A week in security (January 20 – 26)

January 27, 2020 admin a week in security, apple, awis, blog recap, breach, facebook phishing, fake job listings, google, hiring scam, jhonerat, nest iot, pupyrat, ransomware, Rat, remote access trojan, sextortion, tech support scam, thsuite, TINDER, weekly blog roundup

Credit to Author: Malwarebytes Labs| Date: Mon, 27 Jan 2020 17:17:14 +0000

Last week on Malwarebytes Labs, we reported on a Ryuk ransomware attack on The Tampa Bay Times, a newspaper in Florida; unmasked an elaborate browser locking scheme behind the more advanced tech support operations that are currently active; and looked at the latest laws on regulating deepfakes.

Other cybersecurity news

Cisco’s Talos Intelligence Group discovered a new data stealer and called it JhoneRAT. This latest remote access Trojan (RAT) was designed and created to target Arabic-speaking nations. (Source: TechDator)
Fake videos purportedly taken by Nest cameras are used to perform sextortion campaigns against their users. (Source: Bleeping Computer)
The Philippine Airlines (PAL) warned locals of a phishing site using a bogus Facebook ad and claiming that participants could win free tickets in exchange for answering questions. (Source: ABS-CBN News)
The Better Business Bureau (BBB) alerted readers of a tech support scam using the “Expiring License” lure to get the attention and trick Windows users into giving out their banking details. (Source: Better Business Bureau News)
70,000 photos of users of the dating app, Tinder, were found on the public web for free. Along the photos were data of 16,000 Tinder user IDs. (Source: Sophos’s Naked Security Blog)
Point-of-sale (PoS) software company, THSuite, was found to be breached after sensitive data of cannabis users were leaked because of an insecure Amazon S3 bucket. (Source: Newsweek)
Google security engineers found that Apple’s privacy protections on Safari actually put user data at risk. (Source: CNET)
Hiring scams or fake job listings target job seekers’ personally identifiable information, warns the FBI. (Source: FBI PSA)
In contrast to what is generally advised, new survey found that victims continue to pay ransomware threat actors to prevent business disruption. (Source: DarkReading)
PupyRAT, a Trojan believed to be linked to state-backed threat actors working out of Iran, was found targeting the European energy sector since late 2019. (Source: ZDNet)

Stay safe, everyone!

The post A week in security (January 20 – 26) appeared first on Malwarebytes Labs.

https://blog.malwarebytes.com/feed/