Categories: News Categories: Ransomware Tags: TrueBot Tags: Cl0p Tags: Silence Group Tags: CVE-2022-31199 Tags: Raspberry Robin Tags: FlawedGrace Tags: Cobalt Strike Tags: Teleport CISA, the FBI, the MS-ISAC, and the CCCS have warned about increased activity of the TrueBot malware…
Category: Malwarebytes Labs
Malwarebytes Browser Guard introduces three new features
Categories: Personal Tags: Malwarebytes Tags: Browser Guard Tags: Premium Tags: new features Malwarebytes Browser Guard introduces three new features: Content control, import & export, and historical detection statistics (Read more…) The post Malwarebytes Browser Guard introduces three new features appeared…
MOVEit Transfer fixes three new vulnerabilities
Categories: Exploits and vulnerabilities Categories: News Categories: Ransomware Tags: Progress Tags: MOVEit Tags: vulnerabilities Tags: CVE-2023-36934 Tags: CVE-2023-36932 Tags: CVE-2023-36933 CISA has warned users about three new vulnerabilities in Progress Software’s MOVEit Transfer software. (Read more…) The post MOVEit Transfer…
Warning issued over vulnerability in cardiac device monitoring software
Categories: Exploits and vulnerabilities Categories: News Tags: Medtronic Tags: Paceart Optima Tags: CVE-2023-31222 Tags: deserialization Tags: update Tags: messaging A vulnerability in Medtronic’s Paceart Optima software could lead to further network penetration, RCE, and DoS attacks (Read more…) The post…
Solar monitoring systems exposed: Secure your devices
Categories: Business Tags: solar Tags: monitoring Tags: service Tags: exposed Tags: web Tags: facing Tags: secure Tags: scan Tags: lockdown Tags: update We take a look at reports that 130,000 solar monitoring devices are sitting exposed online. (Read more…) The…
How kids pay the price for ransomware attacks on education
Categories: News Categories: Personal Categories: Ransomware Tags: ransomware Tags: vice Tags: education Tags: files Tags: dark web Tags: ssn Tags: stolen identity Data stolen during attacks on schools can contain highly sensitive information. (Read more…) The post How kids pay…
Update Android now! Google patches three actively exploited zero-days
Categories: Exploits and vulnerabilities Categories: News Tags: Google Tags: Android Tags: 2023-07-05 Tags: CVE2021-29256 Tags: CVE-2023-26083 Tags: CVE-2023-2136 Tags: CVE-2023-21250 Tags: ARM Tags: Skia Google has patched 43 vulnerabilities in Android, three of which are actively exploited zero-day vulnerabilities. (Read…
Warning issued over vulnerability in cardiac devices
Categories: Exploits and vulnerabilities Categories: News Tags: Medtronic Tags: Paceart Optima Tags: CVE-2023-31222 Tags: deserialization Tags: update Tags: messaging A vulnerability in Medtronic’s Paceart Optima cardiac device could lead to further network penetration, RCE, and DoS attacks (Read more…) The…
Self-driving cars are a privacy issue, says security expert
Categories: News Categories: Personal Categories: Privacy Tags: self-driving cars Tags: CCTV Tags: video doorbell Tags: security cams Tags: dashcams As the number of self-driving cars increases, so does the number of cameras on the roads. This creates a possible privacy…
Google plans to scrape everything you post online to train its AI
Categories: News Categories: Personal Tags: AI Tags: data Tags: generative Tags: search Tags: google Tags: bard Tags: translate Tags: AI cloud Tags: language Tags: scrape Tags: content Tags: text Tags: photo Tags: image Tags: learn Tags: learning We take a…
Malicious ad for USPS fishes for banking credentials
Categories: Threat Intelligence Tags: malvertising Tags: google Tags: usps Tags: phishing Next time you need to track a package, be aware that malicious ads could be leading you to sites that steal your banking information. (Read more…) The post Malicious…
Elderly targeted in car accident scam, kingpin arrested
Categories: News Categories: Personal Tags: Europol Tags: relative Tags: law enforcement The head of a criminal network responsible for defrauding hundreds of elderly people has been arrested, Europol has announced. (Read more…) The post Elderly targeted in car accident scam,…
Fake reviewers face big fines
Categories: Business Tags: reviews Tags: fake Tags: ftc Tags: fine Tags: fraud Tags: bogus Tags: portal Tags: site Tags: rating Tags: score The FTC’s new proposed rule would apply large fines to those found distributing fake reviews online. (Read more…)…
A week in security (June 26 – July 2)
