Read the original article: How ransomware gangs are connected, sharing resources and tactics New research by Analyst1 sheds light on the cooperation b […]Content was cut in order to protect the source.Please visit the source for the rest of the…
Category: Malwarebytes Labs
How bitcoin payments unmasked a man who hired a Dark Web contract killer
Read the original article: How bitcoin payments unmasked a man who hired a Dark Web contract killer Bitcoin isn’t anonymous and the Dark Web isn’t as dark […]Content was cut in order to protect the source.Please visit the source for…
Beating security fatigue with Troy Hunt, Chloé Messdaghi, and Tanya Janca: Lock and Code S02E06
Read the original article: Beating security fatigue with Troy Hunt, Chloé Messdaghi, and Tanya Janca: Lock and Code S02E06 This week […]Content was cut in order to protect the source.Please visit the source for the rest of the article. Read…
Millions of Chrome users quietly added to Google’s FLoC pilot
Read the original article: Millions of Chrome users quietly added to Google’s FLoC pilot Google promised that its third-party cookie replacement—calle […]Content was cut in order to protect the source.Please visit the source for the rest of the article. Read…
Cryptomining containers caught coining cryptocurrency covertly
Read the original article: Cryptomining containers caught coining cryptocurrency covertly Research has uncovered 30 compromised images in 10 different Docker Hub acc […]Content was cut in order to protect the source.Please visit the source for the rest of the article.…
Zoom zero-day discovery makes calls safer, hackers $200,000 richer
Read the original article: Zoom zero-day discovery makes calls safer, hackers $200,000 richer White hat hackers have demonstrated a Remote Code Execution attack against Zoom at the Pwn2Own event. Categories: Exploits and vulnerabilities Tags: pwn2ownrceWFHwhite hatwhite hatszoom (Read more…) The…
Fake Trezor app steals more than $1 million worth of crypto coins
Read the original article: Fake Trezor app steals more than $1 million worth of crypto coins Several users of Trezor, a small hardware device that acts as a cryptocurrency wallet, have lost fortunes after being duped by a phishing app.…
SAP warns of malicious activity targeting unpatched systems
Read the original article: SAP warns of malicious activity targeting unpatched systems A jointly-released report from Onapsis and SAP has warned that cybercriminals are taking advantage of a failure to patch. Categories: Exploits and vulnerabilities Tags: patchingreportsapsecurityupdatesvulnerabilities (Read more…) The…
Fake Trezor app steals more that $1 million worth of crypto coins
Read the original article: Fake Trezor app steals more that $1 million worth of crypto coins Several users of Trezor, a small hardware device that acts as a cryptocurrency wallet, have lost fortunes after being duped by a phishing app.…
Pre-installed auto installer threat found on Android mobile devices in Germany
Read the original article: Pre-installed auto installer threat found on Android mobile devices in Germany Gigaset mobile devices contain an Update app which is a pre-installed system app infected with Android/PUP.Riskware.Autoins.Redstone. Categories: Android Tags: AndroidAndroid/PUP.Riskware.Autoins.RedstoneAndroid/Trojan.Downloader.Agent.WAGDcom.redstone.ota.uiGigasetmobile malwarepre-installed mobile malware (Read more…)…
Aurora campaign: Attacking Azerbaijan using multiple RATs
Read the original article: Aurora campaign: Attacking Azerbaijan using multiple RATs We identified a new Python-based RAT targeting Azerbaijan from the same threat actor we profiled a month ago. Categories: MalwareThreat analysis Tags: Armeniaazerbaijanpythonrat (Read more…) The post Aurora campaign:…
Has Facebook leaked your phone number?
