Detail of a calendar page with dates

A week in security (October 23 – October 29)

Welcome back to “A week in security.” Last week, we took a look at how deleted files can be recovered, explored the BadRabbit ransomware plague attacking Eastern Europe (including a deep dive into the code), and talked about what it takes to work in security. One of our researchers, who is a PhD candidate in immunobiology at Yale, also discussed digital vs biological security. Finally, we launched a new series called “Please don’t buy this,” and our first edition featured smart locks.

In other news around the net:

  • Bad news for Google Play Protect: it might not be the malware-smashing barrier everyone was hoping it’d be. (source: The Register)
  • A Dell customer support domain lapses, with predictable “Oh no, here’s a headache” results. (source: Krebs on Security)
  • Home appliances going rogue? You’d better believe it. (source: Check Point blog)
  • Old, reused passwords are still causing problems—even for coin miners. (source: Help Net Security)
  • Oh look, even more bad apps on Google Play. (source: ESET Blog)
  • Exploits, Word documents, and DDE, oh my. (source: Tech Republic)
  • Turns out just looking at porn can get you infected: porn site ads deliver malvertising. (source: Grimsby Telegraph)
  • Fake Apple ID phish scams are still very popular. (source: BGR)
  • The NHS ransomware attack “could have been avoided.” (source: Evening Standard)
  • That speeding notification email you just received is a scam. (source: Yorkshire Post)

Safe surfing, everyone!