Tag: Malwarebytes Labs

Categories: Business AV-TEST, a leading independent tester of cybersecurity solutions, has just ranked Malwarebytes as a Top Product for consumers and businesses for the fifth quarter in a row. (Read more…) The post Malwarebytes earns AV-TEST Top Product awards for…

Read more →

Categories: Threat Intelligence Our Threat Intelligence team looks at known ransomware attacks by gang, country, and industry sector in December 2022, and looks at why LockBit had to make a public apology (Read more…) The post Ransomware in December 2022…

Read more →

Categories: Personal Tags: cybersecurity 101 Tags: online privacy 101 Are you smarter than a five-year-old? When it comes to online security and privacy, you should be. (Read more…) The post Cybersecurity and privacy tips you can teach your 5+-year-old appeared…

Read more →

Categories: Business Categories: News Many have been calling attention to supply chain attacks for years. Is your business ready to listen? (Read more…) The post How to protect your business from supply chain attacks appeared first on Malwarebytes Labs. This…

Read more →

Categories: News Tags: JD Sports Tags: data breach Tags: stolen Tags: unauthorised Tags: access Tags: data Tags: customers Tags: phish Tags: social engineering We take a look at JD Sports revealing a breach which took place between 2018 and 2020,…

Read more →

Categories: News Tags: GitHub Tags: Atom Tags: Desktop for Mac Tags: Apple Developer ID Tags: certificates Tags: Digicert Tags: sunset After an unauthorized access incident, GitHub will revoke three certificates which will affect users of Atom and GitHub Desktop for…

Read more →

Categories: Business AV-TEST, a leading independent tester of cybersecurity solutions, has just ranked Malwarebytes as a Top Product for consumers and businesses for the fifth quarter in a row. (Read more…) The post Malwarebytes earns AV-TEST Top Product awards for…

Read more →

Categories: News Tags: Data wipers Tags: Sandworm Tags: Ukraine Tags: Ukrinform CERT-UA says the Russian Sandworm group deployed data wipers against Ukrinform, Ukraine’s national news agency. (Read more…) The post New data wipers deployed against Ukraine appeared first on Malwarebytes…

Read more →

Categories: News Tags: sponsored ads Tags: top results Tags: ad rank Tags: password manager Tags: 1password Our reserachers found a more direct way to go after your password by using Google sponsored ads campaigns (Read more…) The post Google sponsored…

Read more →

Categories: News Tags: dark patterns Tags: CPC Tags: EC Tags: web shops Tags: countdown timers Tags: hidden information Tags: subscriptions An investigation into 399 web shops by the European Commission and its partners found almost 40% of them using one…

Read more →

Categories: Podcast This week on Lock and Code, we speak with MIT Technology Review reporter Eileen Guo about how an image of a woman on a toilet—captured by a smart vacuum—ended up on Facebook. (Read more…) The post A private…

Read more →

Categories: News Tags: wordpress Tags: learnpress Tags: vulnerability Tags: SQL Tags: injection Tags: update Tags: fix Tags: plugin Tags: patch We take a look at reports of a WordPress plugin issue. It’s been fixed, but you may need to update!…

Read more →

Categories: News Tags: Riot Games Tags: 2K Games Tags: Rockstar Games Tags: social engineering Tags: phishing The Riot Games breach saga continues. (Read more…) The post Riot Games refuses to pay ransom to avoid League of Legends leak appeared first…

Read more →

Categories: Android Categories: Threat Intelligence Find out why one of our Android experts has been obsessing over a little black box from Amazon. (Read more…) The post Analyzing and remediating a malware infested T95 TV box from Amazon appeared first…

Read more →

Categories: News Categories: Ransomware Tags: DoJ Tags: FBI Tags: Europol Tags: HIve Tags: ransomware Tags: RDP Tags: Patch management Tags: Vulnerability Tags: phishing The DoJ, FBI, and Europol have released details about a months-long international disruption campaign against the Hive…

Read more →

In 2022, privacy was upended for millions of people. Here are the biggest stories from last year. (Read more…) The post What happened in privacy in 2022 appeared first on Malwarebytes Labs. This article has been indexed from Malwarebytes Labs…

Read more →

Categories: News Tags: duolingo Tags: data Tags: scraped Tags: API Tags: forum Tags: sale Tags: selling Tags: post Tags: user Tags: account Tags: info We take a look at claims of large amounts of DuoLingo user data up for sale,…

Read more →

Categories: Personal The Internet is kind of like the Wild West when it comes to threats to our privacy and security. But Malwarebytes can help you become the sheriff of your own digital frontier. (Read more…) The post 3 ways…

