Week in security (February 26 – March 4)

Last week on Malwarebytes Labs, we explained how to protect your computer from malicious cryptomining, we gave an encryption 101 lesson using ShiOne ransomware as a case study, and we offered an explanation about SQL injection. We also released a report on the state of malicious cryptomining from its first resurgence in the fall until now.
In active malware, we discussed how the RIG malvertising campaign uses cryptocurrency themes as a decoy, how an old virus made its way onto a Chinese DDoS bot, and how a massive DDoS attack washed over GitHub.
We also drew your attention to our own Chris Boyd appearing in Jenny Radcliffe’s Human Factor Podcast.
Other news
Does your endpoint solution stop fileless attacks? They are gaining traction, says a Ponemon Institute study. (Source: Bricata)
Feedless is an iOS content blocker that takes the media out of social media. (Source: The Verge)
A serious remote code execution vulnerability in both the ‘μTorrent desktop app for Windows and the newly launched ‘μTorrent Web’ was reported. (Source: The Hacker News)
But apparently, the Torrent vulnerabilities have already been fixed. (Source: The BitTorrent Engineering Blog)
An ad network used an advanced malware technique to conceal CPU-draining mining ads. (Source: Ars Technica)
US Supreme Court wrestles with Microsoft data privacy fight. (Source: Reuters)
Loapi cryptocurrency mining malware is so powerful it can melt your phone. (Source: Newsweek)
German government Intranet under ongoing attack. (Source: TheGuardian)
Trustico states they stored private keys for customers’ SSL certificates. (Source: Bleeping Computer)
Flash exploit CVE-2018-4878 was spotted in the wild as part of massive malspam campaign. (Source: Morphisec)
Equifax says hackers stole more than previously reported. (Source: CBS Philly)
Virus downs hundreds of Tim Hortons cash registers; furious owners threaten lawsuit. (Source: CTV News)
SgxSpectre attack can extract data from Intel SGX enclaves. (Source: Bleeping Computer)
Stay safe, everyone!
The post Week in security (February 26 – March 4) appeared first on Malwarebytes Labs.
Click here for best antivirus and antispyware software

Powered by WPeMatico