Categories: News Tags: hospital Tags: healthcare Tags: ransomware Tags: hijack Tags: network Tags: compromise Tags: data Tags: ambulance Tags: service Tags: redirect A widespread ransomware attack affecting 16 hospitals last week has led to ongoing cleanup efforts. (Read more…) The…
Tag: Malwarebytes Labs
Zoom clarifies user consent requirement when training its AI
Categories: News Categories: Privacy Analysis of the Zoom Terms of Service caused users to believe their video conferences were being used to train an AI (Read more…) The post Zoom clarifies user consent requirement when training its AI appeared first…
August Patch Tuesday stops actively exploited attack chain and more
Categories: Exploits and vulnerabilities Categories: News Microsoft has announced patches for 87 vulnerabilities this month, including two that are being actively exploited. (Read more…) The post August Patch Tuesday stops actively exploited attack chain and more appeared first on Malwarebytes…
Ransomware review: August 2023
Categories: Threat Intelligence July saw one of the highest number of ransomware attacks in 2023 at 441. At the forefront of these attacks is, once again, Cl0p. (Read more…) The post Ransomware review: August 2023 appeared first on Malwarebytes Labs.…
Voter data stolen in UK Electoral Commission systems breach
Categories: Personal Tags: electoral commission Tags: election Tags: voting Tags: vote Tags: record Tags: roll Tags: register Tags: breached Tags: compromise Tags: uk Tags: opt-out We take a look at reports that the UK’s electoral commission has been breached, and…
Cloudflare Tunnel increasingly abused by cybercriminals
Categories: News Tags: Cloudflare Tunnel Tags: cloudflared Tags: rdp Tags: https Tags: smb Tags: ssh Researchers have found that cybercriminals are shifting to Cloudflare Tunnel to hide and anonymize their nefarious activities. (Read more…) The post Cloudflare Tunnel increasingly abused…
Facial recognition tech lands innocent woman with bogus carjacking charge
Categories: Personal Tags: facial recognition Tags: surveillance Tags: Detroit Tags: police Tags: law enforcement Tags: mistaken identity Tags: wrong Tags: flagged Tags: carjacking Tags: robbery Tags: phone We take a look at another case of facial recognition technology getting it…
Digital assets continue to be prime target for malvertisers
Categories: Threat Intelligence Tags: malvertising Tags: nft Tags: crypto Tags: wallet Tags: bing Tags: google NFT enthusiasts are getting their wallets drained after clicking on a malicious ad. (Read more…) The post Digital assets continue to be prime target for…
Server breach could be fatal blow for LetMeSpy
Categories: Personal Tags: letmespy Tags: stalkerware Tags: spy Tags: snoop Tags: install Tags: data Tags: breach Tags: hacked We take a look at reports of an app called LetMeSpy facing an imminent shutdown after a server breach and data deletion…
A week in security (July 31 – August 6)
Categories: News Tags: Ivanti Tags: Meta Tags: Teams Tags: ransomware rollback Tags: AMP Tags: Minecraft Tags: Barracuda A list of topics we covered in the week of July 31 to August 6 of 2023 (Read more…) The post A week…
New Security Advisor amps up security in minutes
Categories: Business The new feature provides comprehensive health score that assesses the quality of your Nebula implementation. (Read more…) The post New Security Advisor amps up security in minutes appeared first on Malwarebytes Labs. This article has been indexed from…
2022’s most routinely exploited vulnerabilities—history repeats
Categories: Exploits and vulnerabilities Categories: News Tags: Zoho ManageEngine Tags: CVE-2021-40539 Tags: Log4Shell Tags: CVE-2021-44228 Tags: CVE-2021-13379 Tags: ProxyShell Tags: CVE-2021-34473 Tags: CVE-2021-31207 Tags: CVE-2021-34523 Tags: CVE-2021-26084 Tags: Atlassian Tags: CVE-2022-22954 Tags: CVE-2022-22960 Tags: CVE-2022-26134 Tags: CVE-2022-1388 Tags: CVE-2022-30190 Tags:…
