A week in security (March 29 – April 4)

Last week on Malwarebytes Labs, our podcast featured Malwarebytes senior security researcher JP Taggart, who talked to us about why you need to trust your VPN.

You’ve likely heard the benefits of using a VPN: You can watch TV shows restricted to certain countries, you can encrypt your web traffic on public WiFi networks, and, importantly, you can obscure your Internet activity from your Internet Service Provider, which may use that activity for advertising.

But obscuring your Internet activity—including the websites you visit, the searches you make, the files you download—doesn’t mean that a VPN magically disappears those things. It just means that the VPN itself gets to see that information instead.

On Malwarebytes Labs, we also wrote about six social media safety sins to say goodbye to, and we advised Steam users not to fall for the “I accidentally reported” scam that is making rounds right now. We also covered how a 5G slicing vulnerability could be used in DoS attacks, the one reason your iPhone needs a VPN, what you need to know about malicious commits found in PHP code repository, the latest ransomware attacking schools, called PYSA, and we tried to report on the npm netmask vulnerability in a way that anyone can actually understand it.

Finally, we looked at the latest Android “System Update” malware that steals photos, videos, GPS location, and we thought it was time to cool down some fervor and say that, you know what, Internet password books are OK.

Other Cybersecurity news:

• Fraud team response: More organizations look to grow their fraud teams (Source: Help Net Security)
• A fine old time: Dutch watchdog fines Booking.com after customer data theft fallout (Source: The Register)
• Gaming the system: Game cheat mod malware demonstrates risk of unlicensed software (Source: SC Mag)
• 365 ways to phish town: Credential attacks on the rise with Office 365 as top target (Source: Bdaily)
• Bad ads on the prowl: Bogus investment ads cause misery (Source: This is Money)
• Old data dump comes around again: Half a billion Facebook users’ information posted to hacking website (Source: CBS58)
• Older Americans under fire: Top scams targeting older Americans in 2021 (Source: AARP)
• Heartbreak: Tech makes romance scams easier than ever (Source: Dispatch)
• Tracing your steps: A long way to go where tracking protection is concerned (Source: Spread Privacy / DuckDuckGo)
• A digital throw-down: How Russian hackers targeted US cyber first responders in SolarWinds breach (Source: CNN)

Stay safe!

The post A week in security (March 29 – April 4) appeared first on Malwarebytes Labs.