Read the original article: Has Facebook leaked your phone number? A giant collection of personal information from an old Facebook data leak has emerged. Find out why it matters and what you can do about it. Categories: PrivacySocial engineering Tags:…
Research claims Google Pixel phones share 20 times more data than iPhones
Read the original article: Research claims Google Pixel phones share 20 times more data than iPhones Researchers have tested the amount of telemetry data that Android and iPhone handhelds send home. The results may surprise you. Categories: Malwarebytes news Tags:…
A week in security (March 29 – April 4)
Read the original article: A week in security (March 29 – April 4) A roundup of the previous week’s security news, from March 29 to April 4. Categories: A week in security Tags: "i accidentally reported you""i accidentally reported you"…
Android “System Update” malware steals photos, videos, GPS location
Read the original article: Android “System Update” malware steals photos, videos, GPS location A new Android malware can swipe images and video, rifle through online searches, and record phone calls and video. But is it stalkerware? Categories: MobileStalkerware Tags: Android/Trojan.Spy.FakeSysUpdatedomestic…
Relax. Internet password books are OK
Read the original article: Relax. Internet password books are OK There, we’ve said it: In an imperfect world, Internet password books can help. Categories: Privacy Tags: bookpassword managementpassword managerprivacysecuritythreat model (Read more…) The post Relax. Internet password books are OK…
The npm netmask vulnerability explained so you can actually understand it
Read the original article: The npm netmask vulnerability explained so you can actually understand it A vulnerability in the popular npm netmask library has caused a lot of discussion and confusion. Let’s try to make it simple. Categories: Exploits and…
PYSA, the ransomware attacking schools
Read the original article: PYSA, the ransomware attacking schools PYSA is big game ransomware that’s been used in targeted attacks against large private organizations, healthcare, and most recently, the education sector. Categories: RansomwareThreat spotlight Tags: CERT FranceCERT-FReducation cybersecurityLondon Hackney CouncilMespinoza…
Malicious commits found in PHP code repository: What you need to know
Read the original article: Malicious commits found in PHP code repository: What you need to know The PHP Git repository compromise is in the news. We break it down for you, and tell you what you need to know. Categories:…
The one reason your iPhone needs a VPN
Read the original article: The one reason your iPhone needs a VPN If there’s one reason users need to use a VPN with their iPhones, it’s this: A VPN can protect you where Apple cannot. Categories: Privacy Tags: AppleiPhonevirtual private…
5G slicing vulnerability could be used in DoS attacks
Read the original article: 5G slicing vulnerability could be used in DoS attacks Researchers have found a vulnerability in the architecture of 5G network slicing, but what does that mean for consumers? Categories: Malwarebytes news Tags: 5G5g slicingadaptivemobilemobile operatorsecurity (Read…
Steam users: Don’t fall for the “I accidentally reported you” scam
Read the original article: Steam users: Don’t fall for the “I accidentally reported you” scam Out of the blue, a Steam user tells you they’ve reported you for something you didn’t do, and your account is being suspended… Categories: Scams…
Why you need to trust your VPN: Lock and Code S02E05
Read the original article: Why you need to trust your VPN: Lock and Code S02E05 This week on Lock and Code, we speak to Malwarebytes senior security researcher JP Taggart about why you need to trust your VPN. Categories: Podcast…
Don’t post it! Six social media safety sins to say goodbye to
Read the original article: Don’t post it! Six social media safety sins to say goodbye to Read more…) The post Don’t post it! Six social media safety sins to say goodbye to appeared first on Malwarebytes Labs. Become a…
Perkiler malware turns to SMB brute force to spread
Read the original article: Perkiler malware turns to SMB brute force to spread Perkiler is now using SMB brute force attacks to spread. Which is not a new concept, but why attack SMB instead of RDP? Categories: Trojans Tags: brute…
Slack hurries to fix direct message flaw that allowed harassment
Read the original article: Slack hurries to fix direct message flaw that allowed harassment Slack quickly reversed course yesterday, promising to revise a brand-new direct message feature that could have been misused for harassment. Categories: Security world Tags: abuseDirect MessageharassmentSlackSlack…
