Last week on Malwarebytes Labs:
- OSX.XLoader hides little except its main purpose: What we learned in the installation process.
- The Clubhouse database “breach” is likely a non-breach. Here’s why.
- Kaseya Unitrends has unpatched vulnerabilities that could help attackers expand a breach.
- UDP Technology IP Camera firmware vulnerabilities allow for attacker to achieve root.
- The Olympics: a timeline of scams, hacks, and malware.
- BlackMatter, a new ransomware group, claims link to DarkSide, REvil.
- Crimea “manifesto” deploys VBA Rat using double attack vectors.
- Microsoft provides more mitigation instructions for the PetitPotam attack.
- Spear-phishing now targets employees outside the finance and executive teams, report says.
- LemonDuck no longer settles for breadcrumbs.
Other cybersecurity news:
- QR codes are here to stay. So is the tracking they allow. (Source: The New York Times)
- NSA issues guidance on securing wireless devices in public settings. (Source: nsa.gov)
- The greatest danger to national security has become the companies that claim to protect it. (Source: Edward Snowden)
- The Northern Ireland COVID Certification Service was temporarily interrupted due to privacy issue. (Source: UK Department of Health)
- BazaCall campaigns use phony call centers meaning to trick users into exfiltration and ransomware. (Source: Microsoft Security blog)
- Solarmarker malware campaign actors are focusing their energy on credential and residual information theft. (Source: ZDNet)
- We can’t believe people use browsers to manage their passwords, says maker of password management tools. (Source: The Register)
- Polish police officers have arrested Belarusian nationals over ATM black-box attacks. (Source: The Record)
- The FBI has revealed the top targeted vulnerabilities of the last two years. (Source: Bleeping Computer)
- Officials from Israeli government agencies have raided the offices of Pegasus software vendor NSO Group, (Source: The Record)
Stay safe, everyone!