week in security

A week in security (April 12 – 18)

Last week on Malwarebytes Labs, our podcast featured Troy Hunt, Chloé Messdaghi, and Tanya Janca who discussed security fatigue with us.

We announced the release of the Malwarebytes SMB Cybersecurity Trust & Confidence Report 2021,  a first-of-its-kind survey of the hardworking IT professionals on the front lines of the fight against cyberthreats.

We wrote about how Bitcoin payments were used to unmask a man who hired a Dark Web contract killer; how some ransomware gangs are connected, sharing resources and tactics; about a visa scam affecting Nigerian citizens looking to move to the United States; about NAME:WRECK a set of vulnerabilities found in the way a number of popular TCP/IP stacks handle DNS requests; how ransomware disrupted a food supply chain in the Netherlands; how Chrome needed patching against two in-the-wild exploits; how a controversial FBI intervention to shut down malware on hundreds of Exchange servers caused heated discussions; how researchers noted a huge upsurge in DDoS attacks during the pandemic; how Chrome users can opt out of the Google FLoC trial; how deepfakes were going to change everything and then didn’t; About the NSA, CISA, and FBI warning of Russian intelligence exploiting 5 vulnerabilities; and how shady scam bots trick Omegle users into nonconsensual video sex recordings.

Other cybersecurity news:

  • An update to the Covid-19 NHS track and trace mobile app was blocked over privacy and security concerns. (Source: TechRadar)
  • Cryptocurrency rewards platform Celsius Network disclosed a security breach exposing customer information that led to a phishing attack. (Source: BleepingComputer)
  • Threat analysts have been tracking activity where contact forms published on websites are abused to deliver malicious links to IcedID malware. (Source: Microsoft Security Blog)
  • The EU published the SOCTA 2021 report providing a detailed analysis of the threat of serious and organised crime facing the EU. (Source: Europol)
  • New information was revealed about how the FBI managed to get into the San Bernardino shooter’s iPhone. (Source: The Verge)
  • The use of facial recognition for surveillance, or algorithms that manipulate human behaviour, is set to be banned under proposed EU regulations on artificial intelligence. (Source: BBC)

Stay safe, everyone!