Last week, we kept you updated on our blog about the infected versions of CCleaner that were offered as downloads on the official servers.
We also warned you against a fake IRS notice that delivers a customized spying tool, some of the threats currently facing gamers, and a Netflix scam that has been doing the rounds in Europe.
- The pain caused by the Equifax breach was analyzed in depth by the NY Times.
- And just as easily Equifax was fooled again. They referred users to a parody site like phishers might have used. Luckily this time it was run by a security researcher.
- A new twist in ransomware was provided by “nRansomware”, a program that locks up your computer and only releases it after you send in 10 nude pictures.
- The rise in the number of phishing sites has been huge. Almost 1.5 million new phishing sites pop up every month
- A group of extortionists has been sending out threats to perform DDOS attacks on companies unless they pay a set amount in BitCoin. The perpetrators are claiming to be affiliated with Anonymous or Lizard Squad.
- An absent-minded security staffer accidentally leaked Adobe’s private PGP key onto the internet.
- The ProxyM IoT botnet has turned from DDOS to spam. A device infected with ProxyM sends on average about 400 emails per day. Campaigns so far have promoted adult hookup sites.
- The U.S. Securities and Exchange Commission (SEC) has revealed that attackers might have used data they stole in a security breach for illicit insider trading.
- Viacom exposed a vast array of internal access credentials and critical data that could be used to cause immense harm to the multinational corporation’s business operations.
Malwarebytes Labs Team
*** This is a Security Bloggers Network syndicated blog from Malwarebytes Labs authored by Malwarebytes Labs. Read the original post at: https://blog.malwarebytes.com/security-world/week-in-security/2017/09/week-security-september-18-september-24/