Last week on Malwarebytes Labs, the spotlight fell on the State of Malware 2021 report, wherein we have seen cyberthreats evolve.
We also touched on ransomware, such as Egregor and a tactic known as Remote Desktop Protocol (RDP) brute forcing that has long been part of the ransomware operators’ toolkit; insider threats, such as what Yandex recently experienced with one of its own sysadmins; romance scams; and put social media under scrutiny—looking at you, Clubhouse and Omegle; some wins for the good guys; and course, Cyberpunk 2077.
Other cybersecurity news
- Following the water supply hack in a Florida city, the US government warned critical infrastructure operators to upgrade their Windows 7 operating systems. (Source: Security Week)
- Baby monitor vulnerabilities are in the spotlight once again after the cybersecurity team at SafetyDetectives, an independent review site, unearthed a flaw that allows miscreants to take over a camera’s video stream. (Source: SafetyDetectives)
- Phishers used “financial bonus” as lure to deliver the Bazar Trojan. (Source: ZDNet)
- Speaking of phishing scams, they’re also promising free COVID vaccines. Again. (Source: Infosecurity Magazine)
- Intelligence officials from South Korea claimed that North Korea is behind the COVID vaccine cyberattack against Pfizer. (Source: Computer Weekly)
- A flaw in Agora, a voice and video platform, was discovered that could allow attackers to spy on private calls. (Source: CyberScoop)
- Palo Alto’s Unit42 uncovered a cryptojacking campaign that has been in operation for the last couple of years. (Source: Palo Alto Networks)
- ScamClub, a malvertising group, was discovered using an iPhone browser bug to push ads. (Source: Confiant)
- With the introduction of Apple’s M1 computer processors, new malware made for them is starting to emerge. (Source: Motherboard)
Stay safe, everyone!
The post A week in security (February 15 – February 21) appeared first on Malwarebytes Labs.