to contain malware. (Source: Reuters)<\/li>\n<li>Sextortion scammers began hacking <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/blogger-and-wordpress-sites-hacked-to-show-sextortion-scams\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\">Blogger and WordPress<\/a> sites to make threats more believable, which leads to a higher likelihood of paying up. (Source: Bleeping Computer)<\/li>\n<li><a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.scmagazineuk.com\/apt-41-using-messagetap-malware-gather-sms-traffic\/article\/1664452\" target=\"_blank\">MessageTap<\/a>, a malware strain developed by Chinese APT threat actors, is capable of monitoring of SMS traffic and other mobile information to target individuals. (Source: SC Magazine UK)<\/li>\n<li>Threat actors have their eyes set on <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.techradar.com\/au\/news\/esports-tournaments-facing-huge-cyberattack-threats\" target=\"_blank\">esports tournaments<\/a>. (Source: TechRadar)<\/li>\n<li>Highly popular <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.theregister.co.uk\/2019\/11\/01\/aitype_keyboard_malware_alert\/\" target=\"_blank\">Android emoji app<\/a> racks up millions of unauthorized purchases. (Source: The Register)<\/li>\n<li><a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.zdnet.com\/article\/this-aggressive-iot-malware-is-forcing-wi-fi-routers-to-join-its-botnet-army\/\" target=\"_blank\">Gafgyt<\/a>, an aggressive IoT malware, was found to force affected systems to join its botnet. (Source: ZDNet)<\/li>\n<\/ul>\n<p>Stay safe!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/11\/a-week-in-security-october-28-november-3\/\">A week in security (October 28 \u2013 November 3)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/11\/a-week-in-security-october-28-november-3\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 04 Nov 2019 16:37:57 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/11\/a-week-in-security-october-28-november-3\/' title='A week in security (October 28 \u2013 November 3)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of the latest cybersecurity news for the week of October 28 \u2013 November 3, including cyberattacks against SMBs, the Internet\u2019s 50th birthday, stalkerware, donation scams, and more.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/a-week-in-security\/\" rel=\"category tag\">A week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/adobe-creative-cloud\/\" rel=\"tag\">Adobe Creative Cloud<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/advanced-persistent-threats\/\" rel=\"tag\">advanced persistent threats<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/american-cancer-society\/\" rel=\"tag\">American Cancer Society<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/android\/\" rel=\"tag\">Android<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/apt\/\" rel=\"tag\">APT<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/blogger\/\" rel=\"tag\">blogger<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/cybersecurity-challenges\/\" rel=\"tag\">cybersecurity challenges<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/data-breach\/\" rel=\"tag\">data breach<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/disaster-donation-scam\/\" rel=\"tag\">disaster donation scam<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/emoji-app\/\" rel=\"tag\">emoji app<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/esports\/\" rel=\"tag\">esports<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/fancy-bear\/\" rel=\"tag\">Fancy Bear<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/fraud\/\" rel=\"tag\">fraud<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ftc\/\" rel=\"tag\">FTC<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/gafgyt\/\" rel=\"tag\">Gafgyt<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/internet\/\" rel=\"tag\">internet<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/journalists\/\" rel=\"tag\">journalists<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/maas\/\" rel=\"tag\">MaaS<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/magecart\/\" rel=\"tag\">Magecart<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/malware-as-a-service\/\" rel=\"tag\">Malware-as-a-Service<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/messagetap\/\" rel=\"tag\">MessageTap<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/nuclear-power-corp-of-india\/\" rel=\"tag\">Nuclear Power Corp of India<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/raccoon\/\" rel=\"tag\">Raccoon<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/retina-x\/\" rel=\"tag\">Retina-X<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/sextortion\/\" rel=\"tag\">sextortion<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/smb\/\" rel=\"tag\">SMB<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/stalkerware\/\" rel=\"tag\">stalkerware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/us-federal-trade-commission\/\" rel=\"tag\">US Federal Trade Commission<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/wordpress\/\" rel=\"tag\">wordpress<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/11\/a-week-in-security-october-28-november-3\/' title='A week in security (October 28 \u2013 November 3)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/11\/a-week-in-security-october-28-november-3\/\">A week in security (October 28 \u2013 November 3)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[12969,23342,10864,23343,10462,11029,23344,23345,11172,23346,23347,13645,11296,9751,10665,23348,4314,23335,12637,19622,12640,23349,23350,23351,23307,18952,12321,19409,22492,16341],"class_list":["post-16763","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-a-week-in-security","tag-adobe-creative-cloud","tag-advanced-persistent-threats","tag-american-cancer-society","tag-android","tag-apt","tag-blogger","tag-cybersecurity-challenges","tag-data-breach","tag-disaster-donation-scam","tag-emoji-app","tag-esports","tag-fancy-bear","tag-fraud","tag-ftc","tag-gafgyt","tag-internet","tag-journalists","tag-maas","tag-magecart","tag-malware-as-a-service","tag-messagetap","tag-nuclear-power-corp-of-india","tag-raccoon","tag-retina-x","tag-sextortion","tag-smb","tag-stalkerware","tag-us-federal-trade-commission","tag-wordpress"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/16763","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=16763"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/16763\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=16763"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=16763"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=16763"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}