A week in security (April 02 – April 08)

A week in security (February 10 – 16)

Last week on Malwarebytes Labs, we explained how to battle online coronavirus scams with facts, discussed the persistent re-infection techniques of Android/Trojan.xHelper and how to remove it, provided cyber tips for safe online dating, and showed how Hollywood teaches us misleading cybersecurity lessons.

We also released the 2020 State of Malware Report describing the threat landscape of the year in detail, including top threats for Mac, Windows, Android, and the web, as well as the state of data privacy in commerce and legislation.

Other cybersecurity news

  • Medical transportation vendor, GridWorks experienced a burglary that resulted in a laptop stolen, which contained the personal identifiable information (PII) of 654,362 members. (Source: Security Boulevard)
  • Four members of China’s military were charged on with hacking into Equifax and stealing trade secrets and the personal data of about 145 million Americans in 2017. (Source: The New York Times)
  • Critical vulnerabilities addressed in the Accusoft ImageGear library could be exploited by remote attackers to execute code on a victim machine. (Source: Security Week)
  • Dell has copped to a flaw in the pre-installed program SupportAssist that allows local hackers to load malicious files with admin privileges. (Source: TheRegister)
  • The owner of the Helix Bitcoin Mixer was charged with laundering over $310 million in Bitcoin cryptocurrency while operating the dark web mixer between 2014 and 2017. (Source: BleepingComputer)
  • Emotet has found a new attack vector: using already infected devices to identify new potential victims that are connected to nearby Wi-Fi networks. (Source: The Hacker News)
  • A digitally signed Gigabyte driver has been discovered to be in use by Ransom.RobbinHood to fully encrypt the files on a computer. (Source: Guru 3D)
  • Chief Information Security Officers (CISOs, or CSOs) across the industry are reporting high levels of stress resulting in an average tenure of only 26 months. (Source: ZDNet)
  • The Czech data protection authority announced an investigation into antivirus company Avast for harvesting the browsing history of over 100 million users. (Source: Vice.com)
  • Hackers are demanding nude photos to unlock files in a new ransomware scheme targeting women. (Source: FastCompany)

Stay safe, everyone!