A week in security (Sept 6 – Sept 12)

Last week on Malwarebytes Labs

• Apple delays plans to search devices for child abuse imagery.
• ProtonMail hands user’s IP address and device info to police, showing the limits of private email.
• Patch now! Netgear fixes serious smart switch vulnerabilities.
• Tor vs VPN—What is the difference?
• Windows MSHTML zero-day actively exploited, mitigations required.
• Sextortion on the rise, warns FBI.
• 500,000 Fortinet VPN credentials exposed: Turn off, patch, reset passwords.
• Gamers beware: The risks of Real Money Trading (RMT) explained.
• Facebook puts on Ray-Bans, struts into the privacy minefield of smart glasses.
• That’s the way the cookie banner crumbles?

Other cybersecurity news

• The capricious relationship between technology and democracy, an analysys of public policy discussions in the UK and US. (Source: Wiley Online Library)
• How can we use technology to weed out online disinformation? (Source: TheStar)
• Germany wants smartphones to get seven years of updates. (Source: Fossbytes)
• Ragnar Locker gang warns victims not to call the FBI. (Source: ThreatPost)
• Apple pays hackers six figures to find bugs in its software and then it sits on their findings. (Source: Washington Post)
• The OpenSSL Software Foundation released a completely refreshed version of its software. (Source: DarkReading)
• Google published the Android Security Bulletin for September 2021 with patches for a total of 40 vulnerabilities, including seven that are rated critical. (Source: SecurityWeek)
• CISA Warns of actively exploited Zoho ManageEngine ADSelfService vulnerability. (Source: The Hacker News)
• Microsoft has fixed a vulnerability in Azure Container Instances called Azurescape. (Source: Bleeping Computer)
• LAPD documents reveal use of social media monitoring tools. (Source: Brennan Center)

Stay safe, everyone!

The post A week in security (Sept 6 – Sept 12) appeared first on Malwarebytes Labs.