Last week on Malwarebytes Labs
- Multiple vulnerabilities in popular WordPress plugin WP Fastest Cache.
- “Killware”: Is it just as bad as it sounds?
- REvil ransomware disappears after Tor services hijacked.
- Protect yourself from BlackMatter ransomware: Advice issued.
- q-logger skimmer keeps Magecart attacks going.
- How to delete your Snapchat account.
- High school student rickrolls entire school district, and gets praised.
- Chrome targeted by Magnitude exploit kit.
- Update now! Chrome fixes more security issues.
- A bug is about to confuse a lot of computers by turning back time 20 years.
- We dig into the Game Players Code.
- Ransomware: Why do backups fail when you need them most?
Other cybersecurity news
- Sinclair Broadcast Group says it suffered a ransomware attack and has had data stolen. (Source: NPR)
- After games boom in pandemic, gangs are using phishing and malware to cheat fans. (Source: The Guardian)
- A vulnerability in the trial version of WinRAR has significant consequences for the management of third-party software. (Source: PT Security)
- Slack contains an XSLeak vulnerability that de-anonymizes users. (Source: The Daily Swig)
- Gummy Browsers, a new fingerprint capturing and browser spoofing attack lets attackers spoof tracking profiles. (Source : Bleeping Computer)
- Elaborate CryptoEats food delivery scam steals $500,000 in minutes. (Source: Vice)
- Phishing campaign targets YouTube creators with cookie theft malware. (Source: Google Threat Analysis Group)
- Dutch forensic lab decrypts Tesla’s driving safety data and finds a wealth of information. (Source: The Record)
- Australia announces critical infrastructure reforms to protect the essential infrastructure in the event of a major cyber-attack. (Source: homeaffairs.gov.au)
- Popular NPM library hijacked to install password-stealers and miners. (Source: BleepingComputer)
Stay safe, everyone!