FCC comes down hard on robocallers with record $300m fine
Categories: Personal Tags: FCC Tags: FTC Tags: robocall Tags: cold caller Tags: calling Tags: phone Tags: do not call Tags: block Tags: fine We take a look at a record fine issued by the FCC in relation to a prolific…
TikTok facing fines for violating children’s privacy
Categories: News Categories: Privacy Tags: tiktok Tags: privacy Tags: gdpr Tags: children Tags: under 13 TikTok is looking at yet another fine… (Read more…) The post TikTok facing fines for violating children’s privacy appeared first on Malwarebytes Labs. This article…
Microsoft Teams used in phishing campaign to bypass multi-factor authentication
Categories: Business Categories: News Tags: Microsoft Teams Tags: social engineering Tags: bypass Tags: MFA Tags: authenticator Attackers are using Microsoft Teams chats from compromised Microsft 365 tenants as credential theft phishing lures (Read more…) The post Microsoft Teams used in…
The end looms for Meta’s behavioural advertising in Europe
Categories: Personal Tags: meta Tags: Facebook Tags: EU Tags: legal Tags: litigation Tags: behavioural Tags: advertising Tags: tracking We take a look at what appears to be the beginning of the end for Meta’s behavioural advertising in Europe. (Read more…)…
Global ransomware attacks at an all-time high, shows latest 2023 State of Ransomware report
Categories: Threat Intelligence Ransomware gangs are also starting to focus on exploiting zero-days for initial access. (Read more…) The post Global ransomware attacks at an all-time high, shows latest 2023 State of Ransomware report appeared first on Malwarebytes Labs. This…
Hey, are you REALLY ready to go on vacation? (No, you aren’t)
Categories: Awareness Categories: Explained Categories: News We’ve made a handy flow chart to help IT and security folk decide if they’re ready to go on vacation. (Read more…) The post Hey, are you REALLY ready to go on vacation? (No,…
How to protect your child’s identity
Categories: News Categories: Personal Tags: Children Tags: identity Tags: theft Tags: protection Tags: SSN Tags: COPPA Identity theft is a serious problem, especially when it affects children. (Read more…) The post How to protect your child’s identity appeared first on…
FAQ: How does Malwarebytes ransomware rollback work?
Categories: Business Malwarebytes Ransomware Rollback rescues your data from encryption by effectively “turning back the clock” of a ransomware attack. But how does it work, exactly? (Read more…) The post FAQ: How does Malwarebytes ransomware rollback work? appeared first on…
Film companies lose battle to unmask Reddit users
Categories: Personal Tags: reddit Tags: copyright Tags: piracy Tags: court Tags: case Tags: movie Tags: film Tags: producer Tags: pirate Tags: torrent Tags: steal Tags: theft Tags: download Tags: IP A Judge has thrown out a case where multiple movie…
Ivanti patches second zero-day vulnerability being used in attacks
Categories: Exploits and vulnerabilities Categories: News Tags: Ivanti Tags: EPMM Tags: MobileIron Tags: CVE-2023-35081 Tags: CVE-2023-35078 Tags: tomcat Tags: arbitrary file write Tags: ACL Tags: upgrade Ivanti has issued a patch to address a second critical zero-day vulnerability (Read more…)…
Minecraft fans beware: Players and servers at risk from BleedingPipe vulnerability
Categories: Personal Tags: Minecraft Tags: mod Tags: forge Tags: players Tags: vulnerability Tags: RCE Tags: bleedingpipe Tags: malware Minecraft players interested in modding are at risk from a remote code execution vulnerability targeting both players and servers. (Read more…) The…
Public companies must now disclose breaches within 4 days
