FIFA 22 phishers tackle customer support with social engineering
Players of smash hit gaming title FIFA 22 have become the target of a wave of attacks focused on account...
News
New RedLine malware version distributed as fake Omicron stat counter
Experts warn of a new variant of the RedLine malware that is distributed via emails as fake COVID-19 Omicron stat...
Iran-linked APT35 group exploits Log4Shell flaw to deploy a new PowerShell backdoor
Iran-linked APT35 group has been observed leveraging the Log4Shell flaw to drop a new PowerShell backdoor. Iran-linked APT35 cyberespionege group (aka...
Ransomware targets Edge users
Unless you’ve been hiding under a rock for the last twenty years, you’ve probably heard the one about “keeping your...
Intimate photo hacker spared from jail, said he “liked the detective work”
Michael Grime, a British games programmer, has escaped jail after using stolen credentials to access several women’s personal email accounts...
Adobe fixes 4 critical Reader bugs that were demonstrated at Tianfu Cup
Adobe released security updates to address multiple vulnerabilities affecting several products, including Acrobat and Reader. Adobe patches for January address...
LoRaWAN’s Protocol Stacks: The Forgotten Targets at Risk
This report is the fourth part of our LoRaWAN security series, and highlights an attack vector that, so far, has...
Microsoft Patch Tuesday fixes critical Office RCE
Microsoft Patch Tuesday security updates fix a critical Office flaw that can allow remote attackers to execute malicious code on...
Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers
Another gang, Night Sky ransomware operation, started exploiting the Log4Shell vulnerability in the Log4j library to gain access to VMware...
The Facebook Pixel Hunt aims to unravel Facebook’s tracking methods. Will you join?
Browser developer Mozilla has announced a research project to provide insights into, and data about, a space that’s opaque to...
How to share your Wi-Fi password safely
You may not have as many people visiting your home due to the pandemic, but restrictions are a hit-and-miss affair....
Night Sky: the new corporate ransomware demanding a sky high ransom
There’s a new ransomware in town—isn’t there always?—and it’s, unsurprisingly, after corporation-sized businesses. It’s called Night Sky, and it was...
Attackers are mailing USB sticks to drop ransomware on victims’ computers
Physical objects as security threats are in the news at the moment. The oft-touched upon tale of rogue USB sticks...
AvosLocker ransomware now targets Linux systems, including ESXi servers
AvosLocker is the latest ransomware that implemented the capability to encrypt Linux systems including VMware ESXi servers. AvosLocker expands its...
WordPress 5.8.3 Security Release fixes four vulnerabilities
WordPress maintainers have released WordPress 5.8.3 that addresses four vulnerabilities and recommend admins to update their sites immediately The WordPress...
Uncovering and Defending Systems Against Attacks With Layers of Remote Control
The Trend Micro™ Managed XDR team addressed a stealthy multilayered attack that progressed from an exploited endpoint vulnerability to the...
US-CERT Bulletin (SB22-010):Vulnerability Summary for the Week of January 3, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Several EA Sports FIFA 22 players have been hacked
Several EA Sports FIFA 22 players claim to have been hacked, they say to have lost access to their personal...
Abcbot and Xanthe botnets have the same origin, experts discovered
Experts linked the C2 infrastructure behind an the Abcbot botnet to a cryptocurrency-mining botnet attack that was uncovered in December...
Indian-linked Patchwork APT infected its own system revealing its ops
The India-linked threat actor Patchwork infected one of their own computers with its RAT revealing its operations to researchers. An...
A week in security (January 3 – 9)
Last week on Malwarebytes Labs: Ransomware attacks Finalsite, renders 8,000 school sites unreachable for daysPatchwork APT caught in its own...
New ZLoader malware campaign hit more than 2000 victims across 111 countries
A malware campaign spreads ZLoader malware by exploiting a Windows vulnerability that was fixed in 2013 but in 2014 Microsoft...
Cyber Defense Magazine – January 2022 has arrived. Enjoy it!
Cyber Defense Magazine January 2022 Edition has arrived. We hope you enjoy this month’s edition…packed with 155 pages of excellent...
US NCSC and DoS share best practices against surveillance tools
The US NCSC and the Department of State published joint guidance on defending against attacks using commercial surveillance tools. The US...