Software renewal scammers unmasked
Read the original article: Software renewal scammers unmasked In our latest investigation we unmask a group of scammers behind the software renewal phishing campaign. Categories: CybercrimeSocial engineering Tags: renewalscamtech support (Read more…) The post Software renewal scammers unmasked appeared first…
When contractors attack: two years in jail for vengeful IT admin
Read the original article: When contractors attack: two years in jail for vengeful IT admin An IT contractor has been handed a two year jail term after he deleted over 80% of his client’s Microsoft Office 365 accounts. Categories: Awareness…
When contractors attack: two years jail for vengeful IT admin
Read the original article: When contractors attack: two years jail for vengeful IT admin An IT contractor has been handed a two year jail term after he deleted over 80% of his client’s Microsoft Office 365 accounts. Categories: Awareness Tags:…
The human impact of a Royal Mail phishing scam
Read the original article: The human impact of a Royal Mail phishing scam We look at the impact of a Royal Mail phishing scam as described by the victim, caught out not once but twice by the scammers. Categories: Scams…
Safe Connections Act could help domestic abuse survivors take control of their digital lives
Read the original article: Safe Connections Act could help domestic abuse survivors take control of their digital lives The Safe Connections Act could help domestic abuse and sex trafficking survivors—including those tracked by stalkerware-type applications. Categories: GovernmentStalkerware Tags: FCCSafe Connections…
How to enable Facebook’s hardware key authentication for iOS and Android
Read the original article: How to enable Facebook’s hardware key authentication for iOS and Android Read more…) The post How to enable Facebook’s hardware key authentication for iOS and Android appeared first on Malwarebytes Labs. Become a supporter of…
Report goes “behind enemy lines” to reveal SilverFish cyber-espionage group
Read the original article: Report goes “behind enemy lines” to reveal SilverFish cyber-espionage group PRODRAFT researchers have uncovered a sophisticated cyber-espionage group with links to SolarWinds and EvilCorps. Categories: Reports Tags: cobalt strikedomain frontingempireevil corpevilcorpKoadicmimikatzpowerploitprodaftsandboxsarasotasilverfishsolarwindstrickbotwastedlockerwordpress (Read more…) The post Report…
A week in security (March 15 – 21)
Read the original article: A week in security (March 15 – 21) A roundup of the previous week’s news, from March 15 to March 21. Categories: A week in security Tags: a week in securityfakemalwarephishingpodcastsecuritysecurity round upsocial mediatwitter (Read more…)…
Resident Evil 8 just the latest game plagued by fake demos and early access scams
Read the original article: Resident Evil 8 just the latest game plagued by fake demos and early access scams We look at the rise in video game scams promising early access to upcoming titles, but delivering nothing but phishing and…
Report reveals the staggering scale of Business Email Compromise losses
Read the original article: Report reveals the staggering scale of Business Email Compromise losses A new report from the Internet Crime Complaint Center (IC3), shows that businesses lost $1.8 billion to BEC scams in 2020. Categories: Business Tags: becBusiness Email…
NFTs explained: daylight robbery on the blockchain
Read the original article: NFTs explained: daylight robbery on the blockchain NFTs are a certificate of ownership protected by blockchain technology. So how come they did they get stolen? Categories: Explained Tags: blockchaindigital artledgerNFTNFTsnon-fungible (Read more…) The post NFTs explained:…
HelloKitty: When Cyberpunk met cy-purr-crime
Read the original article: HelloKitty: When Cyberpunk met cy-purr-crime HelloKitty was a relatively unheard-of ransomware family—until it became involved in an attack against the Polish video game developer, CD Projekt Red, in early February. Categories: Threat spotlight Tags: 78afe88dbfa9f7794037432db3975fa057eae3e4dc0f39bf19f2f04fa6e5c07c9a7daafc56300bd94ceef23eac56a0735b63ec6b9a7a409fb5a9b63efe1aa0b0c7d6719bbfb5baaadda498bf5ef49a3ada1d795b9ae4709074b0e3976968741eCD Projekt…
Mother charged with using deepfakes to shame daughter’s cheerleading rivals
Read the original article: Mother charged with using deepfakes to shame daughter’s cheerleading rivals Court records reveal that Raffaela Spone’s daughter has no idea her mother has been harassing members of her cheerleading squad. Categories: Artificial Intelligence Tags: cyberbullyingdeepfakeHenry AjderKelly…
Apple shines and buffs Mac security—Is it enough to stop today’s malware?
