InfoSec News & Investigations

A week in security (January 20 – 26)

Last week on Malwarebytes Labs, we reported on a Ryuk ransomware attack on The Tampa Bay Times, a newspaper in Florida; unmasked an elaborate browser locking scheme behind the more advanced tech support operations that are currently active; and looked at the latest laws on regulating deepfakes.

Other cybersecurity news

  • Cisco’s Talos Intelligence Group discovered a new data stealer and called it JhoneRAT. This latest remote access Trojan (RAT) was designed and created to target Arabic-speaking nations. (Source: TechDator)
  • Fake videos purportedly taken by Nest cameras are used to perform sextortion campaigns against their users. (Source: Bleeping Computer)
  • The Philippine Airlines (PAL) warned locals of a phishing site using a bogus Facebook ad and claiming that participants could win free tickets in exchange for answering questions. (Source: ABS-CBN News)
  • The Better Business Bureau (BBB) alerted readers of a tech support scam using the “Expiring License” lure to get the attention and trick Windows users into giving out their banking details. (Source: Better Business Bureau News)
  • 70,000 photos of users of the dating app, Tinder, were found on the public web for free. Along the photos were data of 16,000 Tinder user IDs. (Source: Sophos’s Naked Security Blog)
  • Point-of-sale (PoS) software company, THSuite, was found to be breached after sensitive data of cannabis users were leaked because of an insecure Amazon S3 bucket. (Source: Newsweek)
  • Google security engineers found that Apple’s privacy protections on Safari actually put user data at risk. (Source: CNET)
  • Hiring scams or fake job listings target job seekers’ personally identifiable information, warns the FBI. (Source: FBI PSA)
  • In contrast to what is generally advised, new survey found that victims continue to pay ransomware threat actors to prevent business disruption. (Source: DarkReading)
  • PupyRAT, a Trojan believed to be linked to state-backed threat actors working out of Iran, was found targeting the European energy sector since late 2019. (Source: ZDNet)

Stay safe, everyone!

The post A week in security (January 20 – 26) appeared first on Malwarebytes Labs.

Original Source