Categories: Business Tags: SEC Tags: filing Tags: file Tags: breach Tags: breaches Tags: US Tags: cyber attack Tags: disclosure Tags: notification Tags: public We take a look at news that a new SEC rule will require public organisations impacted by…
A week in security (July 24 – July 30)
Categories: News Tags: week Tags: security Tags: 2023 Tags: July A list of topics we covered in the week of July 24 to July 30 of 2023 (Read more…) The post A week in security (July 24 – July 30)…
Supply chain attacks disrupt emergency services communications
Categories: Business Tags: supply chain Tags: attack Tags: ambulance Tags: trust Tags: communications Tags: service Tags: disrupt We take a look at a supply chain attack which disrupted two UK-based ambulance service’s ability to access customer records. (Read more…) The…
Meta subsidiaries must pay $14m over misleading data collection disclosure
Categories: Business Tags: VPN Tags: meta Tags: Facebook Tags: data Tags: disclosure Tags: australia Tags: australian Tags: traffic We take a look at reports that Meta subsidiaries have been ordered to pay a sizeable fine relating to disclosure issues for…
Zimbra issues awaited patch for actively exploited vulnerability
Categories: Exploits and vulnerabilities Categories: News Tags: Zimbra Tags: ZCS Tags: CVE-2023-38750 Tags: CISA Tags: CVE-2023-0464 Tags: TAG Tags: XSS Tags: JSP Tags: XML Tags: Zimbra has released ZCS 10.0.2 that fixes two security issues, including the known bug that…
Patch now! Ivanti Endpoint Manager Mobile Authentication vulnerability used in the wild
Categories: Exploits and vulnerabilities Categories: News Tags: Norwegian ministries Tags: ivanti Tags: EPMM Tags: MobileIron Tags: CVE-2023-35078 Tags: patch A patch is now available for an Ivanti EPMM vulnerability that was used in a cyberattack on the ICT platform which…
Ransomware groups claim responsibility for double-attack on Yamaha
Categories: Business Tags: ransomware Tags: blackbyte Tags: Akira Tags: group Tags: compromised Tags: data Tags: blackmail Tags: extortion Tags: attack Tags: Yamaha Tags: Canada Tags: music Tags: audio We take a look at claims that Yamaha has been compromised by…
60,000 Androids have stalkerware-type app Spyhide installed
Categories: News Categories: Privacy Tags: stalkerware Tags: carew Tags: spyhide A hacktivist was able to grab all the data from a stalkerware operator and shared the method and the findings. (Read more…) The post 60,000 Androids have stalkerware-type app Spyhide…
Tampa General Hospital half thwarts ransomware attack, but still loses patient data
Categories: News Categories: Ransomware Tags: Tampa Tags: General Hospital Tags: Snatch Tags: ransomware Tags: RDP Tags: data breach The Tampa General Hospital has promised to reach out to the individuals whose information has been stolen by the Snatch ransomware group.…
How to set up computer security for your parents
Categories: News Categories: Personal Tags: parents Tags: cybersecurity Tags: chromebook Tags: auto updates Tags: urgent notifications Tags: remote desktop Tags: router Tags: block list Tags: encryption Here are some tips that you can use to set up a secure environment…
Update now! Apple fixes several serious vulnerabilities
Categories: Exploits and vulnerabilities Categories: News Tags: Apple Tags: WebKit Tags: CVE-2023-38606 Tags: CVE-2023-32409 Tags: CVE-2023-37450 Tags: CVE-2023-32416 Apple has released security updates for several products to address several serious vulnerabilities including some actively exploited zero-days. (Read more…) The post…
A week in security (July 17 – 23)
Categories: News Tags: week in security Tags: malwarebytes Tags: July Tags: 2023 A list of topics we covered in the week of July 17 to July 23 of 2023 (Read more…) The post A week in security (July 17 –…
Estée Lauder targeted by Cl0p and BlackCat ransomware groups