Categories: News A list of topics we covered in the week of June 26 to July 2 of 2023 (Read more…) The post A week in security (June 26 – July 2) appeared first on Malwarebytes Labs. This article has…
Brave browser will prevent websites from port scanning visitors
Categories: Personal Tags: site Tags: website Tags: websites Tags: port scanning Tags: local resources Tags: track Tags: tracking Tags: profile Tags: brave Tags: browser Tags: web browser Tags: privacy We take a look at reports that Brave browser will prevent…
Of sharks, surveillance, and spied-on emails: This is Section 702, with Matthew Guariglia
Categories: Podcast This week on Lock and Code, we speak with Matthew Guargilia about the NSA’s broad powers to sweep up Americans’ emails, DMs, messages, and all manner of digital communications. (Read more…) The post Of sharks, surveillance, and spied-on…
Online safety tips for LGBTQIA+ communities
Categories: Personal The internet is great for bringing people together, but it can also be a nasty place. Here are some tips to help keep you as safe as possible online. (Read more…) The post Online safety tips for LGBTQIA+…
Spyware app LetMeSpy hacked, tracked user data posted online
Categories: News Categories: Personal Stalkerware-type app LetMeSpy has been hacked, with the attacker taking user data with it, the service has announced. (Read more…) The post Spyware app LetMeSpy hacked, tracked user data posted online appeared first on Malwarebytes Labs.…
“Free” Evil Dead Rise movie scam lurks in Amazon listings
Categories: Personal Tags: evil dead Tags: evil dead rise Tags: fake Tags: scam Tags: podcast Tags: movie Tags: download Tags: stream Tags: audible Tags: amazon music Tags: bruce Campbell Tags: sam ramai Tags: lily Sullivan Tags: Alyssa Sutherland Tags: lee…
New technique can defeat voice authentication “after only six tries”
Categories: Personal Tags: audio Tags: edit Tags: editing Tags: tags Tags: fake Tags: deepfake Tags: patterns Tags: vocal recognition Tags: voice recognition Tags: AI Tags: authenticate Tags: authentication We take a look at research which claims a way to bypass…
A proxyjacking campaign is looking for vulnerable SSH servers
Categories: Cybercrime Categories: News Tags: proxyjacking Tags: cryptojacking Tags: curl Tags: Docker Tags: proxy service Tags: compromised Proxyjacking is a cybercrime where your bandwidth is sold by criminals. (Read more…) The post A proxyjacking campaign is looking for vulnerable SSH…
Top contenders in Endpoint Security revealed: G2 Summer 2023 results
Categories: Business #1 in Endpoint Protection, #1 ROI for Endpoint Management, #1 for EDR implementation. (Read more…) The post Top contenders in Endpoint Security revealed: G2 Summer 2023 results appeared first on Malwarebytes Labs. This article has been indexed from…
Surveillance camera insecurities argument comes to one inevitable conclusion: Always update
Categories: Business Tags: camera Tags: CCTV Tags: surveillance Tags: council Tags: organisation Tags: government Tags: local Tags: china Tags: vulnerability Tags: flaw Tags: fix Tags: patch Tags: update We take a look at a debate over who is responsible for…
Why blocking ads is good for your digital health
Categories: Personal Tags: ad Tags: advert Tags: block Tags: blocking Tags: advertising Tags: blocker Tags: ad block Tags: tracking Tags: cookies Tags: analytics Tags: affiliate Tags: adware Tags: IoT We take a look at why blocking adverts and tracking is…
Criminal secure messaging system takedown: 6500+ arrests and €900 million+ seized
Categories: News Tags: EncroChat Tags: Sky ECC Tags: AN0M Tags: organized crime Europol has published the results of an infiltration operation on EncroChat, a secure communications system set up by and for criminals. (Read more…) The post Criminal secure messaging…
SupremeBot and Mario cross the finish line together
Categories: News Tags: Mario Tags: SupremBot Tags: XMR miner Tags: cryptominers Tags: mining client Tags: scheduled task Tags: C2 Download your games from trusted sources or you may get more than you bargained for… (Read more…) The post SupremeBot and…
81% concerned about ChatGPT security and safety risks, Malwarebytes survey shows
Categories: News ChatGPT may have already hit its public perception wall, according to a Malwarebytes survey that showed high levels of distrust and concern in the tool’s trustworthiness and safety. (Read more…) The post 81% concerned about ChatGPT security and…
