A week in security (January 27 – February 2)
Last week on Malwarebytes Labs, we looked at the strengths and weaknesses of the Zero Trust model, gave you the low-down on spear phishing, and took a delve into the world of securing the managed service provider (MSP).
Other cybersecurity news
- UN compromised via Sharepoint hack: An extraordinary tale highlighting that absolutely nobody is safe when bad things happen and are then covered up. (Source: The Register)
- TA505 returns: A well-known financial phishing attack is back from hiatus to cause chaos once again. (Source: Bleeping Computer)
- SMS phishing, aka smishing: Residents of Pitt County are warned to be wary of bogus FedEx notifications sent by text. (Source: News Channel 12)
- Social media booster runs into password mayhem: Another organisation discovers too late that plaintext passwords aren’t a great idea. (Source: TechCrunch)
- Ashley Madison breach returns to haunt us: Five years on, it’s causing problems in all new ways, fueling a new extortion scam. (Source: VadeSecure)
- Hacking in Hong Kong: ESET looks at how the Winnti group are targeting two Hong Kong Universities. (Source: ESET)
- Microsoft launches new bug bounty program: If you’re into gaming, this may be just what you’re looking for. (Source: Help Net Security)
- Big breach, big numbers: A compromise could potentially include a large tally of (more than 30 million) credit card information. (Source: Krebs on Security)
- The real world virus scammers have arrived: Booby-trapped Word documents pushing the Emotet Trojan are being fired out to people’s mailboxes, disguised as warnings about the coronavirus. (Source: TechRepublic)
- Tricky phishing: It may be the case that we’re not as good at detecting scams as we think we are. (Source: ZDNet)
Stay safe, everyone!
The post A week in security (January 27 – February 2) appeared first on Malwarebytes Labs.