FTC bans SpyFone and its CEO from continuing to sell stalkerware
Nearly two years after the US Federal Trade Commission first took aim against mobile apps that can non-consensually track people’s...
News
Google Play sign-ins can be abused to track another person’s movements
Even people that have been involved in cybersecurity for over 20 years make mistakes. I’m not sure whether that is...
Macs turn on apps signed by Symantec, treat them as malware
On August 23, following an update to Apple’s XProtect system—one of the security features built into macOS—some Mac users began...
Kaspersky Lab has reported about Android viruses designed to steal money automatically
Viktor Chebyshev, a leading researcher of mobile threats at Kaspersky Lab, spoke in an interview with Russian newspaper Izvestia about...
Experts Find Vulnerabilities in AMD Zen Processor
German cybersecurity experts at TU Dresden discovered that Zen processor of AMD is susceptible to data-bothering meltdown like attacks in...
Do Not Use Single-Factor Authentication on Internet-Exposed Systems, CISA Warns
The US Cybersecurity and Infrastructure Security Agency (CISA) this week added single-factor authentication (SFA) to a very short list of...
Credential Phishing and Brute Force Attacks Continue to Surge
Financial and reputational aspects of organizations across the globe are taking a severe hit as they witness advanced email threats...
Driver’s License Exploitation Scams Surge
The Covid epidemic has provided a ripe opportunity for cybercriminals, who are taking advantage of internet information from outdated driver's...
SEC announces sanctions against entities over email account hacking
The U.S. Securities and Exchange Commission (SEC) announced sanctions against several organizations over email account hacking. The U.S. Securities and...
Watch out, ransomware attack risk increases on holidays and weekends, FBI and CISA
The FBI and CISA issued a joint cybersecurity advisory to warn organizations to remain vigilant against ransomware attacks during weekends...
LockBit ransomware operators leak 200GB of data belonging to Bangkok Airways
LockBit ransomware operators have breached Bangkok Airways, the airline confirmed it was the victim and discloses a data breach impacting...
LockFile Ransomware uses a new intermittent encryption technique
Recently emerged LockFile ransomware family LockFile leverages a novel technique called intermittent encryption to speed up encryption. LockFile ransomware gang...
Threat actors can remotely disable Fortress S03 Wi-Fi Home Security System
Rapid7 researchers discovered two flaws that can be exploited by attackers to remotely disable one of the home security systems...
ProxyToken: Another nail-biter from Microsoft Exchange
Had I known this season of Microsoft Exchange was going to be so long I’d have binge watched. Does anyone...
HPE: Sudo Flaw Grants Attackers Root Privileges to Aruba Platform
A vulnerability in Sudo, open-source software used within HP's Aruba AirWave management platform, can enable any unprivileged and unauthorized local...
Data From Fujitsu is Being Sold on the Dark Web
An organisation called Marketo is selling data from Fujitsu on the dark web, although the firm claims the information "appears...
Cybersecurity experts called the signs of smartphone hack
Fast discharge of the smartphone, the appearance of strange notifications or spam when the screen is locked, blocking antivirus programs...
T-Mobile CEO Apologizes for Hack of More Than 54 Million Users Data
Mike Sievert, CEO of T-Mobile, is in a spot of bother after a major data breach of the carrier’s servers....
Lockbit Ransomware Suspected Behind the Attacks on Envision Credit Union
Cyberattacks employing a type of ransomware that appeared nearly two years ago have increased in number lately. The ransomware known...
HPE wars customers of Sudo flaw in Aruba AirWave Management Platform
Hewlett Packard Enterprise (HPE) warns of a vulnerability in Sudo open-source program used in its Aruba AirWave management platform. Hewlett Packard...
Threat actors stole $19 million worth of crypto assets from Cream Finance
Crooks have stolen more than $19 million in cryptocurrency assets from Cream Finance, a decentralized finance (DeFi) platform. Threat actors...
Microsoft Exchange ProxyToken flaw can allow attackers to read your emails
ProxyToken is a serious vulnerability in Microsoft Exchange Server that could allow unauthentication attackers to access emails from a target...
A week in security (August 23 – August 29)
Last week on Malwarebytes Labs: Patch now! Microsoft Exchange is being attacked via ProxyShellRealtek-based routers, smart devices are being gobbled...
Phorpiex Malware has Shut Down their Botnet and Put its Source Code for Sale
The Phorpiex malware's creators have shut down their botnet and are selling the source code on a dark web cybercrime...
