A week in security (March 14 – 20)

Last week on Malwarebytes Labs:

• Beware of this bogus (and phishy) “Instagram Support” email
• Meet Exotic Lily, access broker for ransomware and other malware peddlers
• Double header: IsaacWiper and CaddyWiper
• How to protect RDP
• Online Safety Bill’s provisions for “legal but harmful” content described as “censor’s charter”
• Deepfake Zelenskyy video surfaces on compromised websites
• Gh0stCringe RAT makes database servers squeal for protection
• Clouding the issue: what cloud threats lie in wait in 2022?
• FBI catches up with one of its Most Wanted, arrests head of advance-fee crime network
• “Threatening and coercive” cold-callers who targeted the elderly hit with big fines
• CafePress faces $500,000 fine for data breach cover up
• Valorant cheats on YouTube are actually information-stealing malware
• Fake Royal Mail chatbot offers up…a new iPhone?
• Escobar is the new Android banking Trojan we’ve met before
• DDoS barrage against Israel described as the “largest ever” cyberattack its faced
• Update now! Apple fixes several serious vulnerabilities in iOS and macOS
• Stolen Nvidia certificates used to sign malware—here’s what to do
• De-Googling Carey Parker’s (and your) life: Lock and Code S03E06
• CISA list of 95 new known exploited vulnerabilities raises questions

Stay safe!

The post A week in security (March 14 – 20) appeared first on Malwarebytes Labs.