A week in security (January 16—22)
Last week on Malwarebytes Labs:
- Google to support the use of Rust in Chromium
- Law enforcement app SweepWizard leaks data on crime suspects
- Accountant ordered to pay ex-employer after bossware shows “time theft”
- TikTok dances to the tune of $5.4m cookie fine
- “Untraceable” surveillance firm sued for scraping Facebook and Instagram data
- Fighting technology’s gender gap with TracketPacer: Lock and Code S04E02
- Web skimmer found on website of Liquor Control Board of Ontario
- University suffers leaks, shutdowns at the hands of Vice Society
- Update now! Proof of concept code to be released for Zoho ManageEngine vulnerability
- CircleCI: Malware stole GitHub OAuth keys, bypassing 2FA
- LastPass users should move their crypto funds, experts warn
- Update now! Two critical flaws in Git’s code found, patched
- Google sponsored ads lead to rogue imitation sites
- Ransomware money laundering operation disrupted, founder arrested
- Credit card fraud group member could get up to 30 years in jail
- Mailchimp breach feels like deja vu
Stay safe!