A week in security (April 02 – April 08)

A week in security (June 10 – 16)

Last week on Malwarebytes Labs, we revealed to readers the mindset of security pros as to why they lack confidence in their ability to prevent their organizations getting breached. We also reported on Maine Governor Janet Mills implementing the state’s own privacy protections, how Apple can better protect its users’ privacy, the continuous trending of the MegaCortex ransomware, how cyberbullies and trolls use Twitter Lists to home in on their targets, and the newest trend of adware and PUPs abusing push notifications to compromise user systems.

Other cybersecurity news

  • Treading the MuddyWater: This Iranian APT resurfaced with new tools and tactics under its belt, revealed latest analysis report. (Source: TrendLabs Security Intelligence Blog)
  • A new sextortion scam involves fraudsters posing as rogue CIA agents and telling their marks that they are being probed for online pedophilia—but are willing to settle the matter for $10,000 worth of Bitcoins. (Source: The Register)
  • A Customs and Border Protection (CBP) subcontractor was compromised, and now the threat actor has thousands of images of US travelers and license plates. (Source: WIRED)
  • VLC users, rejoice! Your favorite media player patched a lot of bugs recently, including two that were marked as high severity. Update now if you haven’t already. (Source: Threatpost)
  • Taking advantage of the popularity of Google’s Gmail and Calendar apps, threat actors were found targeting users via malformed and unwanted Google Calendar notifications. (Source: Forbes)
  • Here’s a chilling discovery: Threat actors steal your personal and medical data, so they can impersonate your doctor. (Source: The Next Web)
  • A new report revealed that cryptocurrency miners are distributed using advanced targeted attack toolkits, such as those used by the Equation Group, and planted onto company computers. (Source: TrendLabs Security Intelligence Blog)
  • Fishwrap, a new disinformation campaign on Twitter that uses modified old news and repackages them as new, sought to sow discord amongst users. A nation-state is likely behind it, says researchers. (Source: Cyberscoop)
  • Google: We’re not killing ad blockers. Ad blockers: OH, YES YOU ARE. (Source: WIRED)
  • Surveillance cameras could be weaponized with the use of artificial intelligence (AI), according to a report from the American Civil Liberties Union (ACLU). (Source: The New York Times)

Stay safe, everyone!