A week in security (April 02 – April 08)

A week in security (November 18 – 24)

Last week on Malwarebytes Labs, we looked at stalkerware’s legal enforcement problem, announced our cooperation with other security vendors and advocacy groups to launch Coalition Against Stalkerware, published our fall 2019 review of exploit kits, looked at how Deepfake on LinkedIn makes for malign interference campaigns, rounded up our knowledge about the Disney+ security and service issues, explained juice jacking, analyzed how a web skimmer phishes credit card data via a rogue payment service platform, and lastly, we looked at upcoming IoT bills and guidelines.

Other cybersecurity news

  • Cybercriminals hitting US city and state governments with ransomware has become increasingly popular in recent times. Again, Louisiana has been targeted. (Source: TechSpot)
  • National Veterinary Associates was hit by a ransomware attack late last month that affected more than half of those properties. (Source: KrebsOnSecuirty)
  • After a deadline was missed for receiving a ransom payment, the group behind Maze Ransomware has published data and files stolen from security staffing firm Allied Universal. (Source: BleepingComputer)
  • A WhatsApp flaw that could let hackers steal users’ chat messages, pictures and private information by letting users download a video file containing malicious code. (Source: The DailyMail UK)
  • A malicious campaign is active that spoofs an urgent update email from Microsoft to infect user’s systems with the Cyborg ransomware. (Source: TechRadar)
  • Microsoft has invested $1 billion in the Elon Musk-founded artificial intelligence venture that plans to mimic the human brain using computers. (Source: Independent UK)
  • Unique data leak contains personal and social information of 1.2 billion people that appear to originate from 2 different data enrichment companies. (Source: DataViper)
  • The US branch of the telecommunications giant T-Mobile disclosed a security breach that, according to the company, impacted a small number of customers of its prepaid service. (Source: SecurityAffairs)
  • A hacker has published more than 2TB of data from the Cayman National Bank. This includes more than 640,000 emails and the data of more than 1400 customers. (Source: HeadLeaks)
  • A ransomware outbreak has besieged a Wisconsin based IT company that provides cloud data hosting, security and access management to more than 100 nursing homes across the United States. (Source: KrebsOnSecuirty)

Stay safe, everyone!