A week in security (April 11 – 17)

Last week on Malwarebytes Labs:

  • Credential-stealing malware disguises itself as Telegram, targets social media users
  • Old Play Store apps served notice by upcoming API level changes
  • Denonia cryptominer is first malware to target AWS Lambda
  • Ransomware: March 2022 review
  • Why identity management matters
  • USPS “Your package could not be delivered” text is a smishing scam
  • Apps removed from Google Play for harvesting user data
  • How to password protect a folder
  • Conti ransomware offshoot targets Russian organizations
  • Malwarebytes Evaluation of the MITRE ENGENUITY ATT&CK Round 4 Emulations
  • Steer clear of this “TestNTrace” SMS spam
  • NGINX zero-day vulnerability: Check if you’re affected
  • April’s Patch Tuesday update includes fixes for two zero-day vulnerabilities
  • SMS group spam promises free gifts in return for bill payment
  • “Your AppI‌e‌ ‌l‌D‌ ‌‌h‌‌a‌‌s‌‌ ‌‌b‌‌e‌‌e‌‌n‌‌ ‌‌l‌‌ocke‌‌d‌‌” spam email takes you on a website mystery tour
  • Zloader, another botnet, bites the dust
  • Stalkerware-type detections hit record high in 2021, but fell in second half
  • Filing your taxes? Be wary of help found through search engines

Stay safe!

The post A week in security (April 11 – 17) appeared first on Malwarebytes Labs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source