Read the original article: Apple shines and buffs Mac security—Is it enough to stop today’s malware? Apple is ramping up its security efforts, but its go-it-alone approach risks shutting allies out and protecting attackers. Categories: Mac Tags: ApplemacmacOS (Read more…)…
FBI warns of increase in PYSA ransomware attacks targeting education
Read the original article: FBI warns of increase in PYSA ransomware attacks targeting education Big-game ransomware, PYSA (AKA Mespinoza) is targeting educational institutions in the US and UK. Categories: AwarenessRansomware Tags: CERT FrancefbiFBI PSAMazeMega.nzMespinozaphishingpsaPYSA ransomwareransomwarerdpremote desktop protocolrevilryukSodinokibityposquatting (Read more…) The…
Teen behind 2020 Twitter hack pleads guilty
Read the original article: Teen behind 2020 Twitter hack pleads guilty The teen behind the Twitter hack of 2020 pleaded guilty to several charges as part of a deal in which he will serve three years in prison. Categories: CybercrimeSocial…
ProxyLogon PoCs trigger a game of whack-a-mole
Read the original article: ProxyLogon PoCs trigger a game of whack-a-mole Microsoft and others are trying to keep working ProxyLogon PoCs out of the hands of cybercriminals and script-kiddies. Categories: Exploits and vulnerabilities Tags: exchangeexchange serverGitHubmiscrosoftpocproof-of-conceptproxylogonreverse engineering (Read more…) The…
Careers in cybersecurity: Malwarebytes talks to teachers and students
Read the original article: Careers in cybersecurity: Malwarebytes talks to teachers and students A look at the talks we give to schools and universities, with a view to encouraging more students to work in the security sector. Categories: Careers Tags:…
How your iPhone could tell you if you’re being stalked
Read the original article: How your iPhone could tell you if you’re being stalked Read more…) The post How your iPhone could tell you if you’re being stalked appeared first on Malwarebytes Labs. Become a supporter of IT Security…
Royal Mail scam says your parcel is waiting for delivery
Read the original article: Royal Mail scam says your parcel is waiting for delivery We take a look at an SMS phishing messages which claims to have a parcel for you, with an unpaid shipping fee. Categories: Scams Tags: deliveryfakepackageparcelphishphishingroyal…
The Malwarebytes 2021 State of Malware report: Lock and Code S02E04
Read the original article: The Malwarebytes 2021 State of Malware report: Lock and Code S02E04 This week on Lock and Code, we discuss the top security headlines and talk to Adam Kujawa about the 2021 State of Malware report. Categories:…
Ransomware is targeting vulnerable Microsoft Exchange servers
Read the original article: Ransomware is targeting vulnerable Microsoft Exchange servers Attacks using the ProxyLogon Microsoft Exchange vulnerability have taken a new twist: DearCry ransomware. Categories: Ransomware Tags: exchangemailmicrosoftproxylogonransomware (Read more…) The post Ransomware is targeting vulnerable Microsoft Exchange servers…
150,000 Verkada security cameras hacked—to make a point
Read the original article: 150,000 Verkada security cameras hacked—to make a point Hospitals, banks, police departments, prisons, schools, and companies like Tesla and Cloudflare are victims of an attack on Verkada. Categories: IoT Tags: APT 69420 Arson Catscamera hackingCloudeflare hackhealthcare…
Police credit “unlocked” SKY ECC encryption for organized crime bust
Read the original article: Police credit “unlocked” SKY ECC encryption for organized crime bust Europol claims to have broken SKY ECC’s encryption and SKY ECC denies it has. Who should you believe? Categories: Reports Tags: encrochatencryptioneurojusteuropol (Read more…) The post…
5 common VPN myths busted
