A week in security (August 23 – August 29)

August 31, 2021

Last week on Malwarebytes Labs:

  • Patch now! Microsoft Exchange is being attacked via ProxyShell
  • Realtek-based routers, smart devices are being gobbled up by a voracious botnet
  • Criminals exploited weak checks and old tech to pull off vast COVID benefit fraud
  • Mice “taking over the world!”, one Windows machine at a time
  • The best browsers for privacy and security
  • Cold wallet, hot wallet, or empty wallet? What is the safest way to store cryptocurrency?
  • US government and private sector agree to invest time, money in cybersecurity
  • Latest iPhone exploit, FORCEDENTRY, used to launch Pegasus attack against Bahraini activists
  • How to stay secure from ransomware attacks this Labor Day weekend
  • Microsoft warns about phishing campaign using open redirects

Other cybersecurity news:

  • A vulnerability in Microsoft Azure left thousands of customer databases exposed. (Source: Reuters)
  • Researchers from vpnMentor discovered an insecure database belonging to EskyFun, a Chinese Android game developer, exposing millions of gamers to hacking. (Source: vpnMentor)
  • The UK will begin making changes to privacy laws as they depart from GDPR as part of post-Brexit proceedings. (Source: The Wall Street Journal)
  • China is reportedly hiring hackers to become spies and entrepreneurs at the same time. (Source: The New York Times)
  • Phishers used an XSS vulnerability in UPS’s official site to spread malware. (Source: BleepingComputer)
  • JP Morgan Chase bank customers were notified that their data was inadvertently exposed to other users. (Source: SecurityWeek)
  • ALTDOS is hacking companies in Southeast Asia to steal data and either ransom it back to them or sell for profit. (Source: The Record by Recorded Future)
  • Flaws in infusion pumps could let hackers increase medication dosage. (Source: WIRED)
  • Researchers for Zscaler revealed the prevalence of fake streaming sites and adware during the 2020 Tokyo Olympics. (Source: Zscaler Blog)
  • Bumble, a popular dating app, was leaking users’ exact locations until recently patched. (Source: IT News)

Stay safe, everyone!

The post A week in security (August 23 – August 29) appeared first on Malwarebytes Labs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source

You may have missed

news

Microsoft Addresses Four Critical Zero-Days in November Patch Tuesday Updates

November 14, 2024
news

AI Threat Worsening in 2025: Insights from Google Cloud

November 14, 2024
news

Lazarus Group’s Code Smuggling Technique Exploits Extended Attributes in macOS

November 14, 2024
news

Ethical Hacker or Not? Amazon MOVEit Leaker’s Controversial Claims

November 14, 2024
news

Hive0145 Targets Europe with Sophisticated Strela Stealer Campaigns

November 14, 2024