Last week on Malwarebytes Labs, we gave readers a primer on encryption, took a stab at that Deepfakes tool Internet users seem to be interested in, and started a new series that talks about GDPR.
We also looked at a drive-by download campaign that starts in booby-trapped Chinese websites that drop malware via different exploits. This malware is a DDoS bot called Avzhan, which we then studied in detail.
Other news
- Hackers targeted Russian and Indian banks by attempting to abuse the SWIFT global banking network. (Source: Security Week)
- Are you an independent writer who sells books via Amazon’s Createspace? You may want to check if someone is impersonating you for fraud. (Source: KrebsOnSecurity)
- Akamai spotted an uptick in credential abuse in the last quarter of 2017. (Source: Computer Weekly)
- Let’s read about that new Google Chrome “adblocker” that is actually not an adblocker at all. (Source: Sophos’ Naked Security Blog)
- Should “security” and “social” be in the same sentence together? For education’s sake, YES! (Source: Dark Reading)
- With the arrival of GDPR, spray-and-pray tactics against businesses are out the windows. Threat actors are now refining their methods. (Source: Information Age)
- Security researchers have found that cryptocurrency miners could soon end up in specially crafted MS Word documents (so be wary if you receive one). (Source: Bleeping Computer)
- Whoops. There’s a security bug in Tinder. (Source: SC Magazine UK)
- “Stalkerware” companies are getting hacked left and right. And consumer spyware isn’t only popular among private citizens. (Source: Motherboard)
Stay safe, everyone!
