{"id":17760,"date":"2020-02-18T09:10:13","date_gmt":"2020-02-18T17:10:13","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2020\/02\/18\/news-11493\/"},"modified":"2020-02-18T09:10:13","modified_gmt":"2020-02-18T17:10:13","slug":"news-11493","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2020\/02\/18\/news-11493\/","title":{"rendered":"A week in security (February 10 \u2013 16)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Tue, 18 Feb 2020 16:40:45 +0000<\/strong><\/p>\n<p> Last week on Malwarebytes Labs, we explained how to <a rel=\"noreferrer noopener\" aria-label=\"battle online coronavirus scams with facts (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/social-engineering\/2020\/02\/battling-online-coronavirus-scams-with-facts\/\" target=\"_blank\">battle online coronavirus scams with facts<\/a>, <a rel=\"noreferrer noopener\" aria-label=\"discussed the persisten re-infection techniques of Android\/Trojan.xHelper including how to remove it (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/android\/2020\/02\/new-variant-of-android-trojan-xhelper-reinfects-with-help-from-google-play\/\" target=\"_blank\">discussed the persistent re-infection techniques of Android\/Trojan.xHelper and how to remove it<\/a>, provided <a rel=\"noreferrer noopener\" aria-label=\"cyber tips for safe online dating avoidiong privacy gaffs, exploits, and scams (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/privacy-2\/2020\/02\/cyber-tips-safe-online-dating\/\" target=\"_blank\">cyber tips for safe online dating<\/a>, and showed how <a rel=\"noreferrer noopener\" aria-label=\"Hollywood teaches us misleading cybersecurity lessons (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/awareness\/2020\/02\/misleading-cybersecurity-lessons-from-pop-culture-how-hollywood-teaches-to-hack\/\" target=\"_blank\">Hollywood teaches us misleading cybersecurity lessons<\/a>.<\/p>\n<p>We also released the <a rel=\"noreferrer noopener\" aria-label=\"2020 State of Malware Report (opens in a new tab)\" href=\"https:\/\/blog.malwarebytes.com\/reports\/2020\/02\/malwarebytes-labs-releases-2020-state-of-malware-report\/\" target=\"_blank\">2020 State of Malware Report<\/a> describing the threat landscape of the year in detail, including top threats for Mac, Windows, Android, and the web, as well as the state of data privacy in commerce and legislation.<\/p>\n<h3>Other cybersecurity news<\/h3>\n<ul>\n<li>Medical transportation vendor, <a rel=\"noreferrer noopener\" aria-label=\"GridWorks (opens in a new tab)\" href=\"https:\/\/securityboulevard.com\/2020\/02\/bitglass-security-spotlight-healthcare-burglary-results-in-data-breach-affecting-over-654000-members\/\" target=\"_blank\">GridWorks<\/a> experienced a burglary that resulted in a laptop stolen, which contained the personal identifiable information (PII) of 654,362 members. (Source: Security Boulevard)<\/li>\n<li>Four members of China\u2019s military were charged on with hacking into <a rel=\"noreferrer noopener\" aria-label=\"Equifax (opens in a new tab)\" href=\"https:\/\/www.nytimes.com\/2020\/02\/10\/us\/politics\/equifax-hack-china.html\" target=\"_blank\">Equifax<\/a> and stealing trade secrets and the personal data of about 145 million Americans in 2017. (Source: The New York Times)<\/li>\n<li>Critical vulnerabilities addressed in the <a rel=\"noreferrer noopener\" aria-label=\"Accusoft (opens in a new tab)\" href=\"https:\/\/www.securityweek.com\/flaws-accusoft-imagegear-expose-users-remote-attacks\" target=\"_blank\">Accusoft<\/a> ImageGear library could be exploited by remote attackers to execute code on a victim machine. (Source: Security Week)<\/li>\n<li><a rel=\"noreferrer noopener\" aria-label=\"Dell (opens in a new tab)\" href=\"https:\/\/www.theregister.co.uk\/2020\/02\/11\/dell_supportassist_flaw\/\" target=\"_blank\">Dell<\/a> has copped to a flaw in the pre-installed program SupportAssist that allows local hackers to load malicious files with admin privileges. (Source: TheRegister)<\/li>\n<li>The owner of the <a rel=\"noreferrer noopener\" aria-label=\"Helix (opens in a new tab)\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/helix-bitcoin-mixer-owner-charged-for-laundering-over-310-million\/\" target=\"_blank\">Helix<\/a> Bitcoin Mixer was charged with laundering over $310 million in Bitcoin cryptocurrency\u00a0while operating the dark web mixer between 2014 and 2017. (Source: BleepingComputer)<\/li>\n<li><a rel=\"noreferrer noopener\" aria-label=\"Emotet (opens in a new tab)\" href=\"https:\/\/thehackernews.com\/2020\/02\/emotet-malware-wifi-hacking.html\" target=\"_blank\">Emotet<\/a> has found a new attack vector: using already infected devices to identify new potential victims that are connected to nearby Wi-Fi networks. (Source: The Hacker News)<\/li>\n<li>A digitally signed <a rel=\"noreferrer noopener\" aria-label=\"Gigabyte (opens in a new