Last week on Malwarebytes Labs, we taught you how to prevent a rootkit attack, explained what data enrichment means, informed you about new rules on deepfakes in the US, and demonstrated how backdoors in elastic servers expose private data.
Other cybersecurity news
- An online group of cybersecurity analysts calling themselves Intrusion Truth have revealed information about their fourth Chinese state-sponsored hacking operation. (Source: ZDNet)
- Travelex warned customers of a phone scam threat in wake of their ransomware attack. (Source: Graham Cluley)
- The federal government is preparing for another fight with Apple in an ongoing battle for access to encrypted iPhones. (Source: Vox recode)
- Proof-of-concept exploit code has been published for critical flaws impacting the Cisco Data Center Network Manager (DCNM) tool for managing network platforms and switches. (Source: ThreatPost)
- The Dutch National Cybersecurity Centre (NCSC) says that companies should consider turning off Citrix ADC and Gateway servers if the impact is acceptable. (Source: BleepingComputer)
- Hackers stole personal information from 100,000 West Australians in a cyberattack on P&N Bank. (The West Australian)
- In an important Patch Tuesday release, Microsoft fixed critical bugs in CryptoAPI, RD Gateway, and .NET. (Source: Naked Security)
- The latest update to Google’s Smart Lock app on iOS means you can now use your iPhone as a physical 2FA security key for logging into Google’s first-party services in Chrome. (Source: The Verge)
- The domain name weleakinfo.com has been seized by the FBI. The website sold information claiming to have more than 12 billion records gathered from over 10,000 breaches. (Source: DarkReading)
- Pretending to be the Permanent Mission of Norway, Emotet operators performed a targeted phishing attack against users associated with the United Nations. (Source: BleepingComputer)
Stay safe, everyone!
The post A week in security (January 13 – 19) appeared first on Malwarebytes Labs.