A week in security (April 02 – April 08)

A week in security (November 5 – 11)

Last week on Malwarebytes Labs, we looked at browser lockers that fly under the radar with complete obfuscationtransport and logistics in our series about compromising vital infrastructure, Google logins now requiring JavaScript, how to create a sticky cybersecurity training program, and an introduction for Process Hacker.

Other cybersecurity news

  • Dutch police have achieved a breakthrough in intercepting encrypted messages between criminals. (Source: TellerReport)
  • If terrorists launch a major cyberattack, we won’t see it coming. (Source: The Atlantic)
  • Why are fake Elon Musk bitcoin scams running rife on Twitter right now? (Source: ZDNet)
  • VirtualBox Guest-to-Host escapes zero-day and exploit released online. (Source: Help Net Security)
  • Microsoft releases info on protecting BitLocker from DMA attacks. (Source: Bleeping Computer)
  • Further protections from harmful ad experiences on the web. (Source: Chromium blog)
  • Android users now face forced app updates, thanks to Google’s new dev tools. (Source: ZDNet)
  • Active exploitation of newly patched ColdFusion vulnerability (CVE-2018-15961). (Source: Volexity Threat Research)
  • Spammers hack 100,000 home routers via UPnP vulns to craft email-flinging botnet. (Source: The Register)
  • Google: newer Android versions are less affected by malware. (Source: Security Shelf)

Stay safe, everyone!