tab)\" href=\"https:\/\/www.guru3d.com\/news-story\/vulnerable-yet-digitally-signed-gigabyte-driver-actively-being-exploited-robbinhood-randomware.html\" target=\"_blank\">Gigabyte<\/a> driver has been discovered to be in use by Ransom.RobbinHood to fully encrypt the files on a computer. (Source: Guru 3D)<\/li>\n<li><a rel=\"noreferrer noopener\" aria-label=\" Chief Information Security Officers (opens in a new tab)\" href=\"https:\/\/www.zdnet.com\/article\/average-tenure-of-a-ciso-is-just-26-months-due-to-high-stress-and-burnout\/\" target=\"_blank\">Chief Information Security Officers<\/a> (CISOs, or CSOs) across the industry are reporting high levels of stress resulting in an average tenure of only 26 months. (Source: ZDNet)<\/li>\n<li>The Czech data protection authority announced an investigation into antivirus company <a rel=\"noreferrer noopener\" aria-label=\"Avast (opens in a new tab)\" href=\"https:\/\/www.vice.com\/en_us\/article\/3a8vjk\/czech-data-protection-authority-investigation-avast-jumpshot\" target=\"_blank\">Avast<\/a> for harvesting the browsing history of over 100 million users. (Source: Vice.com)<\/li>\n<li>Hackers are demanding <a rel=\"noreferrer noopener\" aria-label=\"nude photos (opens in a new tab)\" href=\"https:\/\/www.fastcompany.com\/90463732\/hackers-are-demanding-nude-photos-to-unlock-files-in-a-new-ransomware-scheme-targeting-women\" target=\"_blank\">nude photos<\/a> to unlock files in a new ransomware scheme targeting women. (Source: FastCompany)<\/li>\n<\/ul>\n<p> Stay safe, everyone! <\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2020\/02\/a-week-in-security-february-10-16\/\">A week in security (February 10 \u2013 16)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2020\/02\/a-week-in-security-february-10-16\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Tue, 18 Feb 2020 16:40:45 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/a-week-in-security\/2020\/02\/a-week-in-security-february-10-16\/' title='A week in security (February 10 \u2013 16)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2018\/01\/shutterstock_610335074.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>A roundup of the previous week&#8217;s security news, including Malwarebytes&#8217; release of the 2020 State of Malware Report, online dating woes, Emotet infection vectors, ransomware attacks, and more.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/a-week-in-security\/\" rel=\"category tag\">A week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/accusoft\/\" rel=\"tag\">accusoft<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/ciso\/\" rel=\"tag\">CISO<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/coronavirus\/\" rel=\"tag\">coronavirus<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/dell\/\" rel=\"tag\">Dell<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/emotet\/\" rel=\"tag\">emotet<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/equifax\/\" rel=\"tag\">Equifax<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/gigabyte\/\" rel=\"tag\">gigabyte<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/gridworks\/\" rel=\"tag\">gridworks<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/helix\/\" rel=\"tag\">helix<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/hollywood\/\" rel=\"tag\">Hollywood<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/nude-photos\/\" rel=\"tag\">nude photos<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/online-dating\/\" rel=\"tag\">online dating<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/robbinhood\/\" rel=\"tag\">robbinhood<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/state-of-malware-report\/\" rel=\"tag\">state of malware report<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/xhelper\/\" rel=\"tag\">xHelper<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/a-week-in-security\/2020\/02\/a-week-in-security-february-10-16\/' title='A week in security (February 10 \u2013 16)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/a-week-in-security\/2020\/02\/a-week-in-security-february-10-16\/\">A week in security (February 10 \u2013 16)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[12969,24245,11142,24152,10582,15715,12310,24246,24247,24248,5844,15023,11316,21938,17276,22742],"class_list":["post-17760","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-a-week-in-security","tag-accusoft","tag-ciso","tag-coronavirus","tag-dell","tag-emotet","tag-equifax","tag-gigabyte","tag-gridworks","tag-helix","tag-hollywood","tag-nude-photos","tag-online-dating","tag-robbinhood","tag-state-of-malware-report","tag-xhelper"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17760","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=17760"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17760\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=17760"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=17760"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=17760"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}