A week in security (September 14 – 20)

Last week on Malwarebytes Labs, we looked at Fintech industry developments, specifically the differences between Europe and the US, and we analyzed how some charities and the advertising industry are tied together. We also told readers about what companies can do to counter domain name abuse.

In our Lock and Code podcast we talked to Pieter Arntz about safely using Google Chrome Extensions.

Other cybersecurity news

  • Researchers discovered the Zerologon Windows exploit, which lets attackers instantly become admins on enterprise networks. (Source: TechSpot)
  • A technology firm linked to the Chinese Communist Party has created and mined a global database of 2.4 million individuals. (Source: The Diplomat)
  • Five Chinese nationals and two Malaysian nationals linked to APT41 were charged in connection with a global hacking campaign. (Source: Cyberscoop)
  • How do stolen credit cards get used halfway around the world? Danny Palmer tried to find out. (Source: ZDNet)
  • Cybersecurity companies noticed a surge in DDoS attacks targeting the education and academic sector. (Source: BleepingComputer)
  • A bluetooth vulnerability dubbed BLURtooth that overwrites Bluetooth encryption keys was reported last week by two research groups. (Source: TechXplore)
  • The US Department of the Interior (DoI) failed its latest computer security assessment, mostly for a lack of Wi-Fi defenses. (Source: The Register)
  • A woman in Germany died during a ransomware attack on a hospital, in what may be the first death directly linked to a cyberattack on a hospital. (Source: The Verge)
  • In a transformation of the threat portfolio, web-phishing targeting various online services almost doubled during the COVID-19 pandemic. (Source: Security Affairs)
  • UK business owners were targeted by a phishing scam that attempts to gain sensitive information by impersonating Her Majesty’s Revenue and Customs (HMRC). (Source: Infosecurity Magazine)

Stay safe, everyone!