A week in security (Sept 20 – Sept 26)
Last week on Malwarebytes Labs Freedom Hosting operator gets 27 years for hosting dark web abuse sitesMicrosoft makes a bold...
News
Cryptoscams Cost Australians About AU$6.6 Million Every Month
From the beginning of the year to the end of August, losses due to cryptocurrency investment scams accounted for over...
Malicious software reportedly generates 39% of all internet traffic
According to experts, the share of malicious bots has been growing for a long time, but the pandemic has accelerated...
Bogus Backup Message from WhatsApp Delivers Malware to Spanish Users
Authorities in Spain have issued a warning about a phishing campaign that impersonates WhatsApp to deceive consumers into installing a...
Newly Discovered ZE Loader Targets Online Banking Users
IBM Security researchers have discovered a new form of overlay malware targeting online banking users. Dubbed ZE Loader, is a...
BloodyStealer and gaming assets for sale
Earlier this year, we covered the threats related to gaming, and looked at the changes from 2020 and the first...
Jupyter infostealer continues to evolve and is distributed via MSI installers
Cybersecurity researchers spotted a new version of the Jupyter infostealer which is distributed via MSI installers. Cybersecurity researchers from Morphisec...
Telegram is becoming the paradise of cyber criminals
Telegram is becoming an essential platform for cybercriminal activities, crooks use it but and sell any kind of stolen data...
German Federal Office for Information Security (BSI) investigates Chinese mobile phones
German Federal Office for Information Security is launching an investigation into the cybersecurity of certain Chinese mobile phones. German Federal...
US-CERT Bulletin (SB21-270):Vulnerability Summary for the Week of September 20, 2021
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Teaching cybersecurity skills to special needs children with Alana Robinson: Lock and Code S02E18
School is fully back in session for kids all across the world, and for many students, that means logging back...
Malwarebytes research shows an unequal, unsafe Internet
If the Internet was as safe and as private as it is essential for everyday life—increasingly required for job applications,...
The August cyber attacks targeted a dozen Russian banks
Up to 15 Russian financial organizations were subjected to a large-scale cyberattack in August and September of this year.The first...
Exchange/Outlook Autodiscover Bug Exposed $100K Email Passwords
Guardicore Security Researcher, Amit Serper identified a critical vulnerability in Microsoft's autodiscover- the protocol, which permits for the automatic setup...
SonicWall Patches Critical Flaw in SMA 100 Products
SonicWall has released a security advisory to warn users regarding a critical flaw impacting some of its Secure Mobile Access...
Hackers Discover Technique to Make Malware Undetectable on Windows
Investigators within the cybersecurity industry have revealed a unique approach used by a threat actor to purposefully avoid detection using...
Drinik Malware is Fooling Users to Give in their Mobile Banking Details
There's a new malware, and it's wreaking havoc on Android users. Drinik is a malware that steals vital data and...
Port of Houston was hit by an alleged state-sponsored attack
Last month, the Port of Houston, one of the major US ports, was hit by a cyber attack allegedly orchestrated...
JSC GREC Makeyev and other Russian entities under attack
A cyberespionage campaign hit multiple Russian organizations, including JSC GREC Makeyev, a major defense contractor, exploiting a recently disclosed zero-day....
Security Affairs newsletter Round 333
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
Google TAG spotted actors using new code signing tricks to evade detection
Researchers from Google’s TAG team reported that financially motivated actors are using new code signing tricks to evade detection. Researchers...
GSS, one of the major European call center providers, suffered a ransomware attack
The customer care and call center provider GSS has suffered a ransomware attack that crippled its systems and impacted its...
Malware Creators Use Malformed Certificates To Trick Windows Validation
Google researchers have identified malware developers generating malformed code signatures that appear to be valid in Windows to bypass security...
African Bank Alerts of Data Breach With Personal Details Compromised
South African retail bank African Bank has confirmed that one of its debt recovery partners, Debt-IN, was targeted by a...
