A week in security (January 3 – 9)

January 10, 2022

Last week on Malwarebytes Labs:

  • Ransomware attacks Finalsite, renders 8,000 school sites unreachable for days
  • Patchwork APT caught in its own web
  • Sophisticated phishing scheme spent years robbing authors of their unpublished work
  • Google and Facebook fined $240 million for making cookies hard to refuse
  • New iPhone malware spies via camera when device appears off
  • Hackers take over 1.1 million accounts by trying reused passwords
  • Intercepting 2FA: Over 1200 man-in-the-middle phishing toolkits detected
  • Card skimmers strike Sotheby’s in Brightcove supply chain attack
  • Careful! Uber flaw allows anyone to send an email from uber.com
  • $10m of funds goes missing in what appears to be a cryptocurrency rug-pull
  • Customer support scammers take aim at NFT enthusiasts
  • Purple Fox rootkit now bundled with Telegram installer
  • What angered us most about cybersecurity in 2021: Lock and Code S03E01

Stay safe!

The post A week in security (January 3 – 9) appeared first on Malwarebytes Labs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source

You may have missed

image

[EMBARGO] – Ransomware Victim: American Associated Pharmacies

November 13, 2024
image

[KILLSEC] – Ransomware Victim: Axpr Valve Science

November 13, 2024
CISA Logo

CISA: Oracle Releases Quarterly Critical Patch Update Advisory for October 2024

November 13, 2024
CISA Logo

CISA: CISA, FBI, NSA, and International Partners Release Advisory on Iranian Cyber Actors Targeting Critical Infrastructure Organizations Using Brute Force

November 13, 2024
CISA Logo

CISA: CISA Releases Seven Industrial Control Systems Advisories

November 13, 2024