A week in security (August 20 – August 26)

September 5, 2018 admin a week in security, badgelife, cobalt dickens, cybersecurity, cybersecurity awareness, digital entropy of death, Elections, Facebook, google, green card scam, privacy, project insecurity, ransomware, recap, ryuk, search browser extensions, Security world, superdrug, the lazarus group, Twitch, vulnerabilities, Week in security, weekly blog roundup

Credit to Author: Malwarebytes Labs| Date: Mon, 27 Aug 2018 17:06:17 +0000

Last week on Labs, we took a look at insider threats, doubled back on the privacy of search browser extensions, profiled green card scams, revisited Defcon badgelife, and talked about what happens to a user’s accounts when they die.

Other cybersecurity news

There was an archiving error in Twitch HQ. Unfortunately, that left some private user messages (even those with sensitive info in them) exposed to the public for a time. (Source: Sophos’ Naked Security Blog)
Researchers from Catholic University found that apps offering ad blocking and privacy can be bypassed. (Source: Sophos’ Naked Security Blog)
Researchers associated with Project Insecurity found a flaw in disability services in Canadian telcos. (Source: Kaspersky’s Threatpost)
Facebook continued to clean house, removing more pages of campaigns that originated from Iran and Russia to curb “coordinated inauthentic behavior.” (Source: Facebook Newsroom)
A computer science professor at Vanderbilt University published a 55-page study on how Google continues to collect data on users, even when the device is idle. (Source: The Washington Post)
Philips revealed that their cardiovascular imaging devices have a flaw that could provide a low-level hacker “improper privilege management.” (Source: ZDNet)
Videomaker service provider Animoto was breached. (Source: TechCrunch)
Ryuk, a new ransomware, trained their crosshairs at large organizations capable of paying high-valued ransom in Bitcoin. (Source: ZDNet)
North Korea’s The Lazarus Group pushed out its first Mac malware and successfully infiltrated IT systems of a cryptocurrency exchange platform based in Asia. (Source: Bleeping Computer)
Superdrug, the popular health and beauty retailer based in the UK, was breached. (Source: InfoSecurity Magazine)
Cobalt Dickens, a campaign that originated in Iran, targeted universities in 14 countries to steal credentials. (Source: SecureWorks)
Hackers make millions by selling unpublished press releases. (Source: The Verge)

Stay safe, everyone!

The post A week in security (August 20 – August 26) appeared first on Malwarebytes Labs.

https://blog.malwarebytes.com/feed/