Read more →

Categories: News Tags: WhatsApp Tags: Zuk Tags: @ihackbanme Tags: voicemail attack Tags: WhatsApp hack There’s an easy way to protect yourself. Here’s how. (Read more…) The post WhatsApp hijackers take over your account while you sleep appeared first on Malwarebytes…

Read more →

Categories: Business Categories: News Tags: K-12 Tags: CISA Tags: NIST Tags: CSF Tags: CPG CISA’s released a report with recommendations on how to safeguard K–12 organizations from cybersecurity threats. (Read more…) The post CISA releases advice on how to safeguard…

Read more →

Categories: Business In this article, we’ll arm you with five facts about Vice Society so you can get the upper-hand against this persistent education sector threat. (Read more…) The post 5 facts about Vice Society, the ransomware group wreaking havoc…

Read more →

Categories: News Tags: GTAV Tags: grand theft auto 5 Tags: game Tags: gaming Tags: rockstar Tags: exploit Tags: corruption Tags: profile Tags: data We take a look at reports of players having their GTAV data corrupted by exploiters. (Read more…)…

Read more →

Categories: News Categories: Privacy Tags: Social media Tags: privacy Tags: policies Tags: fines Tags: legislation Tags: scraping Tags: advertising Social media platforms are making a lot of money with targeted advertising. To improve the targeting, they want us much of…

Read more →

Categories: News Tags: fish Tags: video game Tags: stream Tags: credit card Tags: pokemon We take a look at an incredible tale of a fish who wouldn’t stop until it made a credit card purchase while streaming a video game.…

Read more →

Categories: Business We asked 250 schools and hospitals about their mobile security posture, including Chromebooks. Here’s what we found out. (Read more…) The post Key takeaways from Malwarebytes 2023 State of Mobile Cybersecurity appeared first on Malwarebytes Labs. This article…

Read more →

Categories: News Tags: Riot Games Tags: valorant Tags: league of legends Tags: compromise Tags: development Tags: patch Tags: patching Tags: update Riot Games has revealed that it has been compromised after a social engineering attack. (Read more…) The post Riot…

Read more →

Categories: News Categories: Privacy For this year’s Data Privacy Day (and Data Privacy Week), we’re offering the most convenient advantages and benefits of privacy. (Read more…) The post What privacy can get you appeared first on Malwarebytes Labs. This article…

Read more →

Categories: Apple Categories: News Tags: VASTFLUX Tags: HUMAN Tags: fast flux Tags: VAST Tags: Matryoshka Tags: JavaScript Tags: JS Tags: iOS Tags: ad fraud Tags: malvertising Tags: Video Ad Serving Template Tags: VAST Tags: command-and-control Tags: C2 An evasive ad…

Read more →

Categories: Apple Categories: Exploits and vulnerabilities Categories: News Tags: iOS 12.5.7 Tags: CVE-2022-42856 Tags: type confusion Tags: WebKit Apple has now released security content for iOS 12.5.7 which includes a patch for an actively exploited vulnerability in WebKit and many…

Read more →

Categories: News Tags: Google Tags: Rust Tags: Chromium Tags: Mailchimp Tags: SweepWizard Tags: bossware Tags: TikTok Tags: surveillance firm Tags: Voyager Labs Tags: TracketPacer Tags: Facebook Tags: Instagram Tags: Vice Society Tags: Liquor Control Board of Ontario Tags: Zoho ManageEngine…

Read more →

Categories: News Tags: T-Mobile Tags: 37 million Tags: data breach Tags: k-8 T-Mobile has disclosed that an attacker was able to obtain the information of approximately 37 million US customers. (Read more…) The post T-Mobile reports data theft of 37…

Read more →

Categories: News Categories: Ransomware Tags: ransomware Tags: revenue Tags: attacks Tags: negotiators Tags: back-ups Tags: restore Tags: Continental According to blockchain data platform Chainanalysis, ransomware revenue plummeted significantly in 2022 due to a growing unwillingness to pay. (Read more…) The…

Read more →

Categories: News Tags: windows 10 Tags: windows 11 Tags: microsoft Tags: license Tags: sale Tags: third party Tags: desktop Tags: upgrade Tags: hardware We take a look at reports that Microsoft will shortly be ending the direct sale of Windows…

Read more →

Categories: News Categories: Privacy Tags: TikTok Tags: Shou Zi Chew Tags: Thierry Breton Tags: EU Commissioner Tags: Digital Markets Act Tags: DMA Tags: Digital Services Act Tags: DSA Tags: Vera Jourova Tags: Caroline Greer Tags: GDPR Tags: General Data Protection…

