A week in security (May 22 – May 28)
Credit to Author: Malwarebytes Labs| Date: Mon, 29 May 2017 17:48:06 +0000
Last week we informed you about several new threats, including the android ransomware that targets Tencent users. This SLocker.fh masquerades as various legitimate apps to fool users into accepting escalated rights.
Or how about the potential danger of spilling Windows credentials for Chrome users. All they need you to do is to visit their site.
Some of these threats are so unsettling they even frighten us. We listed 5 cyberthreats to keep an eye on.
Also we brought you up to speed about RoughTed, a malvertising campaign that is is unique for its considerable scope ranging from scams to exploit kits, targeting a wide array of users via their operating system, browser, and geolocation to deliver the appropriate payload.
Other noteworthy news in cybersecurity:
- EternalRocks worm uses 7 NSA tools According to Miroslav Stampar, who is a member of the Croatian Government CERT, EternalRocks is just code that propagates itself for now , but the C&C servers can send infected machines whatever command they choose at any time, including commands to download additional malware.
- Russian Police Apprehend Criminal Gang Behind Cron and PonyForx Malware. Russian authorities have arrested the Cron malware gang, responsible for selling the Cron Android banking trojan and the PonyForx Windows infostealer.
- Hackers Can Remotely Control Your Computer Through Malicious Movie Subtitles. Researchers came across a vulnerability of how video players load and parse subtitle files. This exploit can lead to computers being taken over by third parties.
- Yara Used to RickRoll Security Researchers. For most security researchers, Yara, a tool that allows them to create their own set of rules for malware tracking, is an invaluable resource that helps automate many processes. But now someone created a file to catch a bunch of rules many researchers are monitoring just to have some fun at their expense.
- Judy Malware Has Hidden In Play Store For Over A Year. Google found a total of 41 apps from the same Korean company that contained the Judy malware and booted them.
Safe surfing, everyone!
The Malwarebytes Labs Team
The post A week in security (May 22 – May 28) appeared first on Malwarebytes Labs.