A week in security (April 02 – April 08)

Week in security (February 26 – March 4)

Last week on Malwarebytes Labs, we explained how to protect your computer from malicious cryptomining, we gave an encryption 101 lesson using ShiOne ransomware as a case study, and we offered an explanation about SQL injection. We also released a report on the state of malicious cryptomining from its first resurgence in the fall until now.

In active malware, we discussed how the RIG malvertising campaign uses cryptocurrency themes as a decoy, how an old virus made its way onto a Chinese DDoS bot, and how a massive DDoS attack washed over GitHub.

We also drew your attention to our own Chris Boyd appearing in Jenny Radcliffe’s Human Factor Podcast.

Other news

  • Does your endpoint solution stop fileless attacks? They are gaining traction, says a Ponemon Institute study. (Source: Bricata)
  • Feedless is an iOS content blocker that takes the media out of social media. (Source: The Verge)
  • A serious remote code execution vulnerability in both the ‘μTorrent desktop app for Windows and the newly launched ‘μTorrent Web’ was reported. (Source: The Hacker News)
  • But apparently, the Torrent vulnerabilities have already been fixed. (Source: The BitTorrent Engineering Blog)
  • An ad network used an advanced malware technique to conceal CPU-draining mining ads. (Source: Ars Technica)
  • US Supreme Court wrestles with Microsoft data privacy fight. (Source: Reuters)
  • Loapi cryptocurrency mining malware is so powerful it can melt your phone. (Source: Newsweek)
  • German government Intranet under ongoing attack. (Source: TheGuardian)
  • Trustico states they stored private keys for customers’ SSL certificates. (Source: Bleeping Computer)
  • Flash exploit CVE-2018-4878 was spotted in the wild as part of massive malspam campaign. (Source: Morphisec)
  • Equifax says hackers stole more than previously reported. (Source: CBS Philly)
  • Virus downs hundreds of Tim Hortons cash registers; furious owners threaten lawsuit. (Source: CTV News)
  • SgxSpectre attack can extract data from Intel SGX enclaves. (Source: Bleeping Computer)

Stay safe, everyone!