A week in security (June 21 – June 27)

Last week on Malwarebytes Labs:

• Want to stop ransomware attacks? Send the cybercriminals to jail, says Brian Honan: Lock and Code S02E11
• Atomic research institute breached via VPN vulnerability
• Hotel staff bust Hermes SMS scammer with suspiciously large number of cables
• City of Liège hit by ransomware, Ryuk suspected
• MITRE introduces D3FEND framework
• Brave takes aim at Google with privacy-first search engine
• Complicated Active Directory setups are undermining security

Other cybersecurity news:

• Malicious Google ads on spoofed Signal and Telegram sites lead to RedlineStealer. (Source: eSentire)
• A malware botnet believed to be out of China continues to infect Windows systems. It goes by many names—DirtyMoe being one of them. (Source: The Record)
• Marketo, an underground data leak marketplace, takes extortion one step further by emailing competitors the data they stole from victim organizations. (Source: BleepingComputer)
• PSA: Be on the lookout for DarkSide ransomware impersonators. (Source: Help Net Security)
• Speaking of copycats, a repurposed REvil ransomware has also emerged. (Source: Security Week)
• After three months, Volkswagen and its Audi subsidiary have started notifying millions of its clients in the US and Canada about a data breach. (Source: Digital Journal)
• According to Akamai Technologies, the video gaming industry has experienced its highest cyberattack growth during the pandemic. (Source: PR Newswire)
• PYSA ransomware uses ChaChi RAT to backdoor education orgs. (Source: BlackBerry ThreatVector Blog)
• BazarCall, the cybercriminal group behind the BazarLoader ransomware, started using call centers to trick users into downloading their ransomware. (Source: ZDNet)
• When it comes to business email compromise (BEC) scams, more than 60 percent of fraudsters behind them request gift cards. (Source: Atlas VPN)

Stay safe, everyone!

The post A week in security (June 21 – June 27) appeared first on Malwarebytes Labs.