Read the original article: 5 common VPN myths busted We cut through some popular misunderstandings about VPNs. Categories: Awareness Tags: carriergeo-lockedISPmythnetflixvpn (Read more…) The post 5 common VPN myths busted appeared first on Malwarebytes Labs. Become a supporter of…
iPhone app exposed other people’s call recordings
Read the original article: iPhone app exposed other people’s call recordings Read more…) The post iPhone app exposed other people’s call recordings appeared first on Malwarebytes Labs. Become a supporter of IT Security News and help us remove the…
OVH cloud datacenter destroyed by fire
Read the original article: OVH cloud datacenter destroyed by fire The third largest hosting provider in the world has seen its site in Strasbourg destroyed by a fire. What does it mean for you? Categories: Malwarebytes news Tags: afr-ixbackupbad packetscentre…
REvil ransomware’s calling, and it’s not good news
Read the original article: REvil ransomware’s calling, and it’s not good news REvil ransomware, also known as Sodinokibi, has deployed a new telephone-based tactic to convince victims to pay up. Categories: Ransomware Tags: attackblackmailcompromisehijackmalwareransomwarerevilscamSodinokibiVoIP (Read more…) The post REvil ransomware’s…
TinyCheck: Stalkerware detection that doesn’t leave a trace
Read the original article: TinyCheck: Stalkerware detection that doesn’t leave a trace Read more…) The post TinyCheck: Stalkerware detection that doesn’t leave a trace appeared first on Malwarebytes Labs. Become a supporter of IT Security News and help us…
Microsoft Exchange attacks cause panic as criminals go shell collecting
Read the original article: Microsoft Exchange attacks cause panic as criminals go shell collecting The ProxyLogon vulnerability in Microsoft Exchange has moved from an Advanced Persistent Threat to every cybercrime’s new toy in record time. Categories: Malwarebytes news Tags: APTbackdoor.hafniumcisacryptominingdevcoredubexhafniummicrosoft…
International Women’s Day: Women in tech name their heroes
Read the original article: International Women’s Day: Women in tech name their heroes Today, we remember some of the heroes who made a positive difference to some of the women who work at Malwarebytes. Categories: Awareness Tags: International women’s dayIWD…
A week in security (March 1 – 7)
Read the original article: A week in security (March 1 – 7) A roundup of cybersecurity news from March 1 – 7, including Ryuk going worm, Exchange servers under attack, stolen VPN data, and more. Categories: A week in security…
Will Google’s Privacy Sandbox take the bite out of tracking cookies?
Read the original article: Will Google’s Privacy Sandbox take the bite out of tracking cookies? Read more…) The post Will Google’s Privacy Sandbox take the bite out of tracking cookies? appeared first on Malwarebytes Labs. Become a supporter of…
China’s RedEcho accused of targeting India’s power grids
Read the original article: China’s RedEcho accused of targeting India’s power grids Read more…) The post China’s RedEcho accused of targeting India’s power grids appeared first on Malwarebytes Labs. Become a supporter of IT Security News and help us…
Update now! Chrome fix patches in-the-wild zero-day
Read the original article: Update now! Chrome fix patches in-the-wild zero-day Google has released a patch for yet another vulnerability in Chrome’s audio component after it was exploited in the wild. Categories: Exploits and vulnerabilities Tags: 89.0.4.4389.72chromecve-2021-21159cve-2021-21160cve-2021-21161cve-2021-21162cve-2021-21163cve-2021-21164cve-202121166Googleheap buffer overflowinsufficient data…
21 million free VPN users’ data exposed
