Last week, we gave some security tips for parents and kids aimed at the new school term. We also took a peek at the inside of the Kronos malware, focusing on how it works and protects itself. And, once again, we spotted a return of Locky ransomware with two new flavors at once, diablo6 and Lukitus.
Below are notable news stories and security-related happenings from last week:
Latest updates for Consumers
- The US government is seeking to unmask every person who visited an anti-Trump website in what privacy advocates say is an unconstitutional “fishing expedition” for political dissidents. A search warrant was issued to Dreamhost, a company hosting a website that was used to coordinate protest against the US president's inauguration.
- Hackers hit Scottish Parliament with brute force cyber-attack. Staff at the Scottish parliament have been advised to change passwords as a result of the attack, performed by a yet unknown external source.
- An ex-Secret Service agent who stole Bitcoins from the Silk Road Dark Web drugs bazaar he was supposed to be investigating has admitted stealing even more sacks of the digital currency. Shaun Bridges pleaded guilty on Tuesday to stealing a further 1,600 Bitcoin.
- Researchers reported that a family of mobile apps, all >4,000 of them, may appear benign but are actually capable of spying on users. Some of these apps were said to have been present in the Google Play store since February. Researchers named some of these apps, and they are Hulk Messenger, Troy Chat, and Soniac. The aforementioned three are no longer on the Play store.
Latest updates for Businesses
- A follow-up emerged about the Mandiant breach a few weeks ago when hackers announced a second data dump of FireEye documents.
- A backdoor was found in enterprise software. A software package produced by NetSarang was found to be modified to include an encrypted payload that could be remotely activated by a knowledgeable attacker.
Safe surfing, everyone!
The Malwarebytes Labs Team