A week in security (December 2 – December 8)

Credit to Author: Malwarebytes Labs| Date: Mon, 09 Dec 2019 16:47:06 +0000

Last week on Malwarebytes Labs, we took a look at a new version of the IcedID Trojan, described web skimmers up to no good, and took a deep dive into containerization. We also explored a report bringing bad news for organizations and insider threats, and threw a spotlight on a video game phish attack.

Delivery firm runs into trouble: A security researcher was able to pull up random delivery information from an Android app. (Source: The Register)
Christmas fraud worry: Despite an abundance of online advice for steering clear of scams, consumers are still worried they’ll be caught out by scammers over the festive season. (Source: Help Net Security)
Fixing leaky buckets: AWS security released a new way to lock down S3 buckets. (Source: AWS)
Drama alert: Ransomware takes center stage, causing headaches for theater goers. (Source: Bleeping Computer)
Jewelry heist: Hackers compromised multiple bank accounts belonging to a prominent jewelry company. (Source: Times of India)
E-banking phishes and Germany: Research shows the number of officially reported cases over a decade has hit nearly 40,000. (Source: The Paypers)
Facebook budget action: Cookie-swiping malware wants all of your numbers. (Source: Naked Security)
Hackers target plus-sized women with diet pill scams: This is a shocking use of stolen data to target people in specific (and awful) ways. (Source: Kim Komando)
New ransomware expands targets: Lock down NAS/backup storage down otherwise you may run into some trouble. (Source: ZDnet)
Last call for passengers: A rundown of why you may wish to destroy your boarding cards instead of keeping them for posterity. (Source: HuffPost)

Stay safe, everyone!