Read more →

Categories: News Categories: Privacy Tags: Privacy Tags: browser Tags: VPN Tags: BrowserGuard For every level of privacy awareness, there are layers you can use to protect yourself. Here are four suggestions. (Read more…) The post 4 ways to protect your…

Read more →

Categories: News Categories: Ransomware Tags: Cryptocurrency exchange Tags: Bitzlato Tags: Conti Tags: ransomware Tags: Hydra Tags: dark web marketplace The China-based cryptocurrency exchange Bitzlato is accused of processing over $700 million of illicit funds. (Read more…) The post Ransomware money…

Read more →

Categories: News Tags: new york Tags: card fraud Tags: credit card Tags: US Tags: credit cards We take a look at a New York based credit card fraud group, and see how the justice system is slowly taking it to…

Read more →

Categories: News Tags: Mailchimp Tags: social engineering Tags: targete attack Email marketing provider Mailchimp has been breached again, nine months after it was compromised last year. (Read more…) The post Mailchimp breach feels like deja vu appeared first on Malwarebytes…

Read more →

Categories: News Tags: google Tags: ads Tags: advert Tags: paid Tags: sponsored Tags: result Tags: listing Tags: rogue Tags: malware Tags: NFT Tags: phish Tags: phishing Tags: data theft Tags: infostealer We take a look at a flurry of reports…

Read more →

Categories: News Tags: LastPass Tags: breach Tags: cryptocurrency Tags: unencrypted data Tags: vault Tags: secret key Tags: lawsuit Experts are warning LastPass users to move their crypto funds since there are plenty of indications that the breach is actively being…

Read more →

CVE-2022-23521 and CVE-2022-41903 are critical flaws present in Git’s code. Thankfully, they’ve been addressed in its latest version. (Read more…) The post Update now! Two critical flaws in Git’s code found, patched appeared first on Malwarebytes Labs. This article has…

Read more →

Categories: News Tags: AWIS Tags: weekly blog roundup Tags: week in security Tags: Slack Tags: GitHub Tags: Magecart Tags: Microsoft Tags: Pokemon NFT Tags: Facebook Tags: Instagram Tags: Snapchat Tags: TikTok Tags: YouTube Tags: Google Tags: Meta Tags: identity theft…

Read more →

CircleCI, a big name in the DevOps space, has released an incident report about a data breach it experienced early this month. (Read more…) The post CircleCI: Malware stole GitHub OAuth keys, bypassing 2FA appeared first on Malwarebytes Labs. This…

Read more →

LCBO account holders are under advice to schange their passwords and monitor their credit card statements after a web skimmer was found on the webiste (Read more…) The post Web skimmer found on website of Liquor Control Board of Ontario…

Read more →

Categories: News Tags: vice society Tags: ransomware Tags: university Tags: leak Tags: data Tags: locked Tags: encrypted Tags: We take a look at the devastating impact of a ransomware attack on a University which includes leaks and network destruction. (Read…

Read more →

Categories: Exploits and vulnerabilities Categories: News Tags: Zoho Tags: ManageEngine Tags: PoC Tags: RCE Tags: CVE-2022-47966 Tags: CVE-2022-35405 Tags: SAML Tags: Apache Santuario Proof of Concept code is about to be released for a vulnerability in many ManageEngine products which…

Read more →

Categories: News Tags: Google Tags: Chromium Tags: Rust Tags: memory safety Tags: rule of two Google has announced that it will support the use of third-party Rust libraries in Chromium which is a step forward in memory safety for the…

Read more →

Categories: News Tags: Erik McCauley Tags: SweetWizard Tags: law enforcement app Tags: ODIN Intelligence Tags: Wired SweepWizard, an app designed to assist law enforcement is causing a bit of trouble, was found inadvertently leaking sweeping data for years. (Read more…)…

Read more →

Categories: News Tags: Karlee Besse Tags: Reach CPA Tags: time theft Tags: bossware Tags: TimeCamp Tags: Court Order Interest Act Tags: COIA Tags: Civil Resolution Tribunal Tags: CRT Bossware helped an employer fire an accountant for not working during work…

Read more →

Categories: News Tags: tiktok Tags: fine Tags: cookie Tags: consent Tags: opt out Tags: France Tags: CNIL We take a look at the latest fine hitting a social media network, this time over the issue of cookie consent. (Read more…)…

Read more →

Categories: News Tags: Voyager Labs Tags: Facebook Tags: Instagram Tags: Meta Tags: surveillance tool Tags: data scraping Voyager Labs, a surveillance firm, allegedly created thousands of Facebook and Instagram accounts so it could use its scraping tool to steal data.…

