A week in security (Oct 25 – Oct 31)

Last week on Malwarebytes Labs

• Beyond the VPN: Ultimate online privacy with the Tor Project’s Isabela Bagueros: Lock and Code S02E20
• Patch now to bypass Firefox add-ons that abuse the proxy API to deny updates
• How social media mistakes can impact cybersecurity
• Update now! Apple patches bugs in iOS and iPadOS
• Watch out for the Steam skin “free knife” scam
• What is fileless malware?
• Threat profile: Ranzy Locker ransomware
• Shrootless: Microsoft finds Apple macOS vulnerability
• Tips to protect your data, security, and privacy from a hands-on expert
• Update your OptinMonster WordPress plugin immediately
• The return of the Malwarebytes CrackMe

Other cybersecurity news

• Cream Finance skimmed by crooks: $130m in crypto assets stolen (Source: The Register)
• Google Chrome abused to deliver malware as “legit” Win10 app (Source: ThreatPost)
• TA525 criminal group using “Squid game” lures for Dridex Malware (Source: ZDNet)
• A malware prevention strategy to complement StopRansomware(dot)gov (Source: GCN)
• Snake malware biting hard on 50 apps for only $25 (Source: Bleeping Computer)
• Phishing emails use QR codes to bypass defences and steal Microsoft 365 usernames and passwords (Source: ZDNet)
• BBB warns about scams for holiday season (Source: SiLive)
• Russian hackers used home networks to evade detection (Source: Bloomberg)
• This AI predicts how old children are (Source: Wired)
• Europol detains hackers behind 2019 Norsk Hydro ransomware attack (Source: TechCrunch)

Stay safe, everyone!

The post A week in security (Oct 25 – Oct 31) appeared first on Malwarebytes Labs.