Categories: Business Tags: Estée Lauder Tags: Cl0p Tags: BlackCat Tags: ransomware Tags: compromise Tags: attack Tags: breach Tags: blackmail Tags: threat We take a look at reports of cosmetics firm Estée Lauder being attacked by the Cl0p and BlackCat ransomware…
CISA: You’ve got two weeks to patch Citrix NetScaler vulnerability CVE-2023-3519
Categories: Exploits and vulnerabilities Categories: News Tags: Citrix Tags: NetScaler Tags: CVE-2023-3519 Tags: web shell A critical unauthenticated remote code execution vulnerability in Citrix NetScaler ADC and Citrix NetScaler Gateway is being actively exploited (Read more…) The post CISA: You’ve…
Amazon in-van delivery driver footage makes its way online
Categories: News Tags: driver Tags: delivery Tags: amazon Tags: van Tags: camera Tags: recording Tags: footage Tags: online Tags: privacy In-van delivery driver footage is reportedly finding its way to the internet. Are privacy issues at play, or is a…
Accidental VirusTotal upload is a valuable reminder to double check what you share
Categories: Business Tags: upload Tags: download Tags: share Tags: data Tags: intelligence Tags: google Tags: virustotal Tags: social media Tags: sharing Tags: document Tags: file Tags: files We take a look at reports of a document being accidentally shared to…
Google fixes “Bad.Build” Cloud Build flaw, researchers say it’s not enough
Categories: Exploits and vulnerabilities Categories: News Researchers have uncovered a privilege escalation vulnerability in Google Cloud Build that could enable malicious actors tamper with application images and infect users. (Read more…) The post Google fixes “Bad.Build” Cloud Build flaw, researchers…
Microsoft validation error allowed state actor to access user email of government agencies and others
Categories: News Tags: Microsoft. MSA Tags: OWA Tags: validation token Tags: signing key Tags: Storm-0556 Tags: GetAccessTokensForResource Due to a validation error in Microsoft code, a suspected Chinese attacker was able to access user email from approximately 25 organizations, including…
Plane sailing for ticket scammers: How to keep your flight plans safe
Categories: Personal Tags: plane Tags: ticket Tags: holiday Tags: flight Tags: airplane Tags: aeroplane Tags: scam Tags: phish Tags: phishing Tags: social engineering We take a look at several scams targeting flyers off on their holidays, and how you can…
Docker Hub images found to expose secrets and private keys
Categories: Awareness Categories: News Tags: Docker Tags: Docker Hub Tags: containerization Tags: secrets Tags: exposed Researchers have found that numerous Docker images shared on Docker Hub expose sensitive data. (Read more…) The post Docker Hub images found to expose secrets…
FakeSG enters the ‘FakeUpdates’ arena to deliver NetSupport RAT
Categories: Threat Intelligence Tags: fakeupdates Tags: socgholish Tags: netsupport Tags: RAT A new campaign leveraging compromised WordPress sites emerges with another fake browser update. (Read more…) The post FakeSG enters the ‘FakeUpdates’ arena to deliver NetSupport RAT appeared first on…
A week in security (July 10 – 16)
Categories: News Tags: week Tags: security Tags: July Tags: 2023 A list of topics we covered in the week of July 10 to July 16 of 2023 (Read more…) The post A week in security (July 10 – 16) appeared…
Spy vs. spy: Exploring the LetMeSpy hack, with maia arson crimew
Categories: Podcast This week on Lock and Code, we speak with maia arson crimew about the hack of the monitoring app LetMeSpy, which many have labeled as stalkerware. (Read more…) The post Spy vs. spy: Exploring the LetMeSpy hack, with…
Act now! In-the-wild Zimbra vulnerability needs a workaround
Categories: Exploits and vulnerabilities Categories: News Tags: Zimbra Tags: MalasLocker Tags: vulnerability Tags: Google Tags: actively exploited Tags: fn:escapeXml Security experts are warning Zimbra users that a vulnerability for which there is no patch is being actively exploited in the…
