A week in security (April 11 – 17)

Credit to Author: Malwarebytes Labs| Date: Mon, 18 Apr 2022 11:27:24 +0000

Last week on Malwarebytes Labs:

• Credential-stealing malware disguises itself as Telegram, targets social media users
• Old Play Store apps served notice by upcoming API level changes
• Denonia cryptominer is first malware to target AWS Lambda
• Ransomware: March 2022 review
• Why identity management matters
• USPS “Your package could not be delivered” text is a smishing scam
• Apps removed from Google Play for harvesting user data
• How to password protect a folder
• Conti ransomware offshoot targets Russian organizations
• Malwarebytes Evaluation of the MITRE ENGENUITY ATT&CK Round 4 Emulations
• Steer clear of this “TestNTrace” SMS spam
• NGINX zero-day vulnerability: Check if you’re affected
• April’s Patch Tuesday update includes fixes for two zero-day vulnerabilities
• SMS group spam promises free gifts in return for bill payment
• “Your AppI‌e‌ ‌l‌D‌ ‌‌h‌‌a‌‌s‌‌ ‌‌b‌‌e‌‌e‌‌n‌‌ ‌‌l‌‌ocke‌‌d‌‌” spam email takes you on a website mystery tour
• Zloader, another botnet, bites the dust
• Stalkerware-type detections hit record high in 2021, but fell in second half
• Filing your taxes? Be wary of help found through search engines

Stay safe!

The post A week in security (April 11 – 17) appeared first on Malwarebytes Labs.

https://blog.malwarebytes.com/feed/