Detail of a calendar page with dates

A week in security (June 26 – July 02)

Last week, we offered our readers tips on how to detect phishing attempts, gave an overview of Google’s Be Internet Awesome campaign, supplemented an ongoing series on adware, and introduced the Malwarebytes Endpoint Protection to those who aren’t already in the know.

We also pushed out a number of blog posts revolving around the latest ransomware outbreak that hit the EU: EternalPetya. You can read more about it in these posts:

/blog/cybercrime/2017/06/mobile-menace-monday-fake-wannacry-scanner/

Below are notable news stories and security-related happenings from last week:

  • Cybersecurity Battleground Shifting To Linux And Web Servers. “Despite an overall drop in general malware detection for the quarter, Linux malware made up more than 36 percent of the top threats identified in Q1 2017. This attack pattern demonstrates the urgent need for heightened security measures to protect Linux servers and Linux-dependent IoT devices, according to WatchGuard Technologies.” (Source: Help Net Security)
  • UK Energy Industry Cyber-attack Fears Are ‘Off The Scale’. “He said the danger posed to energy systems was coming to the fore now because of the trend away from well-protected, centralised large power stations and towards decentralised power, such as lots of small, flexible gas power plants and solar panels on homes.” (Source: The Guardian)
  • What It Will Take For Cybersecurity To Become Common Sense. “In March, the Pew Research Center surveyed more than 1,000 American adults on what they knew about cybersecurity. The survey asked what’s two-factor authentication, what is a virtual private network and how secure is public Wi-Fi. On average, people only answered five out of the 13 questions correctly. Only 1 percent of respondents got every question right.” (Source: CNET)
  • Fireball Malware: Ticking Time Bomb Or All Hot Air? “Both Check Point and Microsoft agreed that the malware originated from a Chinese digital marketing agency called Rafotech, which uses the code to infect machines, hijack browsers and steal personal information. The company’s fake search engines rank among the world’s top 10,000 websites and occasionally break the top 1,000. It claims to have around 300 million users worldwide, which is suspiciously close to the 250 million infections reported by Check Point.” (Source: Security Intelligence)
  • Hollywood At Risk Without Better Encryption. “The summer blockbuster season has begun with movies such as Sony Pictures Entertainment Inc.’s Spider-Man: Homecoming set to launch. Summer is no longer re-run land for television with shows such as Home Box Office Inc.’s Game of Thrones beginning its next season soon. However, if the movie and television industries aren’t careful about their data security, hackers and other cybercriminals might pirate these prizes or try to hold them hostage.” (Source: Bloomberg)
  • How Snapchat Shares Your (And Your Kids’) Location. “Snap Map shows that, security- and privacy-wise, Snapchat’s come a long way since its early days, with its infamous ‘disappearing’ photos and video messages that never actually went away at all, either on your phone or on its own servers.” (Source: Sophos’s Naked Security Blog)
  • Criminalization Of DNS For Phishing Continues To Advance. “Cybercriminals have been shifting their tactics markedly, by registering more and more domain names, rather using web servers and domains they have hacked into. These ‘malicious domain registrations’ accounted for half of all the domain names used for phishing in 2016, according to APWG.” (Source: Help Net Security)

Safe surfing, everyone!

The Malwarebytes Labs Team

ABOUT THE AUTHOR