A week in security (October 23 – October 29)

Credit to Author: Malwarebytes Labs| Date: Mon, 30 Oct 2017 20:01:41 +0000

Welcome back to “A week in security.” Last week, we took a look at how deleted files can be recovered, explored the BadRabbit ransomware plague attacking Eastern Europe (including a deep dive into the code), and talked about what it takes to work in security. One of our researchers, who is a PhD candidate in immunobiology at Yale, also discussed digital vs biological security. Finally, we launched a new series called “Please don’t buy this,” and our first edition featured smart locks.

In other news around the net:

Bad news for Google Play Protect: it might not be the malware-smashing barrier everyone was hoping it’d be. (source: The Register)
A Dell customer support domain lapses, with predictable “Oh no, here’s a headache” results. (source: Krebs on Security)
Home appliances going rogue? You’d better believe it. (source: Check Point blog)
Old, reused passwords are still causing problems—even for coin miners. (source: Help Net Security)
Oh look, even more bad apps on Google Play. (source: ESET Blog)
Exploits, Word documents, and DDE, oh my. (source: Tech Republic)
Turns out just looking at porn can get you infected: porn site ads deliver malvertising. (source: Grimsby Telegraph)
Fake Apple ID phish scams are still very popular. (source: BGR)
The NHS ransomware attack “could have been avoided.” (source: Evening Standard)
That speeding notification email you just received is a scam. (source: Yorkshire Post)

Safe surfing, everyone!