logo
DATABASE RESOURCES PRICING ABOUT US

A week in security (Oct 25 – Oct 31)

2021-11-01T11:33:01

Description

### Last week on Malwarebytes Labs * Beyond the VPN: [Ultimate online privacy](<https://blog.malwarebytes.com/podcast/2021/10/beyond-the-vpn-ultimate-online-privacy-with-the-tor-projects-isabella-bagueros-lock-and-code-s02e20/>) with the Tor Project’s Isabela Bagueros: Lock and Code S02E20 * [Patch now](<https://blog.malwarebytes.com/reports/2021/10/patch-now-to-bypass-firefox-add-ons-that-abuse-the-proxy-api-to-deny-updates/>) to bypass Firefox add-ons that abuse the proxy API to deny updates * How social media mistakes can [impact cybersecurity](<https://blog.malwarebytes.com/how-tos-2/2021/10/how-social-media-mistakes-can-impact-cybersecurity/>) * Update now! [Apple patches bugs](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/10/update-now-apple-patches-bugs-in-ios-and-ipados/>) in iOS and iPadOS * Watch out for the [Steam skin “free knife” scam](<https://blog.malwarebytes.com/scams/2021/10/watch-out-for-the-steam-skin-free-knife-scam/>) * What is [fileless malware](<https://blog.malwarebytes.com/explained/2021/10/what-is-fileless-malware/>)? * Threat profile: [Ranzy Locker ransomware](<https://blog.malwarebytes.com/ransomware/2021/10/threat-profile-ranzy-locker-ransomware/>) * Shrootless: Microsoft finds [Apple macOS vulnerability](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/10/shrootless-microsoft-finds-apple-vulnerability-in-macos/>) * Tips to [protect your data, security, and privacy](<https://blog.malwarebytes.com/malwarebytes-news/2021/10/tips-to-protect-your-data-security-and-privacy-from-an-hands-on-expert/>) from a hands-on expert * Update your OptinMonster WordPress plugin [immediately](<https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/10/update-your-optinmonster-wordpress-plugin-immediately/>) * The return of the [Malwarebytes CrackMe](<https://blog.malwarebytes.com/threat-intelligence/2021/10/the-return-of-the-malwarebytes-crackme/>) ### Other cybersecurity news * Cream Finance skimmed by crooks: [$130m in crypto assets stolen](<https://www.theregister.com/2021/10/28/cream_ethereum_theft/>) (Source: The Register) * Google Chrome [abused to deliver malware](<https://threatpost.com/chrome-deliver-malware-as-legit-win-10-app/175884/>) as “legit” Win10 app (Source: ThreatPost) * TA525 criminal group using [“Squid game” lures](<https://www.zdnet.com/article/ta575-criminal-group-using-squid-game-lures-for-dridex-malware/>) for Dridex Malware (Source: ZDNet) * A [malware prevention strategy](<https://gcn.com/articles/2021/10/29/malware-prevention-strategy.aspx>) to complement StopRansomware(dot)gov (Source: GCN) * Snake malware [biting hard on 50 apps for only $25](<https://www.bleepingcomputer.com/news/security/snake-malware-biting-hard-on-50-apps-for-only-25/>) (Source: Bleeping Computer) * Phishing emails use [QR codes](<https://www.zdnet.com/article/these-phishing-emails-use-qr-codes-to-bypass-defences-and-steal-microsoft-365-usernames-and-passwords/>) to bypass defences and steal Microsoft 365 usernames and passwords (Source: ZDNet) * BBB [warns about scams for holiday season](<https://www.silive.com/news/2021/10/from-phishing-emails-to-social-media-ads-better-business-bureau-warns-about-scams-for-holiday-season.html>) (Source: SiLive) * Russian hackers used home networks to [evade detection](<https://www.bloomberg.com/news/articles/2021-10-26/suspected-russian-hackers-use-home-networks-to-evade-detection>) (Source: Bloomberg) * This AI [predicts how old children are](<https://www.wired.com/story/ai-predicts-how-old-children-are/>) (Source: Wired) * Europol [detains hackers](<https://techcrunch.com/2021/10/29/europol-hackers-norsk-hydro/>) behind 2019 Norsk Hydro ransomware attack (Source: TechCrunch) Stay safe, everyone! The post [A week in security (Oct 25 - Oct 31)](<https://blog.malwarebytes.com/a-week-in-security/2021/11/a-week-in-security-oct-25-oct-31-2021/>) appeared first on [Malwarebytes Labs](<https://blog.malwarebytes.com>).