A week in security (March 05 – March 11)
Last week on Malwarebytes Labs, we paid homage to several women in tech, including some of our very own, on International Women’s Day and shared their stories.
We also looked into an adware posing as an Android app that claims to live stream the 2018 Winter Olympics, exposed scammers that go by the name GeeksHelp, who were caught red-handed (again) after their first unmasking two years before, and gave you the steps on how to break encryption.
Lastly, we spotlighted the impact of artificial intelligence (AI) and machine learning (ML) in cybersecurity, the importance of having a solid and tested incident response framework, and the reality that Mac malware does exist and that they have evolved.
- Avid Twitter, Facebook, and Instagram user? Be wary of clicking links in your feed, as phishing campaigns are seen on the rise in social media platforms. (Source: Security Brief)
- Inexpensive Android smartphone models were pre-installed with the Triada Trojan, one of several advanced mobile malware in the wild. (Source: Security Week)
- Nation-state threat actors have set their sights on the hospitality industry. Not only is the vertical vulnerable, but targets can also be tracked while they travel. (Source: SC Magazine UK)
- Speaking of travel, according to a data security engineer, airline companies were found to hand over passenger information to marketers and hackers. (Source: Fast Company)
- Own an IoT device at home? Keep an eye on them, and update apps and firmware once available. (Source: Threatpost)
- Did you know that hackers can create a dossier about users based on the information stored on their web browsers? (Source: The ExaBlog)
- Really, Facebook, should you even be asking this? (Source: The Times)
- The takedown of AlphaBay and Hansa has little effect on Dark Web communities in carding and identity theft. (Source: InfoSecurity Magazine)
- Cyberextortion is in every threat actor’s repertoire, and it’s on the uptick, thanks to the growth of crime-as-a-service in the criminal underground. (Source: SD Times)
- KrebsOnSecurity homed in on Punycode and look-alike characters in domain names. If this is the first time you encounter these, attacks taking advantage of the confusion isn’t new. (Source: KrebsOnSecurity)
- Microsoft saved everyone a lot of headaches after successfully blocking a malware campaign that would have allowed half-a-million devices to become miners. (Source: ZDNet)
Stay safe, everyone!
*** This is a Security Bloggers Network syndicated blog from Malwarebytes Labs authored by Malwarebytes Labs. Read the original post at: https://blog.malwarebytes.com/security-world/2018/03/a-week-in-security-march-05-march-11/