A week in security (July 26 – August 1)

August 3, 2021

Last week on Malwarebytes Labs:

  • OSX.XLoader hides little except its main purpose: What we learned in the installation process.
  • The Clubhouse database “breach” is likely a non-breach. Here’s why.
  • Kaseya Unitrends has unpatched vulnerabilities that could help attackers expand a breach.
  • UDP Technology IP Camera firmware vulnerabilities allow for attacker to achieve root.
  • The Olympics: a timeline of scams, hacks, and malware.
  • BlackMatter, a new ransomware group, claims link to DarkSide, REvil.
  • Crimea “manifesto” deploys VBA Rat using double attack vectors.
  • Microsoft provides more mitigation instructions for the PetitPotam attack.
  • Spear-phishing now targets employees outside the finance and executive teams, report says.
  • LemonDuck no longer settles for breadcrumbs.

Other cybersecurity news:

  • QR codes are here to stay. So is the tracking they allow. (Source: The New York Times)
  • NSA issues guidance on securing wireless devices in public settings. (Source: nsa.gov)
  • The greatest danger to national security has become the companies that claim to protect it. (Source: Edward Snowden)
  • The Northern Ireland COVID Certification Service was temporarily interrupted due to privacy issue. (Source: UK Department of Health)
  • BazaCall campaigns use phony call centers meaning to trick users into exfiltration and ransomware. (Source: Microsoft Security blog)
  • Solarmarker malware campaign actors are focusing their energy on credential and residual information theft. (Source: ZDNet)
  • We can’t believe people use browsers to manage their passwords, says maker of password management tools. (Source: The Register)
  • Polish police officers have arrested Belarusian nationals over ATM black-box attacks. (Source: The Record)
  • The FBI has revealed the top targeted vulnerabilities of the last two years. (Source: Bleeping Computer)
  • Officials from Israeli government agencies have raided the offices of Pegasus software vendor NSO Group, (Source: The Record)

Stay safe, everyone!

The post A week in security (July 26 – August 1) appeared first on Malwarebytes Labs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source

You may have missed

unlock membership

Unveiling Blockchain Security: Safeguarding the Digital Ledger

November 22, 2024
news

A Fifth of UK Enterprises Uncertain About NIS2 Compliance Requirements

November 22, 2024
news

Scattered Spider Case: Five Arrested in Major Cybercrime Investigation

November 22, 2024
news

BianLian Ransomware Group Updates Tactics: A Growing Risk to Critical Infrastructure

November 22, 2024
news

Infostealer Malware Insights: VietCredCare vs. DuckTail in Vietnam

November 22, 2024