A week in security (March 28 – April 3)

Last week on Malwarebytes Labs:

• New UAC-0056 activity: There’s a Go Elephant in the room
• Globant suffers network breach due to LAPSUS$ compromise
• Update now! Apple patches two zero-day vulnerabilities that may have been actively exploited
• Hive ransomware impacts California non-profit health organisation
• MITRE ATT&CK® Evaluation results: Malwarebytes’ efficiency, delivered simply, earns high marks
• Phishers make a date with your calendar apps
• Tech support scam campaign targets Japanese visitors to PornHub
• URI spoofing flaw could phish WhatsApp, Signal, Instagram, and iMessage users
• Ukraine shuts down disinformation bot farm
• Update now! Google launches Chrome version 100 and fixes 28 vulnerabilities
• “A little gift for you” SMS spam appears to come from your own phone number
• Watch out for LinkedIn fakes who want to get connected
• New spear phishing campaign targets Russian dissidents
• Attacks on Ukraine communications are a major part of the war
• Looking over your shoulder: when small mistakes have big consequences
• Satellites are critical infrastructure and need to be cybersecured
• Telling stories securely, with Runa Sandvik: Lock and Code S03E07
• Update now! Google releases emergency patch for Chrome zero-day used in the wild
• Tech support fraud is still very much alive, says latest FBI report

Stay safe!

The post A week in security (March 28 – April 3) appeared first on Malwarebytes Labs.