MalwareBytes Security

A week in security (June 18 – June 24)

June 25, 2018 admin Android malware, android rat, Android spyware, andy android emulator, cybersecurity skills gap, DNS rebinding, Fake Fortnite, insecure web apps, insecure website, malicious spam, mylobot, netflix phish, Rat, recruitment portal flaws, samsam ransomware, Security world, skills shortage, wanna ransomware, wannacry scam, Week in security, world cup phishing

Credit to Author: Malwarebytes Labs| Date: Mon, 25 Jun 2018 16:29:22 +0000

Last week, we took a deep dive into SamSam ransomware, looked at ways how to identify and delete malicious emails, recognized that there are now risks affecting job recruitment portals, analyzed a malicious Android app banking on the popularity of Fortnite, and identified causes and solutions for the skills shortage in cybersecurity.

Other news

- Security researchers pointed a finger at China for a sophisticated hacking campaign that breached satellite operators, telco companies, and defense contractors. (Source: Reuters)
- Latest Netflix phishing campaign started using valid TLS certificates. Typical. (Source: SANS InfoSec Forum)
- Two studies reveal that most websites and web apps are poorly secured. (Source: Dark Reading)
- An artist-cum-programmer realized that streaming devices are vulnerable to DNS rebinding, a weakness that has been known within the security industry for years. (Source: Wired)
- An information stealer malware on Android is found to particularly fond of Japanese- and Korean-speaking users. (Source: The TrendLabs Security Intelligence Blog)
- Mylobot, a new malware, is so sophisticated that it made experts see botnets in a new light. (Source: Dark Reading)
- Andy Android OS Emulator was in hot water after being found to drop a cryptocurrency miner on affected smartphones. (Source: TechRepublic)
- Researchers found a phishing campaign targeting soccer fans who were tuning in to the World Cup. (Source: Check Point)
- An Android RAT (remote administration tool) was found capable of abusing the Telegram protocol. (Source: ESET’s We Live Security Blog)
- A new email scam was banking on the popularity of the WannaCry ransomware to threaten and force recipients to pay up in advance. (Source: Sophos’s Naked Security Blog)

Stay safe, everyone!

The post A week in security (June 18 – June 24) appeared first on Malwarebytes Labs.

https://blog.malwarebytes.com/feed/