Read more →

Categories: Podcast This week on Lock and Code, we speak with Lexie Cooper, the owner behind the TikTok account TrackerPacer, about the vitriol she faced online after talking about the gender gap in technology. (Read more…) The post Fighting technology’s…

Read more →

Categories: News Tags: ransomware Tags: high society Tags: compromise Tags: school Tags: schools Tags: learning Tags: documents Tags: data Tags: leak We take a look at reports of 14 schools being compromised by ransomware group Vice Society. (Read more…) The…

Read more →

Categories: News Categories: Ransomware Tags: Lorenz Tags: ransomware Tags: CVE-2022-29499 Tags: Mitel Tags: backdoor Tags: web shell A recent case-study showed once again that timely patching is important, but it’s not a silver bullet for stopping ransomware. (Read more…) The…

Read more →

Categories: Personal The Internet is kind of like the Wild West when it comes to threats to our privacy and security. But Malwarebytes can help you become the sheriff of your own digital frontier. (Read more…) The post 3 ways…

Read more →

Categories: News Tags: US department of the interior Tags: password Tags: hashes Tags: cracking Tags: requirements Tags: MFA A recent audit cracked 21 percent of the department’s passwords. (Read more…) The post US Department of the Interior’s passwords “easily cracked”…

Read more →

Categories: Exploits and vulnerabilities Categories: News Tags: patch Tuesday Tags: CVE-2023-21674 Tags: APLC Tags: CVE-2023-21743 Tags: Sharepoint Tags: CVE-2023-21563 Tags: BitLocker The second Tuesday of the year brings us many updates, including one for an actively exploited vulnerability that could…

Read more →

Categories: News Tags: Pegasus Tags: spyware Tags: Pegasus spyware Tags: NSO Group Tags: NSO Tags: Apple Tags: WhatsApp Tags: Meta Tags: Foreign Sovereign Immunity Act The US Supreme Court essentially gave Meta’s WhatsApp the go ahead to pursue their case…

Read more →

Categories: News Tags: Experian Tags: credit reports Tags: freeze Identity thieves were aware of a method to access full credit reports at Experian using just your social security number and some basic information. (Read more…) The post Identity thieves bypass…

Read more →

Categories: News Categories: Ransomware Tags: Maternal and Family Health Services Tags: MFHS A US health and human services organization recently revealed it was a victim of a ransomware attack that likely happened between August 2021 and April 2022. (Read more…)…

Read more →

Categories: Business Over the years, cyberattacks on K-12 schools and districts have steadily increased and in 2022 that trend only continued. In this post, we’ll look at the 5 must-haves for K-12 cybersecurity. (Read more…) The post 5 must-haves for…

Read more →

Categories: News Tags: royal mail Tags: cyber attack Tags: post Tags: disruption We take a look at reports that Royal Mail is experiencing severe issues due to an unnamed cyberattack. (Read more…) The post Cyberattack halts Royal Mail’s overseas post…

Read more →

Categories: News Tags: open redirect Tags: UKGOV Tags: website Tags: fix Tags: onlyfans Tags: porn Tags: pornography Tags: dating Tags: cheating Tags: phishing We take a look at reports an open redirect on a UKGOV site which took a little…

Read more →

Categories: Business If 2022 was any indication, businesses are about to face an unprecedented volume, frequency, and sophistication of cyberthreats in 2023. Malwarebytes CEO Marcin Kleczynski takes a look at how, as an industry, we can preemptively address these risks.…

Read more →

Categories: News Tags: Windows 7 end of ESU Tags: Extended Security Updates Tags: ESU Tags: Microsoft ESU Tags: ESU program Tags: WIndows 8.1 Tags: Windows Server 2008/R2 Tags: NVIDIA Tags: Google Chrome Tags: Chrome Microsoft will cease supporting Windows 7…

Read more →

Categories: News Tags: pokemon Tags: NFT Tags: scam Tags: fake Tags: malware Tags: remote connection Tags: card game We take a look at reports of a set of fake Pokemon sites offering up a bogus NFT card game which actually…

Read more →

Categories: News Tags: polite WiFi Tags: WiPeep Tags: triangulation Tags: battery drain Researchers have found that the WiFi protocol is a bit too polite when acknowledging received packets from outside the own network. (Read more…) The post Polite WiFi loophole…

Read more →

Categories: News Tags: Facebook Tags: Instagram Tags: Snapchat Tags: TikTok Tags: YouTube Tags: Section 230 Tags: Seattle Public School Tags: SPS Tags: Meta Tags: Alphabet Tags: Snap Tags: ByteDance A whole school district in Seattle is suing social media giants…

