A week in security (April 19 – 25)

Click the icon to Follow me:- twitterTelegramRedditDiscord

Last week on Malwarebytes Labs, we interviewed Youssef Sammouda, a 21-year-old bug bounty hunter who is focused on finding vulnerabilities on Facebook.

We looked into the CodeCov supply-chain attack, the vulnerabilities in Pulse Secure VPN that are being actively exploited by attackers, and the discovery of SUPERNOVA malware found on a SolarWinds Orion server.

We also featured technology, particularly facial recognition, used by the FBI to identify one of the Capitol rioters several months after it happened; we covered news about a FIN7 sysadmin being indicted for 10 years for “billions in damage”; and the calling out of EU’s proposed ban on the use of artificial intelligence, because it doesn’t deal with its potential for high abuse. Lastly, we have provided a comprehensive guide on how to pick the best VPN for you, whether you stream, play video games, or torrent.

Other cybersecurity news

  • Costco issued a warning about scams targeting all its customers. (Source: InfoSecurity Magazine)
  • Sophisticated Palestine-based hackers were found targeting iOS users to get them to install malware. (Source: Wired)
  • A researcher demonstrated a Facebook bug that could reveal user email addresses even when set to private (Source: Wired)
  • The Huawei app store was abused to house malicious apps, including the Joker malware (Source: BankInfoSecurity)
  • VPN vulnerabilities are being heavily targeted by threat actors, according to a new report (Source: Dark Reading)
  • Apple’s AirDrop can expose user phone numbers and email addresses (Source: The Record by Recorded Future)
  • Since the first lockdown measures were introduced, the use of stalkerware and spyware apps has almost doubled (Source: PR Newswire)

Stay safe!

The post A week in security (April 19 – 25) appeared first on Malwarebytes Labs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.


Original Source
Available for Amazon Prime