A week in security (July 26 – August 1)

Last week on Malwarebytes Labs:

  • OSX.XLoader hides little except its main purpose: What we learned in the installation process.
  • The Clubhouse database “breach” is likely a non-breach. Here’s why.
  • Kaseya Unitrends has unpatched vulnerabilities that could help attackers expand a breach.
  • UDP Technology IP Camera firmware vulnerabilities allow for attacker to achieve root.
  • The Olympics: a timeline of scams, hacks, and malware.
  • BlackMatter, a new ransomware group, claims link to DarkSide, REvil.
  • Crimea “manifesto” deploys VBA Rat using double attack vectors.
  • Microsoft provides more mitigation instructions for the PetitPotam attack.
  • Spear-phishing now targets employees outside the finance and executive teams, report says.
  • LemonDuck no longer settles for breadcrumbs.

Other cybersecurity news:

  • QR codes are here to stay. So is the tracking they allow. (Source: The New York Times)
  • NSA issues guidance on securing wireless devices in public settings. (Source: nsa.gov)
  • The greatest danger to national security has become the companies that claim to protect it. (Source: Edward Snowden)
  • The Northern Ireland COVID Certification Service was temporarily interrupted due to privacy issue. (Source: UK Department of Health)
  • BazaCall campaigns use phony call centers meaning to trick users into exfiltration and ransomware. (Source: Microsoft Security blog)
  • Solarmarker malware campaign actors are focusing their energy on credential and residual information theft. (Source: ZDNet)
  • We can’t believe people use browsers to manage their passwords, says maker of password management tools. (Source: The Register)
  • Polish police officers have arrested Belarusian nationals over ATM black-box attacks. (Source: The Record)
  • The FBI has revealed the top targeted vulnerabilities of the last two years. (Source: Bleeping Computer)
  • Officials from Israeli government agencies have raided the offices of Pegasus software vendor NSO Group, (Source: The Record)

Stay safe, everyone!

The post A week in security (July 26 – August 1) appeared first on Malwarebytes Labs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source