{"id":7776,"date":"2017-05-29T10:10:51","date_gmt":"2017-05-29T18:10:51","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/05\/29\/news-1561\/"},"modified":"2017-05-29T10:10:51","modified_gmt":"2017-05-29T18:10:51","slug":"news-1561","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2017\/05\/29\/news-1561\/","title":{"rendered":"A week in security (May 22 \u2013 May 28)"},"content":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 29 May 2017 17:48:06 +0000<\/strong><\/p>\n<p>Last week we informed you about several new threats, including the <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/05\/mobile-menace-monday-ransomware-targets-tencent-users\/\">android ransomware that targets Tencent users<\/a>. This SLocker.fh masquerades as various legitimate apps to fool users into accepting escalated rights.<\/p>\n<p>Or how about the potential danger of <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/05\/smb-and-scf-another-good-reason-to-disable-superfluous-protocols\/\">spilling Windows credentials for Chrome users<\/a>. All they need you to do is to visit their site.<\/p>\n<p>Some of these <a href=\"https:\/\/blog.malwarebytes.com\/security-world\/2017\/05\/5-unsettling-cyber-threats\/\">threats are so unsettling they even frighten us<\/a>. We listed 5 cyberthreats to keep an eye on.<\/p>\n<p>Also we brought you up to speed about <a href=\"https:\/\/blog.malwarebytes.com\/cybercrime\/2017\/05\/roughted-the-anti-ad-blocker-malvertiser\/\">RoughTed, a malvertising campaign<\/a> that is is unique for its considerable scope ranging from scams to exploit kits, targeting a wide array of users via their operating system, browser, and geolocation to deliver the appropriate payload.<\/p>\n<p>Other noteworthy news in cybersecurity:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/eternalrocks-worm-uses-7-nsa-tools\/\">EternalRocks worm uses 7 NSA tools<\/a> According to Miroslav Stampar, who is a member of the Croatian Government CERT, EternalRocks is just code that propagates itself for now , but the C&amp;C servers can send infected machines whatever command they choose at any time, including commands to download additional malware.<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/russian-police-apprehend-criminal-gang-behind-cron-and-ponyforx-malware\/\">Russian Police Apprehend Criminal Gang Behind Cron and PonyForx Malware<\/a>. Russian authorities have arrested the Cron malware gang, responsible for selling the Cron Android banking trojan and the PonyForx Windows infostealer.<\/li>\n<li><a href=\"https:\/\/themerkle.com\/hackers-can-remotely-control-your-computer-through-malicious-movie-subtitles\/\">Hackers Can Remotely Control Your Computer Through Malicious Movie Subtitles<\/a>. Researchers came across a vulnerability of how video players load and parse subtitle files. This exploit can lead to computers being taken over by third parties.<\/li>\n<li><a href=\"http:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/yara-used-rickroll-security-researchers\/\">Yara Used to RickRoll Security Researchers<\/a>. For most security researchers, Yara, a tool that allows them to create their own set of rules for malware tracking, is an invaluable resource that helps automate many processes. But now someone created a file to catch a bunch of rules many researchers are monitoring just to have some fun at their expense.<\/li>\n<li><a href=\"https:\/\/www.androidheadlines.com\/2017\/05\/judy-malware-hidden-play-store-year.html\">Judy Malware Has Hidden In Play Store For Over A Year<\/a>. Google found a total of 41 apps from the same Korean company that contained the Judy malware and booted them.<\/li>\n<\/ul>\n<p>Safe surfing, everyone!<\/p>\n<p>The Malwarebytes Labs Team<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2017\/05\/week-security-may-22-may-28\/\">A week in security (May 22 \u2013 May 28)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n<p><a href=\"https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2017\/05\/week-security-may-22-may-28\/\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><strong>Credit to Author: Malwarebytes Labs| Date: Mon, 29 May 2017 17:48:06 +0000<\/strong><\/p>\n<table cellpadding='10'>\n<tr>\n<td valign='top' align='center'><a href='https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2017\/05\/week-security-may-22-may-28\/' title='A week in security (May 22 \u2013 May 28)'><img src='https:\/\/blog.malwarebytes.com\/wp-content\/uploads\/2014\/09\/photodune-3434769-calendar-s.jpg' border='0'  width='300px'  \/><\/a><\/td>\n<\/tr>\n<tr>\n<td valign='top' align='left'>Last week we informed you about several new threats, here is a roundup of our posts and other noteworthy cybersecurity news.<\/p>\n<p>Categories: <\/p>\n<ul class=\"post-categories\">\n<li><a href=\"https:\/\/blog.malwarebytes.com\/category\/security-world\/week-in-security\/\" rel=\"category tag\">Week in security<\/a><\/li>\n<\/ul>\n<p>Tags: <a href=\"https:\/\/blog.malwarebytes.com\/tag\/chrome\/\" rel=\"tag\">chrome<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/roughted\/\" rel=\"tag\">RoughTed<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/tencent\/\" rel=\"tag\">tencent<\/a><a href=\"https:\/\/blog.malwarebytes.com\/tag\/weekly-blog-roundup\/\" rel=\"tag\">weekly blog roundup<\/a><\/p>\n<table width='100%'>\n<tr>\n<td align=right>\n<p><b>(<a href='https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2017\/05\/week-security-may-22-may-28\/' title='A week in security (May 22 \u2013 May 28)'>Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\/security-world\/week-in-security\/2017\/05\/week-security-may-22-may-28\/\">A week in security (May 22 \u2013 May 28)<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/blog.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[10699,12366,12383,10498,10506],"class_list":["post-7776","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-chrome","tag-roughted","tag-tencent","tag-week-in-security","tag-weekly-blog-roundup"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7776","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=7776"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7776\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=7776"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=7776"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=7776"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}