Detail of a calendar page with dates

A week in security (May 29 – Jun 04)

Last week, we looked at a ransomware strain that appears to be a fake version of DMA Locker. We also focused on adware that use scheduled tasks in part 4 of a series. Lastly, we talked about fake reviews and how to spot them.

Below are notable news stories and security-related happenings:

  • Healthcare Industry Continues To Struggle With Software Security. “According to the results of a recent survey, roughly one third of device makers and HDOs are aware of potential adverse effects to patients due to an insecure medical device, but despite the risk only 17 percent of device makers and 15 percent of HDOs are taking significant steps to prevent such attacks.” (Source: Help Net Security)
  • The Need For Internet Security On Your Devices. “Cyber crime seems to be making headlines every other day. Cyber crime continues to be a growing problem for kiwi’s, costing us over $257 million per year.  This means that it’s important now more than ever to ensure that you are protected against the plethora of threats that seek to compromise your devices.” (Source: Future Five)
  • Don’t Wanna Cry After Meeting Judy? How To Secure Your Mobile From Malware. “Security firm Checkpoint on Thursday revealed that around 36.5 million Android devices were likely infected by a malware, dubbed as ‘Judy’, after downloading apps developed by South Korea-based Kiniwini and published under the name of ENISTUDIO Corp. The Korean firm developed 41 such malicious apps and was able to bypass Google’s security protocols on the Play Store, thereby making the app available for download.” (Source: Money Control)
  • China’s Tough Cybersecurity Law To Come Into Force This Week. “China, battling increased threats from cyber-terrorism and hacking, will adopt from Thursday a controversial law that mandates strict data surveillance and storage for firms working in the country, the state-run Xinhua news agency said. The law, passed in November by the country’s largely rubber-stamp parliament, bans online service providers from collecting and selling users’ personal information and gives users the right to have their information deleted, in cases of abuse.” (Source: South China Morning Post)
  • What Will It Take To Keep Smart Cities Safe? “‘Smart cities’ use smart technologies in their critical infrastructure sectors: energy, transportation, environment, communications, and government. This includes smart systems for energy management, parking management systems, public transportation information coordination, transportation sharing, traffic management, air quality monitoring, waste management, e-government, connectivity, and so on.” (Source: Help Net Security)
  • IT and Biz Leaders: Boards Don’t Take Security Seriously. “Nearly half of IT and business decision makers globally don’t think their boards are capable of effectively managing cybersecurity threats, despite the vast majority (77%) believing it is now the C-level’s responsibility, according to new research from Control Risks.” (Source: InfoSecurity Magazine)
  • Bitcoin Has Come Roaring BackBut So Have The Risks. “The big question is whether a crash is coming or whether cryptocurrencies have hit their stride. Should investors cash out now while the getting is good, or buy more now before the price climbs even higher? So far, when it comes to bitcoin, the only real rule is volatility.” (Source: Wired)
  • OneLogin Suffers Breach—Customer Data Said To Be Exposed, Decrypted. “OneLogin told fretful customers in an internal notification that they would need to work through a number of steps to secure their accounts, including generation of new API credentials and OAuth tokens. Any users served by the firm’s US data centre have been hit by the breach, OneLogin said.” (Source: Ars Technica)
  • A Recently Discovered Linux Flaw Could Be Exploited By Sudo Users To Gain Root Privileges. “Security researchers at Qualys Security have discovered a Linux flaw that could be exploited to gain root privileges and overwrite any file on the filesystem on SELinux-enabled systems. The high severity flaw, tracked as CVE-2017-1000367, resides in the Sudo’s get_process_ttyname() for Linux and is related to the way Sudo parses tty information from the process status file in the proc filesystem.” (Source: Security Affairs)
  • Kmart Point of Sale Hacked With ‘Undetectable’ Malware. “Kmart is not saying how many of its 750 stores in the US were affected by the point-of-sale (PoS) malware, but it stressed that no personal data, including names, addresses, Social Security Numbers or email addresses, was stolen. It also talked up its EMV reader implementation.” (Source: InfoSecurity Magazine)
  • Inside Google’s Global Campaign To Shut Down Phishing. “At the beginning of May, a phishing scam flooded the web, disguised as a typical Google Docs request. Some of the emails even appeared to come from acquaintances. If victims clicked through and granted seemingly innocuous permissions, they exposed their entire Gmail account to whoever was behind the scam. It was an explosive scheme. And Google responded in kind.” (Source: Wired)

Safe surfing, everyone!

The Malwarebytes Labs Team