A week in security (January 7 – 13)

January 14, 2019 admin 2fa, Android, Ars Technica, Bloomberg, Data Security, Deletion, Facebook, Hacker One, hackers, Help Net Security, Naked Security, PA Daily post, Password reuse, passwords, pentest, ransom, ransomware, rogue apps, ryuk, Ryuk Ransomware, Security world, Trend Micro, USA Today, Vietnam, Vietnam News, Week in security

Credit to Author: Malwarebytes Labs| Date: Mon, 14 Jan 2019 16:45:37 +0000

Last week on the Malwarebytes Labs blog, we took a look at the Ryuk ransomware attack causing trouble over the holidays, as well as a ransom threat for an Irish transportation company. We explored the realm of SSN scams, and looked at what happens when an early warning system is attacked.

Other cybersecurity news

Password reuse problems. Multiple Reddit accounts reported being locked out after site admins blamed “password reuse” for the issue. (Source: The Register)
85 rogue apps pulled from Play Store. Sadly, not before some 9 million downloads had already taken place. (Source: Trend Micro)
Home router risk. It seems many home routers aren’t doing enough in the fight against hackers. (Source: Help Net Security)
Deletion not allowed. Some people aren’t happy they can’t remove Facebook from their Samsung phones. (Source: Bloomberg)
Takedown: How a system admin brought down the notorious “El Chapo.” (Source: USA Today)
2FA under fire. A new pentest tool called Mantis can be used to assist in the phishing of OTP (one time password) codes. (Source: Naked Security)
Facebook falls foul of new security laws in Vietnam. New rules have brought a spot of bother for Facebook, accused of not removing certain types of content and handing over data related to “fraudulent accounts.” (source: Vietnam News)
Trading site has leak issue. A user on the newly set up trading platform was able to grab a lot of potentially problematic snippets, including authentication tokens and password reset links. (source: Ars Technica)
Local risk to card details. A researcher discovered payment info was being stored locally on machines, potentially exposing them to anyone with physical access. (Source: Hacker One)
Facebook exec swatted. The dangerous “gag” of sending armed law enforcement to an address ends up causing problems for a “cybersecurity executive,” after bogus calls claimed they had “pipe bombs all over the place.” (source: PA Daily post)

Stay safe, everyone!

The post A week in security (January 7 – 13) appeared first on Malwarebytes Labs.

https://blog.malwarebytes.com/feed/