blog.malwarebytes.org

In what is likely Vice Society's handiwork, the UK's largest state boarding school Wymondham College has announced it has become the victim of a "sophisticated cyberattack". The school didn't provide additional information, but Jonathan Taylor, chief of the school's parent company Sapientia Education Trust, has revealed the school is yet to receive a ransom note. In an email to The Record, Taylor said: "We are not...

Microsoft, and other vendors, have released their monthly updates. In total Microsoft has fixed a total of 101 vulnerabilities for several titles (including Edge), with two of them being actively exploited zero-days. On top of that, Adobe has fixed an actively exploited vulnerability in ColdFusion. The Common Vulnerabilities and Exposures (CVE) database lists publicly disclosed computer security flaws. The CVEs of the actively...

According to information gathered by BleepingComputer, the Clop ransomware group has claimed responsibility for the ransomware attacks that are tied to a vulnerability in the Fortra GoAnywhere MFT secure file-sharing solution. As we reported on February 8, Fortra released an emergency patch (7.1.2) for an actively exploited zero-day vulnerability found in the GoAnywhere MFT administrator console. GoAnywhere MFT, which stands for...

After getting in hot water for using an AI chatbot to provide mental health counseling, non-profit startup Koko has now been criticized for experimenting with young adults at risk of harming themselves. Worse, the young adults were unaware they were test subjects.  Motherboard reports the experiment took place between August and September 2022. At-risk subjects, aged 18 to 25, were directed to a chatbot after posting...

WhatsApp will not comply with the UK's Online Safety Bill when it passes legislation as is. In fact, WhatsApp would rather cease serving UK users, which make up 2% of its global market, than weaken its end-to-end encryption (E2EE). Will Cathcart, head of WhatsApp at parent company Meta, made these claims in a briefing with the UK press on Thursday, March 9. He reportedly met with legislators to discuss the Bill, which...

The March security updates for Android include fixes for two critical remote code execution (RCE) vulnerabilities impacting Android systems running versions 11, 12, 12L, and 13. Users should update as soon as they can. The March 2023 Android Security Bulletin contains the details of the security vulnerabilities affecting Android devices. Security patch levels of 2023-03-05 or later address all of these issues. That means, if your...

The US Government has been working on the National Cybersecurity Strategy Document 2023 for some time now, and it’s finally been released. The strategy document, which replaces the last such piece of work from 2018, attempts to indicate the general direction of the US approach to cybercrime and security for the next few years. While you don't necessarily need to take immediate action on the points raised, there's a lot of talk about...

The best way to keep your devices safe when you're travelling is to be unplugged. If you don't need it, don't take it with you. But since that is not always an option, here are some tips to keep you safe while you travel. 1. Backup before you go The consequences of losing your device or having it stolen are worse when you are outside of your own environment. So make sure that you have recent backups of your important data, and don't...