Last week on Malwarebytes Labs
- Celebrity jewelry house Graff falls victim to ransomware
- Lessons from a real-life ransomware attack
- Is Apple’s Safari browser the last, best hope for web privacy?
- What is Twitch?
- Google patches zero-day vulnerability, and others, in Android
- Zuckerberg’s Metaverse, and the possible privacy and security concerns
- This Steam phish baits you with a free Discord Nitro
- BlackMatter ransomware group announces shutdown. But for how long?
- Trojan Source: Hiding malicious code in plain sight
- Update now! Mozilla fixes security vulnerabilities in Firefox 94
- Credit card skimmer evades Virtual Machines
- CISA sets two week window for patching serious vulnerabilities
- Wanted! US offer $10m bounty for ransomware kingpins
Other cybersecurity news
- New “Frankenstein” phishing kits are becoming increasingly popular. (Source: RiskIQ)
- Call center scammers use Justine Bieber and The Weeknd concert tickets as bait. (Source: ZDNet)
- Expect delivery firms to be impersonated by cybercriminals in holiday phishing scams. (Source: Tessian)
- According to a report, New Zealand residents are unaware of common cyber scams and don’t take basic precautions. (Source: IT Brief)
- CERT-France has identified the ransomware group behind attacks on French companies. (Source: The Record)
- SalesForce bug allows Outlook and Microsoft calendar events to be exposed. (Source: Varonis)
- Credential phishers impersonate Proofpoint to go after Microsoft and Google credentials. (Source: Armorblox)
- Data of Labour Party supporters in the UK were stolen during a ransomware attack. (Source: Sky News)
- Scammers bank on popularity of crypto wallets to steal cryptocurrency. (Source: Check Point)
- We experienced the first example of “insider threat by machine” when Facebook went dark for 6 hours. (Source: CSO Online)
Stay safe, everyone!
The post A week in security (Nov 1 – Nov 7) appeared first on Malwarebytes Labs.