A week in security (August 5 – 11)

August 12, 2019 admin a week in security, APT28, awis, backdoors, bitcoin, bmi, brain-machine interface, chrome incognito, CTNT report, dslr flaw, Facebook, Fancy Bear, IBM X-Force Incident Response and Intelligence Services, IRIS, mark zuckerberg, Messenger Kids, phishing, protonmail, ransomware, robocall, robocall scam, sextortion, smart homes, steam, Strontium, weekly blog roundup

Credit to Author: Malwarebytes Labs| Date: Mon, 12 Aug 2019 15:38:31 +0000

Last week on Malwarebytes Labs, we explained how brain-machine interface (BMI ) technology could usher in a world of Internet of Thoughts, why having backdoors is problematic, and how we can improve the security of our smart homes.

To cap off Hacker Summer Camp week, the Labs team released a special ransomware edition of its quarterly cybercrime tactics and techniques report, which you can download here.

Other cybersecurity news

A month-long ProtonMail phishing campaign targeting dozens of journalists and NGOs reporting on Russia were believed to be part of a larger ongoing hacking operation. (Source: Bellingcat)
Heads up, Chrome Incognito users: Some websites already found ways of going around its privacy features. (Source: TechRadar)
Due to a flaw researchers found in DSLR cameras that makes them at risk of ransomware, Canon, a known manufacturer of DSLR cameras, issued a security advisory and firmware patch. Update now! (Source: The Verge)
A zero-day privilege escalation vulnerability found in Steam’s client could affect 92 million Windows users. (Source: Forbes)
A hacker used SMS gateways to send messages to millions of US numbers to warn users about vulnerabilities, in the hopes of “promoting change from these companies.” (Source: Sophos’s Naked Security Blog)
Mark Zuckerberg was sent a letter by US senators asking if he had done enough to protect kids’ privacy after reports of concerns surrounding Messenger Kids. (Source: The Verge)
Blocking apps used to protect users from robocallers may have been giving up user personal data to certain companies. (Source: Cnet)
Microsoft revealed that APT actor Fancy Bear, aka Strontium and APT28, was trying to breach company networks by exploiting already flawed IoT devices. (Source: Microsoft Security Response Center)
Security researchers revealed that sextortion threat actors have raked in US$1.5 million (£1.25 million) in Bitcoin, with blackmailers relying on “for rent” botnets. (Source: SC Magazine UK)
Destructive malware is on the rise, according to IBM X-Force Incident Response and Intelligence Services (IRIS), which could damage 12,000 corporate workstations on average. (Source: ZDNet)

Stay safe, everyone!

The post A week in security (August 5 – 11) appeared first on Malwarebytes Labs.

https://blog.malwarebytes.com/feed/