Malwarebytes stops 100% of Advanced Threats in latest AV-Test assessment
Categories: Business The test evaluates products against the latest techniques used by data stealers and ransomware. (Read more…) The post Malwarebytes stops 100% of Advanced Threats in latest AV-Test assessment appeared first on Malwarebytes Labs. This article has been indexed…
Ransomware making big money through “big game hunting”
Categories: Business Tags: business Tags: ransomware Tags: crypto Tags: cryptocurrency Tags: digital Tags: payment Tags: extortion Tags: gang Tags: group Tags: big game hunting We take a look at reports that claim ransomware is making big money in 2023. (Read…
Tax preparation firms shared sensitive information with Meta
Categories: News Categories: Privacy Tags: tax preparation Tags: Meta Tags: Pixel Tags: Markup Tax preparation firms shared personal and financial information with social media giant Meta (Read more…) The post Tax preparation firms shared sensitive information with Meta appeared first…
Zero-day deploys remote code execution vulnerability via Word documents
Categories: Business Tags: microsoft Tags: zero-day Tags: exploit Tags: CVE-2023-36884 Tags: storm-0978 Tags: email Tags: phish Tags: phishing Tags: Ukraine We take a look at reports of an exploit being deployed via booby trapped Word documents. (Read more…) The post…
Ransomware review: July 2023
Categories: Threat Intelligence Following a three-month lull of activity, Cl0p returned with a vengeance in June and beat out LockBit as the month’s most active ransomware gang. (Read more…) The post Ransomware review: July 2023 appeared first on Malwarebytes Labs.…
From Malvertising to Ransomware: A ThreatDown webinar recap
Categories: Business Get the low-down on our recent webinar From Malvertising to Ransomware. (Read more…) The post From Malvertising to Ransomware: A ThreatDown webinar recap appeared first on Malwarebytes Labs. This article has been indexed from Malwarebytes Labs Read the…
Criminals target businesses with malicious extension for Meta’s Ads Manager and accidentally leak stolen accounts
Categories: Threat Intelligence Tags: Meta Tags: Facebook Tags: malware Tags: ads manager Tags: chrome Tags: extension A group of criminals is actively targeting Facebook business users to gain access to their advertising accounts via malicious Chrome extensions. But we spotted…
Proposed Massachusetts law to ban sale of your mobile location data
Categories: News Categories: Personal Tags: mobile Tags: cellphone Tags: location Tags: locational Tags: sale Tags: selling Tags: broker Tags: data Tags: tracking Tags: anonymous A proposed law would ban brokers from selling mobile location data in Massachusetts. (Read more…) The…
Update now! Microsoft patches a whopping 130 vulnerabilities
Categories: Exploits and vulnerabilities Categories: News Tags: Microsoft Tags: Adobe Tags: Apple Tags: Android Tags: Cisco Tags: Fortinet Tags: MOVEit Tags: Mozilla Tags: SAP Tags: VMware Tags: CVE-2023-32049 Tags: CVE-2023-35311 Tags: CVE-2023-32046 Tags: CVE-2023-36874 Tags: CVE-2023-36844 For the July 2023…
How to secure your business before going on vacation
Categories: Business Are you a critical security expert for your organization? Are you also going on vacation? Here’s how to ensure your time away from the office doesn’t get interrupted with a security incident. (Read more…) The post How to…
Threatening rogue finance apps removed from the Apple Store
Categories: Personal Tags: app Tags: finance Tags: india Tags: loan Tags: rogue Tags: Apple Store Tags: play store Tags: google Tags: threaten Tags: blackmail Tags: sextortion Tags: fake Tags: deepfake Tags: deepfakes Tags: morph Multiple finance apps have been removed…
“TootRoot” Mastodon vulnerabilities fixed: Admins, patch now!
