{"id":17129,"date":"2019-12-09T09:10:07","date_gmt":"2019-12-09T17:10:07","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/12\/09\/news-10865\/"},"modified":"2019-12-09T09:10:07","modified_gmt":"2019-12-09T17:10:07","slug":"news-10865","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2019\/12\/09\/news-10865\/","title":{"rendered":"A week in security (December 2 &#8211; December 8)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 09 Dec 2019 16:47:06 +0000<\/strong><\/p>\n<p>Last week on Malwarebytes Labs, we took a look at a <a href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2019\/12\/new-version-of-icedid-trojan-uses-steganographic-payloads\/\" target=\"_blank\" rel=\"noopener noreferrer\">new version of the IcedID Trojan<\/a>, described web skimmers <a href=\"https:\/\/blog.malwarebytes.com\/web-threats\/2019\/12\/theres-an-app-for-that-web-skimmers-found-on-paas-heroku\/\" target=\"_blank\" rel=\"noopener noreferrer\">up to no good<\/a>, and took a <a href=\"https:\/\/blog.malwarebytes.com\/explained\/2019\/12\/explained-what-is-containerization\/\" target=\"_blank\" rel=\"noopener noreferrer\">deep dive into containerization<\/a>. We also explored a report bringing bad news for <a href=\"https:\/\/blog.malwarebytes.com\/awareness\/2019\/12\/report-organizations-remain-vulnerable-to-increasing-insider-threats\/\" target=\"_blank\" rel=\"noopener noreferrer\">organizations and insider threats<\/a>, and threw a spotlight on a <a href=\"https:\/\/blog.malwarebytes.com\/social-engineering\/2019\/12\/fake-elder-scrolls-online-developers-go-phishing-on-playstation\/\" target=\"_blank\" rel=\"noopener noreferrer\">video game phish attack<\/a>.<\/p>\n<h3>Other cybersecurity news<\/h3>\n<ul>\n<li>Delivery firm runs into trouble: A security researcher was able to pull up <a href=\"https:\/\/www.theregister.co.uk\/2019\/12\/03\/yodel_tracking_app_security_flaw\/\" target=\"_blank\" rel=\"noopener noreferrer\">random delivery information<\/a> from an Android app. (Source: The Register)<\/li>\n<li>Christmas fraud worry: Despite an abundance of online advice for steering clear of scams, consumers are still worried they\u2019ll be <a href=\"https:\/\/www.helpnetsecurity.com\/2019\/12\/06\/online-retail-fraud-increase\/\" target=\"_blank\" rel=\"noopener noreferrer\">caught out by scammers over the festive season<\/a>. (Source: Help Net Security)<\/li>\n<li>Fixing leaky buckets: AWS security released a new way to <a href=\"https:\/\/aws.amazon.com\/blogs\/storage\/protect-amazon-s3-buckets-using-access-analyzer-for-s3\/\" target=\"_blank\" rel=\"noopener noreferrer\">lock down S3 buckets<\/a>. (Source: AWS)<\/li>\n<li>Drama alert: Ransomware takes center stage, causing <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/ransomware-writes-drama-at-shakespeare-theatre\/\" target=\"_blank\" rel=\"noopener noreferrer\">headaches for theater goers<\/a>. (Source: Bleeping Computer)<\/li>\n<li>Jewelry heist: Hackers <a href=\"https:\/\/timesofindia.indiatimes.com\/city\/pune\/hackers-bugged-e-banking-facility-broke-security-code\/articleshow\/72391600.cms\" target=\"_blank\" rel=\"noopener noreferrer\">compromised multiple bank accounts<\/a> belonging to a prominent jewelry company. (Source: Times of India)<\/li>\n<li>E-banking phishes and Germany: Research shows the number of officially reported cases over a decade <a href=\"https:\/\/thepaypers.com\/news\/germany-marks-nearly-40-thousand-e-banking-phishing-cases-since-2008--1239846\" target=\"_blank\" rel=\"noopener noreferrer\">has hit nearly 40,000<\/a>. (Source: The Paypers)<\/li>\n<li>Facebook budget action: Cookie-swiping malware <a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/12\/05\/cookie-stealing-malware-wants-to-know-your-facebook-ad-budget\/\" target=\"_blank\" rel=\"noopener noreferrer\">wants all of your numbers<\/a>. (Source: Naked Security)<\/li>\n<li>Hackers target plus-sized women with diet pill scams: This is a <a href=\"https:\/\/www.komando.com\/security-privacy\/hackers-have-a-shocking-new-tactic-to-scam-you-with-fake-products\/695022\/\" target=\"_blank\" rel=\"noopener noreferrer\">shocking use of stolen data<\/a> to target people in specific (and awful) ways. (Source: Kim Komando)<\/li>\n<li>New ransomware expands targets: Lock down NAS\/backup storage down otherwise you <a href=\"https:\/\/www.zdnet.com\/article\/new-ransomware-attack-targets-your-nas-devices-backup-storage\/\" target=\"_blank\" rel=\"noopener noreferrer\">may run into some trouble<\/a>. (Source: ZDnet)<\/li>\n<li>Last call for passengers: A rundown of why you may <a href=\"https:\/\/www.huffpost.com\/entry\/hackers-boarding-pass-data_l_5de95730e4b00149f73d9ce3?guccounter=1\" target=\"_blank\" rel=\"noopener noreferrer\">wish to destroy your boarding cards<\/a> instead of keeping them for posterity. (Source: HuffPost)<\/li>\n<\/ul>\n<p>Stay safe, everyone!<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/12\/a-week-in-security-december-2-december-8\/\">A week in security (December 2 &#8211; December 8)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/12\/a-week-in-security-december-2-december-8\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 09 Dec 2019 16:47:06 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/12\/a-week-in-security-december-2-december-8\/' title='A week in security (December 2 - December 8)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of the previous week&#8217;s security blogs and other news, including a new ransomware, an explanation of containerization, fixing leaky buckets, jewelry heists, and more.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/a-week-in-security\/\" rel=\"category tag\">A week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/amazon\/\" rel=\"tag\">amazon<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/bank\/\" rel=\"tag\">bank<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/buckets\/\" rel=\"tag\">buckets<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/phish\/\" rel=\"tag\">phish<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/week-in-security\/\" rel=\"tag\">week in security<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/weekly-roundup\/\" rel=\"tag\">weekly roundup<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/xmas\/\" rel=\"tag\">xmas<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/12\/a-week-in-security-december-2-december-8\/' title='A week in security (December 2 - December 8)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/12\/a-week-in-security-december-2-december-8\/\">A week in security (December 2 &#8211; December 8)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[12969,5588,11507,23662,10511,10498,11238,23663],"class_list":["post-17129","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-a-week-in-security","tag-amazon","tag-bank","tag-buckets","tag-phish","tag-week-in-security","tag-weekly-roundup","tag-xmas"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17129","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=17129"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17129\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=17129"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=17129"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=17129"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}