Read the original article: 21 million free VPN users’ data exposed Recent VPN data leaks and breaches highlight the importance—and difficulty—of fully trusting a VPN provider. Here are tips on who to trust. Categories: Privacy Tags: chatvpnfree VPNgeckovpnMalwarebytes Privacymobile VPN…
Patch now! Exchange servers attacked by Hafnium zero-days
Read the original article: Patch now! Exchange servers attacked by Hafnium zero-days Microsoft has released updates to deal with 4 zero-day vulnerabilities being used in an attack chain aimed at users of Exchange Server. Categories: Exploits and vulnerabilities Tags: cve-2021-26855cve-2021-26857cve-2021-26858cve-2021-27065exchange…
Ryuk ransomware develops worm-like capability
Read the original article: Ryuk ransomware develops worm-like capability French researchers have found a Ryuk ransomware variant that can spread laterally through an infected network. Categories: Malwarebytes news Tags: ANSSIarpbotnetemotetKRBTGTrpcryukscheduled tasksthreat spotlighttrickbotWake-on-LAN (Read more…) The post Ryuk ransomware develops worm-like…
Defending online anonymity and speech with Eva Galperin: Lock and Code S02E03
Read the original article: Defending online anonymity and speech with Eva Galperin: Lock and Code S02E03 On Lock and Code, we talk to Eva Galperin, director of cybersecurity for EFF, about the importance of defending online anonymity and speech. Categories:…
To pay, or not to pay? That is the VPN question
Read the original article: To pay, or not to pay? That is the VPN question Should you pay for a VPN? We delve into the paid versus free VPN debate. Categories: Privacy Tags: free VPNpaid VPNvirtual private networksvpn (Read more…)…
TikTok pays $92 million to end data theft lawsuit
Read the original article: TikTok pays $92 million to end data theft lawsuit TikTok has agreed to pay a hefty settlement, and to stop recording users’ biometric and location data. Categories: PrivacyReports Tags: artificial intelligencebytedanceChinesefacial recognitionobfuscationpersonal datasettlestiktokus class-action suit (Read…
Scammers, profiteers, and shady sites? It must be tax season
Read the original article: Scammers, profiteers, and shady sites? It must be tax season With tax season around the corner, an aggressive campaign caught our attention and we decided to investigate. Categories: Please don’t buy thisWeb threats Tags: affiliatescustomer reviewsidentity…
LazyScripter: From Empire to double RAT
Read the original article: LazyScripter: From Empire to double RAT Our latest research on a threat actor that has similarities with #APT28 and #MuddyWater. Categories: Malwarebytes news (Read more…) The post LazyScripter: From Empire to double RAT appeared first on…
Clop targets execs, ransomware tactics get another new twist
Read the original article: Clop targets execs, ransomware tactics get another new twist Clop’s targeting of executives’ workstations is the latest in a string of recent innovations in ransomware. Categories: Malwarebytes news Tags: Business Email CompromiseClopdevelopmentsleak siteransom.clopransom.cryptomixransom.mazeransomwaresoftware agtargeted attacksvirtual hard…
The mystery of the Silver Sparrow Mac malware
Read the original article: The mystery of the Silver Sparrow Mac malware Silver Sparrow is the first malware to include native code for Apple’s new M1 chips, but why is its desired payload is blank? Categories: Mac Tags: AppleApple malwareM1M1…
A week in security (February 15 – February 21)
Read the original article: A week in security (February 15 – February 21) A roundup of cybersecurity news from February 15 – 21, including Egregor, romance scams, insider threats, and more. Categories: A week in security Tags: agoraApple malwarebaby monitor…
Omegle investigation raises new concerns for kids’ safety
