A week in security (April 02 – April 08)

A week in security (September 16 -22)

Last week on Labs, we sounded the alarm about the relaunch of Emotet, one of the year’s most dangerous forms of malware, with a new spam campaign. We also reported on how international students in UK are targeted by visa scammers, what CEOs think about a potential US data privacy law, and introduced Malwarebytes Browser Guard. Finally, we looked at the role of data destruction in cybersecurity.

Other cybersecurity news

  • A streak of hacked celebrity Instagram accounts continues as a group of cybercriminals target them to promote scam sites to their huge number of followers. (Source: BleepingComputer)
  • YouTube’s new verification system attempted to ensure that large channels were safe from impersonation but had the unintended consequence of removing other popular channels. (Source: TechSpot)
  • Ecuador has begun an investigation into a sprawling data breach in which the personal data of up to 20 million people was made available online. (Source: The New York Times)
  • Google has released an urgent software update for its Chrome web browser and is urging Windows, Mac, and Linux users to upgrade the application to the latest available version immediately. (Source: The Hacker News)
  • Researchers have uncovered two variants of information-stealing Mac malware that impersonate a legitimate stock and cryptocurrency trading application. (Source: SCMagazine)
  • A Bulgarian phishing criminal who created fake versions of legitimate companies’ websites as part of a £40m fraud has been jailed. (Source: The Register)
  • Nearly 50 school districts and colleges have been hit by ransomware in 2019 so far, and more than 500 individual K–12 schools have potentially been compromised. (Source: Dark Reading)
  • Modern TV has a modern problem: all of your Internet-connected streaming devices are watching you back and feeding your data to advertisers. (Source: ArsTechnica)
  • US authorities have indicted two suspects for hacking cryptocurrency exchange EtherDelta in December 2017, changing the site’s DNS settings, and redirecting traffic to a clone. (Source: ZDNet)
  • How data breaches forced Amazon to update S3 bucket security. (Source: HelpNet Security)

Stay safe!