A week in security (January 9—15)
Last week on Malwarebytes Labs:
- Slack private code on GitHub stolen
- Crypto-inspired Magecart skimmer surfaces via digital crime haven
- Security vulnerabilities in major car brands revealed
- Microsoft ends extended support for Windows 7 and Windows Server 2008 today
- Pokemon NFT card game malware chooses you
- Polite WiFi loophole could allow attackers to drain device batteries
- US school district sues Facebook, Instagram, Snapchat, TikTok over harm to kids
- Identity thieves bypass security questions to access Experian credit reports
- Maternal & Family Health Services discloses ransomware attack months after discovery
- Open redirect on government website sends users to adult content
- 2023 prediction: Security workforce shortage will lead to nationally significant cyberattack
- Cyberattack halts Royal Mail’s overseas post
- 5 must-haves for K-12 cybersecurity
- Update now! Patch Tuesday January 2023 includes one actively exploited vulnerability
- WhatsApp lawsuit against NSO Group greenlit by Supreme Court
- 3 ways Malwarebytes helps you browse securely and privately online
- US Department of the Interior’s passwords “easily cracked”
- Multiple schools hit by Vice Society ransomware attack
- Timely patching is good, but sometimes it’s not enough
Stay safe!