{"id":17207,"date":"2019-12-16T10:10:06","date_gmt":"2019-12-16T18:10:06","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/12\/16\/news-10943\/"},"modified":"2019-12-16T10:10:06","modified_gmt":"2019-12-16T18:10:06","slug":"news-10943","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2019\/12\/16\/news-10943\/","title":{"rendered":"A week in security (December 9 \u2013 15)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 16 Dec 2019 17:08:30 +0000<\/strong><\/p>\n<p>Last week on Malwarebytes Labs, we cautioned readers <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/please-dont-buy-this\/2019\/12\/please-dont-buy-this-smart-doorbells\/\" target=\"_blank\">against purchasing potentially privacy-invasive, cyber-insecure smart doorbells<\/a>, warned about a <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/threat-analysis\/2019\/12\/hundreds-of-counterfeit-online-shoe-stores-injected-with-credit-card-skimmer\/\" target=\"_blank\">new credit card skimmer vulnerability<\/a> embedded within hundreds of fraudulent web sites selling supposedly name-brand shoes, and looked at the newest <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/careers\/2019\/12\/women-in-cybersecurity-wicys-veterans-program-bridge-skills-gap-diversify-sector\/\" target=\"_blank\">veteran\u2019s assistance program launched by the nonprofit Women in CyberSecurity (WiCyS)<\/a>. <\/p>\n<p>We also explained how <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/iot\/2019\/12\/the-little-known-ways-mobile-device-sensors-can-be-exploited-by-cybercriminals\/\" target=\"_blank\">mobile device sensors can be exploited by cybercriminals<\/a>, provided tips on <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/business-2\/2019\/12\/5-tips-for-building-an-effective-security-operations-center-soc\/\" target=\"_blank\">building an effective security operations center<\/a>, and put our <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/threat-spotlight\/2019\/12\/threat-spotlight-the-curious-case-of-ryuk-ransomware\/\" target=\"_blank\">threat spotlight on Ryuk ransomware<\/a>, trying to understand the who, what, where, when, and why of the nefarious malware. <\/p>\n<h3><strong>Other cybersecurity news<\/strong><\/h3>\n<ul>\n<li>Threat actors launched a <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/threatpost.com\/cyberattack-downs-pensacolas-city-systems\/150982\/\" target=\"_blank\">cyberattack on Pensacola, FL<\/a>, shutting down the city\u2019s computer system. (Source: Threatpost)<\/li>\n<li>Two North American gas station merchants were hit by <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.darkreading.com\/attacks-breaches\/visa-warns-of-targeted-pos-attacks-on-gas-station-merchants\/d\/d-id\/1336619\" target=\"_blank\">cyberattacks seeking payment card data<\/a>. (Source: Dark Reading)<\/li>\n<li>Security researchers <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/threatpost.com\/critical-bug-in-wordpress-plugins-open-sites-to-hacker-takeovers\/151123\/\" target=\"_blank\">discovered a major vulnerability in two WordPress plugins<\/a> that could allow hackers to gain admin-level access to a victim\u2019s site. (Source: Threatpost)<\/li>\n<li>Cybersecurity researchers <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.hackread.com\/plundervolt-attack-intel-processors-threat-sgx-data\/\" target=\"_blank\">published their findings about a now-patched security flaw that relied on the ability to alter Intel CPU voltages<\/a> in order to steal data. (Source: HackRead)<\/li>\n<li>The KeyWe Smart Lock, advertised as the \u201csmartest lock ever,\u201d <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.hackread.com\/the-smartest-lock-ever-keywe-is-vulnerable-to-hacking\/\" target=\"_blank\">is vulnerable to hacking<\/a>. (Source: HackRead)<\/li>\n<li>Days after Malwarebytes Labs warned users about the vulnerabilities of smart doorbells, owners of such devices in Mississippi, Georgia, Florida, and Texas <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/abcnews.go.com\/US\/ring-security-camera-hacks-homeowners-subjected-racial-abuse\/story?id=67679790\" target=\"_blank\">reported receiving abuse at the hands of hackers who hurled racial slurs and demanded ransoms<\/a>. (Source: ABC News)<\/li>\n<li>Gizmodo offered a fun look at this decade\u2019s <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/gizmodo.com\/30-viral-fakes-that-defined-the-2010s-1838215357\" target=\"_blank\">top viral scams that circulated online<\/a>. Anybody remember the freeway shark? (Source: Gizmodo)<\/li>\n<li>Because of course this is a thing, <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.vice.com\/en_us\/article\/n7jjmw\/lime-scooter-accounts-for-sale-dark-web\" target=\"_blank\">online accounts for on-demand scooter services are being sold on the dark web<\/a>. (Source: Motherboard)<\/li>\n<\/ul>\n<p>Stay safe, everyone! <\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/12\/a-week-in-security-december-9-15\/\">A week in security (December 9 \u2013 15)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/12\/a-week-in-security-december-9-15\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 16 Dec 2019 17:08:30 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/12\/a-week-in-security-december-9-15\/' title='A week in security (December 9 \u2013 15)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of cybersecurity news from December 9 \u2013 15, including  smart doorbell concerns, a new credit card skimmer vulnerability, and a deep dive into Ryuk ransomware. <\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/a-week-in-security\/\" rel=\"category tag\">A week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/credit-card\/\" rel=\"tag\">credit card<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/credit-card-skimmer\/\" rel=\"tag\">credit card skimmer<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ryuk\/\" rel=\"tag\">ryuk<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ryuk-ransomware\/\" rel=\"tag\">Ryuk ransomware<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/security-operations-center\/\" rel=\"tag\">security operations center<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/security-operations-centers\/\" rel=\"tag\">security operations centers<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/smart-doorbells\/\" rel=\"tag\">smart doorbells<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/women-in-cybersecurity\/\" rel=\"tag\">Women in CyberSecurity<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/12\/a-week-in-security-december-9-15\/' title='A week in security (December 9 \u2013 15)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2019\/12\/a-week-in-security-december-9-15\/\">A week in security (December 9 \u2013 15)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[12969,14702,23771,19317,20562,14972,23738,23670,23751],"class_list":["post-17207","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-a-week-in-security","tag-credit-card","tag-credit-card-skimmer","tag-ryuk","tag-ryuk-ransomware","tag-security-operations-center","tag-security-operations-centers","tag-smart-doorbells","tag-women-in-cybersecurity"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17207","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=17207"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17207\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=17207"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=17207"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=17207"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}