Read more →

Categories: News Tags: Lock and Code S04E01 Tags: LastPass breach Tags: Okta breach Tags: VPN Tags: Synology Tags: fake Flipper Zero Tags: cyber insurance Tags: WordPress plugin Tags: Twitter data dump Tags: Twitter The most interesting security related news from…

Read more →

Categories: News Tags: Slack Tags: GitHub Tags: data breach Tags: Slack breach Tags: compromised tokens Stolen employee tokens gave an attacker access to Slack’s private code repositories. (Read more…) The post Slack private code on GitHub stolen appeared first on…

Read more →

Categories: News Tags: adult content Tags: verification Tags: porn sites Tags: data breach Tags: enforcement Tags: privacy Tags: VPN The state of Louisiana has introduced age verification for pornographic websites—will it work? (Read more…) The post Louisiana wants your ID…

Read more →

Categories: Threat Intelligence One criminal scheme often leads to another. This blog digs into a credit card skimmer and its ties with other malicious services. (Read more…) The post Crypto-inspired Magecart skimmer surfaces via digital crime haven appeared first on…

Read more →

Categories: News Tags: car Tags: vehicle Tags: exploit Tags: single sign on Tags: vulnerable Tags: kia Tags: honda Tags: infiniti Tags: nissan Tags: acura Tags: mercedes-benz Tags: hyundai Tags: genesis Tags: bmw Tags: rolls royce Tags: ferrari Tags: spireon Tags:…

Read more →

Categories: News Tags: WordPress Tags: exploit Tags: vulnerability Tags: plugin Tags: theme Tags: update Tags: linux malware Tags: backdoor It’s time to check your website is up to date. (Read more…) The post Malware targets 30 unpatched WordPress plugins appeared…

Read more →

Categories: News Categories: Ransomware Tags: LockBit Tags: LockBit ransomware Tags: ransomware Tags: Housing Authority of the City of Los Angeles Tags: HACLA Tags: opportunistic attack In an incident still under investigation, the Housing Authority of the City of Los Angeles…

Read more →

Categories: News Tags: Twitter leak Bottom line: The threats of sensitive and relevant online data collected and made available to the public is real and ever-present. (Read more…) The post New Twitter data dump is a cleaned up version of…

Read more →

Categories: Android Categories: News Tags: 2023-01-01 Tags: 2023-01-05 Tags: Google Tags: Android Tags: CVE-2022-42719 Tags: CVE-2022-42720 Tags: CVE-2022-42721 Tags: mac80211 Tags: CVE-2022-41674 Tags: Qualcomm Tags: CVE-2022-22088 Google has published its first security bulletin of 2023 with details of vulnerabilities affecting…

Read more →

Categories: News Tags: flipper zero Tags: fake Tags: scam Tags: phish Tags: portal Tags: social media Tags: twitter Tags: shop Tags: sale Tags: sold out Tags: pentest Tags: pentesting Tags: hardware Tags: enthusiast Tags: technology We take a look at…

Read more →

Categories: News Tags: EMOI Services Tags: Owners Insurance Co Tags: Supreme Court of Ohio Tags: K. James Sullivan Tags: direct physical loss The Supreme Court of Ohio issued a ruling days before the New Year that software and service provider…

Read more →

Categories: News Tags: FBI Tags: ad Tags: ads Tags: advert Tags: paid Tags: sponsored Tags: search engine Tags: results Tags: fake Tags: download Tags: phish Tags: phishing Tags: malware The FBI has issued a warning about criminals impersonating brands in…

Read more →

Categories: Exploits and vulnerabilities Categories: News Tags: Synology Tags: VPL Plus Server Tags: CVE-2022-43931 Tags: out-of-bounds write Synology has patched a critical vulnerability in the Remote Desktop feature of VPN Plus Server (Read more…) The post Update VPN Plus Server…

Read more →

Categories: Podcast This week on Lock and Code, we talk about we technology no longer excites the public, and whether that’s because of worse products, or worse promises. (Read more…) The post Why does technology no longer excite us? Lock…

Read more →

Categories: News Tags: LastPass Tags: security Tags: incident Tags: update Tags: notice Tags: unencrypted data Tags: password manager LastPass has posted an update to the August security incident that raises some questions about stolen unencrypted data (Read more…) The post…

Read more →

Categories: News Tags: Okta Tags: GitHub Tags: Auth0 Okta’s code repository on GitHub has been accessed by an unauthorized third party, but there’s no reason for customers to worry (Read more…) The post Okta breached last month, no customers compromised…

Read more →