Categories: Personal Tags: tootroot Tags: mastodon Tags: server Tags: patch Tags: update Tags: CVE Tags: flaw Tags: vulnerability Tags: social media Tags: network Tags: networking We take a look at a collection of issues (now patched) which were affecting Mastodon…
Apple issues Rapid Security Response for zero-day vulnerability
Categories: Exploits and vulnerabilities Categories: News Tags: Apple Tags: Safari Tags: WebKit Tags: macOS Tags: iOS Tags: iPadOs Tags: CVE-2023-37450 Tags: drive-by Tags: code execution Apple has issued an update for a zero-day vulnerability in the WebKit browser engine which…
A week in security (July 3 – 9)
Categories: News Tags: week Tags: security Tags: July 2023 A list of topics we covered in the week of July 3 to July 9 of 2023 (Read more…) The post A week in security (July 3 – 9) appeared first…
Warning issued over increased activity of TrueBot malware
Categories: News Categories: Ransomware Tags: TrueBot Tags: Cl0p Tags: Silence Group Tags: CVE-2022-31199 Tags: Raspberry Robin Tags: FlawedGrace Tags: Cobalt Strike Tags: Teleport CISA, the FBI, the MS-ISAC, and the CCCS have warned about increased activity of the TrueBot malware…
Malwarebytes Browser Guard introduces three new features
Categories: Personal Tags: Malwarebytes Tags: Browser Guard Tags: Premium Tags: new features Malwarebytes Browser Guard introduces three new features: Content control, import & export, and historical detection statistics (Read more…) The post Malwarebytes Browser Guard introduces three new features appeared…
MOVEit Transfer fixes three new vulnerabilities
Categories: Exploits and vulnerabilities Categories: News Categories: Ransomware Tags: Progress Tags: MOVEit Tags: vulnerabilities Tags: CVE-2023-36934 Tags: CVE-2023-36932 Tags: CVE-2023-36933 CISA has warned users about three new vulnerabilities in Progress Software’s MOVEit Transfer software. (Read more…) The post MOVEit Transfer…
Warning issued over vulnerability in cardiac device monitoring software
Categories: Exploits and vulnerabilities Categories: News Tags: Medtronic Tags: Paceart Optima Tags: CVE-2023-31222 Tags: deserialization Tags: update Tags: messaging A vulnerability in Medtronic’s Paceart Optima software could lead to further network penetration, RCE, and DoS attacks (Read more…) The post…
Solar monitoring systems exposed: Secure your devices
Categories: Business Tags: solar Tags: monitoring Tags: service Tags: exposed Tags: web Tags: facing Tags: secure Tags: scan Tags: lockdown Tags: update We take a look at reports that 130,000 solar monitoring devices are sitting exposed online. (Read more…) The…
How kids pay the price for ransomware attacks on education
Categories: News Categories: Personal Categories: Ransomware Tags: ransomware Tags: vice Tags: education Tags: files Tags: dark web Tags: ssn Tags: stolen identity Data stolen during attacks on schools can contain highly sensitive information. (Read more…) The post How kids pay…
Update Android now! Google patches three actively exploited zero-days
Categories: Exploits and vulnerabilities Categories: News Tags: Google Tags: Android Tags: 2023-07-05 Tags: CVE2021-29256 Tags: CVE-2023-26083 Tags: CVE-2023-2136 Tags: CVE-2023-21250 Tags: ARM Tags: Skia Google has patched 43 vulnerabilities in Android, three of which are actively exploited zero-day vulnerabilities. (Read…
Warning issued over vulnerability in cardiac devices
Categories: Exploits and vulnerabilities Categories: News Tags: Medtronic Tags: Paceart Optima Tags: CVE-2023-31222 Tags: deserialization Tags: update Tags: messaging A vulnerability in Medtronic’s Paceart Optima cardiac device could lead to further network penetration, RCE, and DoS attacks (Read more…) The…
Self-driving cars are a privacy issue, says security expert
Categories: News Categories: Personal Categories: Privacy Tags: self-driving cars Tags: CCTV Tags: video doorbell Tags: security cams Tags: dashcams As the number of self-driving cars increases, so does the number of cameras on the roads. This creates a possible privacy…
Google plans to scrape everything you post online to train its AI
Categories: News Categories: Personal Tags: AI Tags: data Tags: generative Tags: search Tags: google Tags: bard Tags: translate Tags: AI cloud Tags: language Tags: scrape Tags: content Tags: text Tags: photo Tags: image Tags: learn Tags: learning We take a…
Malicious ad for USPS fishes for banking credentials
