A week in security (January 9—15)

Last week on Malwarebytes Labs:

• Slack private code on GitHub stolen
• Crypto-inspired Magecart skimmer surfaces via digital crime haven
• Security vulnerabilities in major car brands revealed
• Microsoft ends extended support for Windows 7 and Windows Server 2008 today
• Pokemon NFT card game malware chooses you
• Polite WiFi loophole could allow attackers to drain device batteries
• US school district sues Facebook, Instagram, Snapchat, TikTok over harm to kids
• Identity thieves bypass security questions to access Experian credit reports
• Maternal & Family Health Services discloses ransomware attack months after discovery
• Open redirect on government website sends users to adult content
• 2023 prediction: Security workforce shortage will lead to nationally significant cyberattack
• Cyberattack halts Royal Mail’s overseas post
• 5 must-haves for K-12 cybersecurity
• Update now! Patch Tuesday January 2023 includes one actively exploited vulnerability
• WhatsApp lawsuit against NSO Group greenlit by Supreme Court
• 3 ways Malwarebytes helps you browse securely and privately online
• US Department of the Interior’s passwords “easily cracked”
• Multiple schools hit by Vice Society ransomware attack
• Timely patching is good, but sometimes it’s not enough

Stay safe!

https://blog.malwarebytes.com/feed/