A week in security (April 02 – April 08)

A week in security (January 13 – 19)

Last week on Malwarebytes Labs, we taught you how to prevent a rootkit attack, explained what data enrichment means, informed you about new rules on deepfakes in the US, and demonstrated how backdoors in elastic servers expose private data.

Other cybersecurity news

  • An online group of cybersecurity analysts calling themselves Intrusion Truth have revealed information about their fourth Chinese state-sponsored hacking operation. (Source: ZDNet)
  • Travelex warned customers of a phone scam threat in wake of their ransomware attack. (Source: Graham Cluley)
  • The federal government is preparing for another fight with Apple in an ongoing battle for access to encrypted iPhones. (Source: Vox recode)
  • Proof-of-concept exploit code has been published for critical flaws impacting the Cisco Data Center Network Manager (DCNM) tool for managing network platforms and switches. (Source: ThreatPost)
  • The Dutch National Cybersecurity Centre (NCSC) says that companies should consider turning off Citrix ADC and Gateway servers if the impact is acceptable. (Source: BleepingComputer)
  • Hackers stole personal information from 100,000 West Australians in a cyberattack on P&N Bank. (The West Australian)
  • In an important Patch Tuesday release, Microsoft fixed critical bugs in CryptoAPI, RD Gateway, and .NET. (Source: Naked Security)
  • The latest update to Google’s Smart Lock app on iOS means you can now use your iPhone as a physical 2FA security key for logging into Google’s first-party services in Chrome. (Source: The Verge)
  • The domain name weleakinfo.com has been seized by the FBI. The website sold information claiming to have more than 12 billion records gathered from over 10,000 breaches. (Source: DarkReading)
  • Pretending to be the Permanent Mission of Norway, Emotet operators performed a targeted phishing attack against users associated with the United Nations. (Source: BleepingComputer)

Stay safe, everyone!