A week in security (January 24 – 30)

Last week on Malwarebytes Labs:

• QNAP update stops Deadbolt ransomware, annoys some users, starts debate
• Big Mother is watching: What parents REALLY think about tracking their kids
• Update now! Apple patches another actively used zero-day
• Let’s Encrypt to revoke “mis-issued” certificates
• North Korea’s Lazarus APT leverages Windows Update client, GitHub in latest campaign
• Ransomware gangs are recruiting breached individuals to persuade companies to pay up
• Apple fixes Mac bug that could have allowed takeover of webcams and browser tabs
• New DazzleSpy malware attacks macOS
• KONNI evolves into stealthier RAT
• Senate Committee passes new antitrust bill aimed at Big Tech companies
• Google sued over deceptive location
• Windows Update has changed over the years. Here are 25 group policies to avoid
• Microsoft warns of phishy OAuth apps
• Cyberinsurance companies don’t want to pay out for “acts of war”
• Dark Souls servers taken offline over hacking fears
• Discord scammers go CryptoBatz phishing
• Warning issued over tampered QR codes
• Microsoft is now disabling Excel 4.0 macros by default
• Segway store compromised with Magecart skimmer
• Data Privacy Day: Know your rights, and the right tools to stay private

Stay safe!

The post A week in security (January 24 – 30) appeared first on Malwarebytes Labs.