A week in security (March 26 – April 01)
Last week, we looked at the thought process behind creating a ransomware decryptor, the inner workings of QuantLoader, the ways one can protect their Android devices, the exploit kits we have encountered this winter, the now-known epidemic of data breaches, the coming of TLS 1.3, and the ways one can protect their P2P payment apps.
Other news
- “Lone wolf” sextortionists pose as hot women behind fake Facebook profiles. (Source: Sophos’s Naked Security Blog)
- Sad fact: Willing victims of romance scams actually do exist. Not only do they send money to “their partner” whom they haven’t met yet but they also knowingly act as mules. (Source: Security Week)
- While a majority of IT pros recognize that IoTs are so insecure, not that many are actually doing anything about it. (Source: ZDNet)
- What happens when you send an application into the background? This SANS diary attempts to answer that. (Source: SANS ISC InfoSec Forums)
- Well, will you look at that—Monero isn’t that untraceable after all. (Source: Wired)
- A flaw in the iOS camera application with the way it handles QR codes can be used to redirect users to malicious destinations. (Source: HackRead)
- Cryptojacking via browsers has been around for a while, and it’s getting more difficult to spot them. (Source: Bleeping Computer)
- Tax season is getting really close, so scams surrounding this are active with varying payloads. (Source: Proofpoint Blog)
- As it happens, Under Armor has left some areas uncovered, causing MyFitnessPal to be compromised and affecting 150 million accounts. (Source: The Verge)
- ‘Cyber bullets’? Cyber bullets! (Source: Fifth Domain)
Stay safe, everyone!
*** This is a Security Bloggers Network syndicated blog from Malwarebytes Labs authored by Malwarebytes Labs. Read the original post at: https://blog.malwarebytes.com/security-world/2018/04/a-week-in-security-march-26-april-01/