Read the original article: Omegle investigation raises new concerns for kids’ safety Read more…) The post Omegle investigation raises new concerns for kids’ safety appeared first on Malwarebytes Labs. Become a supporter of IT Security News and help us…
North Korean hackers charged with $1.3 billion of cyberheists
Read the original article: North Korean hackers charged with $1.3 billion of cyberheists Three members of North Korea’s Reconnaissance General Bureau where charged for WannaCry, the Sony Pictures hack, and many other cybercrimes. Categories: Awareness Tags: Advanced Persistent Threat 38advanced…
Cybersecurity in Cyberpunk 2077: the good, the bad, and the cringeworthy
Read the original article: Cybersecurity in Cyberpunk 2077: the good, the bad, and the cringeworthy Cyberpunk 2077 features computers, hacking, viruses, and the word “cyber”. We obviously had to write about it. Categories: Malwarebytes news (Read more…) The post Cybersecurity…
Romance scams: FTC reveals $304 million of heartache
Read the original article: Romance scams: FTC reveals $304 million of heartache The FTC’s latest findings reveal that love is in the air for people up to no good. Categories: Privacy Tags: appsdatingfakeFTCromancescams (Read more…) The post Romance scams: FTC…
Clubhouse under scrutiny for sending data to Chinese servers
Read the original article: Clubhouse under scrutiny for sending data to Chinese servers The audio-chat app Clubhouse is the latest rage in the social media landscape. What is it, and can we trust it? Categories: Awareness Tags: agoraalex stamoschinachinese serversclubhouseclubhouse…
Yandex sysadmin caught selling access to email accounts
Read the original article: Yandex sysadmin caught selling access to email accounts Yandex, dubbed the “Russian Google”, caught one of its own system administrators red handed in a routine security audit. Categories: Awareness Tags: accidental insiderbreachcybersecurity awarenessinsider threatsintentional culture of…
RDP, the ransomware problem that won’t go away
Read the original article: RDP, the ransomware problem that won’t go away Read more…) The post RDP, the ransomware problem that won’t go away appeared first on Malwarebytes Labs. Become a supporter of IT Security News and help us…
Egregor ransomware hit by arrests
Read the original article: Egregor ransomware hit by arrests In a collaboration between French and Ukranian law enforcement, threat actors related to the Egregor ransomware team have been arrested. Categories: Ransomware Tags: bitcoindata exfiltrationegregorextortionFrancelaw enforcementMazeraasukraine (Read more…) The post Egregor…
Extortion, precision malware, and ruthless scams. Read the State of Malware 2021 report
Read the original article: Extortion, precision malware, and ruthless scams. Read the State of Malware 2021 report Through the chaos and devastation of 2020, one form of business seems to have thrived—the creation and operation of malicious software. Categories: Reports…
Talking Emotet’s takedown with Adam Kujawa: Lock and Code S02E01
Read the original article: Talking Emotet’s takedown with Adam Kujawa: Lock and Code S02E01 Read more…) The post Talking Emotet’s takedown with Adam Kujawa: Lock and Code S02E01 appeared first on Malwarebytes Labs. Become a supporter of IT Security…
Gang arrested for SIM-swapping celebrities, stealing $100 million
Read the original article: Gang arrested for SIM-swapping celebrities, stealing $100 million The attacks targeted thousands of people and netted some high-profile victims, such as online influencers, sports stars, and musicians. Categories: Social engineering Tags: 2faMatthew MillerPaul CreffieldSIM jackiingSIM swapSIM…
Who is to blame for the malicious Barcode Scanner that got on the Google Play store?