Categories: Threat Intelligence Tags: malvertising Tags: google Tags: usps Tags: phishing Next time you need to track a package, be aware that malicious ads could be leading you to sites that steal your banking information. (Read more…) The post Malicious…
Elderly targeted in car accident scam, kingpin arrested
Categories: News Categories: Personal Tags: Europol Tags: relative Tags: law enforcement The head of a criminal network responsible for defrauding hundreds of elderly people has been arrested, Europol has announced. (Read more…) The post Elderly targeted in car accident scam,…
Fake reviewers face big fines
Categories: Business Tags: reviews Tags: fake Tags: ftc Tags: fine Tags: fraud Tags: bogus Tags: portal Tags: site Tags: rating Tags: score The FTC’s new proposed rule would apply large fines to those found distributing fake reviews online. (Read more…)…
A week in security (June 26 – July 2)
Categories: News A list of topics we covered in the week of June 26 to July 2 of 2023 (Read more…) The post A week in security (June 26 – July 2) appeared first on Malwarebytes Labs. This article has…
Brave browser will prevent websites from port scanning visitors
Categories: Personal Tags: site Tags: website Tags: websites Tags: port scanning Tags: local resources Tags: track Tags: tracking Tags: profile Tags: brave Tags: browser Tags: web browser Tags: privacy We take a look at reports that Brave browser will prevent…
Of sharks, surveillance, and spied-on emails: This is Section 702, with Matthew Guariglia
Categories: Podcast This week on Lock and Code, we speak with Matthew Guargilia about the NSA’s broad powers to sweep up Americans’ emails, DMs, messages, and all manner of digital communications. (Read more…) The post Of sharks, surveillance, and spied-on…
Online safety tips for LGBTQIA+ communities
Categories: Personal The internet is great for bringing people together, but it can also be a nasty place. Here are some tips to help keep you as safe as possible online. (Read more…) The post Online safety tips for LGBTQIA+…
Spyware app LetMeSpy hacked, tracked user data posted online
Categories: News Categories: Personal Stalkerware-type app LetMeSpy has been hacked, with the attacker taking user data with it, the service has announced. (Read more…) The post Spyware app LetMeSpy hacked, tracked user data posted online appeared first on Malwarebytes Labs.…
“Free” Evil Dead Rise movie scam lurks in Amazon listings
Categories: Personal Tags: evil dead Tags: evil dead rise Tags: fake Tags: scam Tags: podcast Tags: movie Tags: download Tags: stream Tags: audible Tags: amazon music Tags: bruce Campbell Tags: sam ramai Tags: lily Sullivan Tags: Alyssa Sutherland Tags: lee…
New technique can defeat voice authentication “after only six tries”
Categories: Personal Tags: audio Tags: edit Tags: editing Tags: tags Tags: fake Tags: deepfake Tags: patterns Tags: vocal recognition Tags: voice recognition Tags: AI Tags: authenticate Tags: authentication We take a look at research which claims a way to bypass…
A proxyjacking campaign is looking for vulnerable SSH servers
Categories: Cybercrime Categories: News Tags: proxyjacking Tags: cryptojacking Tags: curl Tags: Docker Tags: proxy service Tags: compromised Proxyjacking is a cybercrime where your bandwidth is sold by criminals. (Read more…) The post A proxyjacking campaign is looking for vulnerable SSH…
Top contenders in Endpoint Security revealed: G2 Summer 2023 results
Categories: Business #1 in Endpoint Protection, #1 ROI for Endpoint Management, #1 for EDR implementation. (Read more…) The post Top contenders in Endpoint Security revealed: G2 Summer 2023 results appeared first on Malwarebytes Labs. This article has been indexed from…
Surveillance camera insecurities argument comes to one inevitable conclusion: Always update
Categories: Business Tags: camera Tags: CCTV Tags: surveillance Tags: council Tags: organisation Tags: government Tags: local Tags: china Tags: vulnerability Tags: flaw Tags: fix Tags: patch Tags: update We take a look at a debate over who is responsible for…
Why blocking ads is good for your digital health
Categories: Personal Tags: ad Tags: advert Tags: block Tags: blocking Tags: advertising Tags: blocker Tags: ad block Tags: tracking Tags: cookies Tags: analytics Tags: affiliate Tags: adware Tags: IoT We take a look at why blocking adverts and tracking is…
Criminal secure messaging system takedown: 6500+ arrests and €900 million+ seized
Categories: News Tags: EncroChat Tags: Sky ECC Tags: AN0M Tags: organized crime Europol has published the results of an infiltration operation on EncroChat, a secure communications system set up by and for criminals. (Read more…) The post Criminal secure messaging…
