A week in security (April 02 – April 08)

A week in security (March 26 – April 01)

Last week, we looked at the thought process behind creating a ransomware decryptor, the inner workings of QuantLoader, the ways one can protect their Android devices, the exploit kits we have encountered this winter, the now-known epidemic of data breaches, the coming of TLS 1.3, and the ways one can protect their P2P payment apps.

Other news

  • “Lone wolf” sextortionists pose as hot women behind fake Facebook profiles. (Source: Sophos’s Naked Security Blog)
  • Sad fact: Willing victims of romance scams actually do exist. Not only do they send money to “their partner” whom they haven’t met yet but they also knowingly act as mules. (Source: Security Week)
  • While a majority of IT pros recognize that IoTs are so insecure, not that many are actually doing anything about it. (Source: ZDNet)
  • What happens when you send an application into the background? This SANS diary attempts to answer that. (Source: SANS ISC InfoSec Forums)
  • Well, will you look at that—Monero isn’t that untraceable after all. (Source: Wired)
  • A flaw in the iOS camera application with the way it handles QR codes can be used to redirect users to malicious destinations. (Source: HackRead)
  • Cryptojacking via browsers has been around for a while, and it’s getting more difficult to spot them. (Source: Bleeping Computer)
  • Tax season is getting really close, so scams surrounding this are active with varying payloads. (Source: Proofpoint Blog)
  • As it happens, Under Armor has left some areas uncovered, causing MyFitnessPal to be compromised and affecting 150 million accounts. (Source: The Verge)
  • ‘Cyber bullets’? Cyber bullets! (Source: Fifth Domain)

Stay safe, everyone!