Read the original article: Who is to blame for the malicious Barcode Scanner that got on the Google Play store? LavaBird claims it was not them who is responsible for uploading malicious versions of Barcode Scanner, but an account named…
Malvertising campaign on PornHub and other top adult brands exposes users to tech support scams
Read the original article: Malvertising campaign on PornHub and other top adult brands exposes users to tech support scams PornHub, RedTube and several other top adult sites have been showing visitors fake popup warnings leading to tech support scams. Categories:…
Nude photo theft offers lessons in selfie security
Read the original article: Nude photo theft offers lessons in selfie security We look at a story involving the theft of people’s most sensitive data, and what you can do to secure yours. Categories: Privacy Tags: compromisecourtdataemailguiltyhackingphotographsprivacysecuresocial mediastealtheft (Read more…)…
Researcher’s audacious hack demonstrates new type of supply-chain attack
Read the original article: Researcher’s audacious hack demonstrates new type of supply-chain attack Read more…) The post Researcher’s audacious hack demonstrates new type of supply-chain attack appeared first on Malwarebytes Labs. Become a supporter of IT Security News and…
What Google learned from 1 billion evil email scams
Read the original article: What Google learned from 1 billion evil email scams Google teamed up with researchers from Stanford University to analyse 5 months worth of mails. This is what they found. Categories: Privacy Tags: gmailGooglemailmalwarephishphishingpresentationscamspam (Read more…) The…
Big Patch Tuesday: Microsoft and Adobe fix in-the-wild exploits
Read the original article: Big Patch Tuesday: Microsoft and Adobe fix in-the-wild exploits Here are the Microsoft and Adobe patches that need your attention, including some vulnerabilities being exploited in the wild. Categories: Malwarebytes news (Read more…) The post Big…
Hackers try to poison Florida City’s drinking water
Read the original article: Hackers try to poison Florida City’s drinking water Read more…) The post Hackers try to poison Florida City’s drinking water appeared first on Malwarebytes Labs. Become a supporter of IT Security News and help us…
Cyberpunk 2077 developer hit by ransomware
Read the original article: Cyberpunk 2077 developer hit by ransomware As if they didn’t have enough to deal with already, CD PROJEKT RED, makers of Cyberpunk 2077, have fallen victim to a targeted ransomware attack. Categories: Malwarebytes news Tags: CD…
Android devices caught in Matryosh botnet
Read the original article: Android devices caught in Matryosh botnet The Matryosh botnet goes after Android devices that have ADB enabled and uses them in orchestrated DDoS attacks. Categories: Malwarebytes news Tags: adbandroid debug bridgebotnetddosicmpechomatryoshport 5555tcprawtor proxyudpplain (Read more…) The…
How NOT to fail at PDF redaction
Read the original article: How NOT to fail at PDF redaction They had one job. Categories: Privacy Tags: how to redact PDF filesproper PDF redactionproper way to redact PDF files (Read more…) The post How NOT to fail at PDF…
A week in security (February 1 – February 7)
Read the original article: A week in security (February 1 – February 7) A roundup of cybersecurity news from February 1 – 7, including a barcode scanner’s infections and browser sync risks Categories: A week in security Tags: dataemulatorhackerslock and…
Barcode Scanner app on Google Play infects 10 million users with one update
Read the original article: Barcode Scanner app on Google Play infects 10 million users with one update In a single update, a popular barcode scanner app that had been on Google Play for years turned into malware. Categories: Android Tags:…
Android emulator abused to introduce malware onto PCs
Read the original article: Android emulator abused to introduce malware onto PCs Attackers have compromised the software distribution system of BigNox, developer of a popular Android emulator for PCs and Macs. Categories: Awareness Tags: massive multiplayer onlineMMOOperating NightScoutPipeMonsupply-chain attack (Read…
Update now! Chrome patches zero-day that was exploited in the wild
Read the original article: Update now! Chrome patches zero-day that was exploited in the wild The successfully exploited vulnerability is suspected of being used in targeted attacks against security researchers. Categories: Exploits and vulnerabilitiesSocial engineering Tags: C&Cchromecve-2021-21148heap buffer overflowsecurity researcherssolarwindswatering…
Would real identities make social media safer?
Read the original article: Would real identities make social media safer? Questions of anonymity on social media are a talking point again. Making everyone use their real identities sounds good, but would it actually make things better? Categories: Privacy Tags:…
Browser sync—what are the risks of turning it on?
Read the original article: Browser sync—what are the risks of turning it on? Browser synchronization is a handy feature but it comes with a few risks. Here’s what you should be asking yourself before you switch it on. Categories: Privacy…
Credit card skimmer piggybacks on Magento 1 hacking spree
Read the original article: Credit card skimmer piggybacks on Magento 1 hacking spree It’s double trouble for Magento 1 sites when skimmers find themselves competing for resources. Categories: Cybercrime Tags: costwayMagecartmagentoskimmer (Read more…) The post Credit card skimmer piggybacks on…