SupremeBot and Mario cross the finish line together
Categories: News Tags: Mario Tags: SupremBot Tags: XMR miner Tags: cryptominers Tags: mining client Tags: scheduled task Tags: C2 Download your games from trusted sources or you may get more than you bargained for… (Read more…) The post SupremeBot and…
81% concerned about ChatGPT security and safety risks, Malwarebytes survey shows
Categories: News ChatGPT may have already hit its public perception wall, according to a Malwarebytes survey that showed high levels of distrust and concern in the tool’s trustworthiness and safety. (Read more…) The post 81% concerned about ChatGPT security and…
Software company accused of illegally profiling millions of mobile phone users
Categories: News Categories: Personal Categories: Privacy Tags: BICS Tags: Proximus Tags: TeleSign Tags: TikTok Tags: trust score Tags: data A digital rights and privacy organization has filed a complaint against software company TeleSign for gathering and selling information on millions…
Company finds lost SSD—and confidential data—for sale on eBay
Categories: Business Tags: theft Tags: crime Tags: workplace Tags: steal Tags: data Tags: hard drive Tags: equipment Tags: peripherals Tags: inventory Tags: audit Tags: security Tags: pass Tags: ID Tags: CCTV Major software company SAP is putting the pieces of…
Understanding ransomware reinfection: An MDR case study
Categories: Business Ransomware is like that stubborn cold that you thought you kicked, but creeps back up determined to run amok again. (Read more…) The post Understanding ransomware reinfection: An MDR case study appeared first on Malwarebytes Labs. This article…
A week in security (June 19 – 25)
Categories: News Tags: week Tags: security A list of topics we covered in the week of June 19 to June 25 of 2023 (Read more…) The post A week in security (June 19 – 25) appeared first on Malwarebytes Labs.…
OpenSSH trojan campaign targets Linux systems and IoT devices
Categories: News Tags: IoT Tags: Linux Tags: OpenSSH Tags: trojan Tags: botnet Tags: IRC Tags: attack Tags: compromise Poorly configured Linux and Internet of Things (IoT) devices are at risk of compromise from a cryptojacking campaign. (Read more…) The post…
Malvertising: A stealthy precursor to infostealers and ransomware attacks
Categories: Business Malvertising, the practice of using online ads to spread malware, can have dire consequences—and the problem only seems to be growing. (Read more…) The post Malvertising: A stealthy precursor to infostealers and ransomware attacks appeared first on Malwarebytes…
9 basic security tips for seniors
Categories: News Categories: Personal Tags: seniors Tags: basic secuirty tips Tags: personal information Tags: too good to be true Tags: infected computer Tags: system optimizers Tags: web push notifications Tags: green padlock Tags: password manager Help the people around you…
5 facts to know about the Royal ransomware gang
Categories: Business A quick look the cybercriminal group known as Royal—one of the fastest growing ransomware gangs today. (Read more…) The post 5 facts to know about the Royal ransomware gang appeared first on Malwarebytes Labs. This article has been…
Microsoft Azure AD flaw can lead to account takeover
Categories: Exploits and vulnerabilities Categories: News Tags: OAuth Tags: nOAuth Tags: IdP Tags: Azure Tags: Microsoft Tags: login with Researchers have found a flaw in Microsoft Azure AD which they claim can be used to take over accounts that rely…
6 tips for a cybersecure honeymoon
Categories: Personal Your big day is over, but while you’re relaxing on honeymoon you don’t want to get distracted by security problems. So, we rounded up some quick tips to keep your devices safe. (Read more…) The post 6 tips…
Reducing your attack surface is more effective than playing patch-a-mole
Categories: News Tags: CISA Tags: BOD 23-02 Tags: Internet exposed Tags: management interfaces Tags: vulnerabilities Tags: CVE-2023-27992 Tags: CVE-2023-20887 There is a lot to be said for the strategy of shielding management interfaces from public internet access (Read more…) The…
Update now! Apple fixes three actively exploited vulnerabilities
Categories: Apple Categories: Exploits and vulnerabilities Categories: News Tags: Apple Tags: kernel webkit Tags: CVE-2023-32434 Tags: CVE-2023-32435 Tags: CVE-2023-32439 Tags: type confusion Tags: integer overflow Tags: operation triangulation Apple has released security updates for several products to address a set…