Software company accused of illegally profiling millions of mobile phone users
Categories: News Categories: Personal Categories: Privacy Tags: BICS Tags: Proximus Tags: TeleSign Tags: TikTok Tags: trust score Tags: data A digital rights and privacy organization has filed a complaint against software company TeleSign for gathering and selling information on millions…
Company finds lost SSD—and confidential data—for sale on eBay
Categories: Business Tags: theft Tags: crime Tags: workplace Tags: steal Tags: data Tags: hard drive Tags: equipment Tags: peripherals Tags: inventory Tags: audit Tags: security Tags: pass Tags: ID Tags: CCTV Major software company SAP is putting the pieces of…
Understanding ransomware reinfection: An MDR case study
Categories: Business Ransomware is like that stubborn cold that you thought you kicked, but creeps back up determined to run amok again. (Read more…) The post Understanding ransomware reinfection: An MDR case study appeared first on Malwarebytes Labs. This article…
A week in security (June 19 – 25)
Categories: News Tags: week Tags: security A list of topics we covered in the week of June 19 to June 25 of 2023 (Read more…) The post A week in security (June 19 – 25) appeared first on Malwarebytes Labs.…
OpenSSH trojan campaign targets Linux systems and IoT devices
Categories: News Tags: IoT Tags: Linux Tags: OpenSSH Tags: trojan Tags: botnet Tags: IRC Tags: attack Tags: compromise Poorly configured Linux and Internet of Things (IoT) devices are at risk of compromise from a cryptojacking campaign. (Read more…) The post…
Malvertising: A stealthy precursor to infostealers and ransomware attacks
Categories: Business Malvertising, the practice of using online ads to spread malware, can have dire consequences—and the problem only seems to be growing. (Read more…) The post Malvertising: A stealthy precursor to infostealers and ransomware attacks appeared first on Malwarebytes…
9 basic security tips for seniors
Categories: News Categories: Personal Tags: seniors Tags: basic secuirty tips Tags: personal information Tags: too good to be true Tags: infected computer Tags: system optimizers Tags: web push notifications Tags: green padlock Tags: password manager Help the people around you…
5 facts to know about the Royal ransomware gang
Categories: Business A quick look the cybercriminal group known as Royal—one of the fastest growing ransomware gangs today. (Read more…) The post 5 facts to know about the Royal ransomware gang appeared first on Malwarebytes Labs. This article has been…
Microsoft Azure AD flaw can lead to account takeover
Categories: Exploits and vulnerabilities Categories: News Tags: OAuth Tags: nOAuth Tags: IdP Tags: Azure Tags: Microsoft Tags: login with Researchers have found a flaw in Microsoft Azure AD which they claim can be used to take over accounts that rely…
6 tips for a cybersecure honeymoon
Categories: Personal Your big day is over, but while you’re relaxing on honeymoon you don’t want to get distracted by security problems. So, we rounded up some quick tips to keep your devices safe. (Read more…) The post 6 tips…
Reducing your attack surface is more effective than playing patch-a-mole
Categories: News Tags: CISA Tags: BOD 23-02 Tags: Internet exposed Tags: management interfaces Tags: vulnerabilities Tags: CVE-2023-27992 Tags: CVE-2023-20887 There is a lot to be said for the strategy of shielding management interfaces from public internet access (Read more…) The…
Update now! Apple fixes three actively exploited vulnerabilities
Categories: Apple Categories: Exploits and vulnerabilities Categories: News Tags: Apple Tags: kernel webkit Tags: CVE-2023-32434 Tags: CVE-2023-32435 Tags: CVE-2023-32439 Tags: type confusion Tags: integer overflow Tags: operation triangulation Apple has released security updates for several products to address a set…
UPS warns customers of phishing attempts after data accessed
Categories: Personal Tags: UPS Tags: delivery Tags: scam Tags: phish Tags: phishing Tags: smishing Tags: SMS Tags: text Tags: fake Tags: data UPS is warning Canadian customers of potential phishing attempts after data was left accessible via look-up tool. (Read…
Malwarebytes only vendor to win every MRG Effitas award in 2022 & 2023
Categories: Business Dive into where we prevented more than the rest and how we were able to do it. (Read more…) The post Malwarebytes only vendor to win every MRG Effitas award in 2022 & 2023 appeared first on Malwarebytes…
DNA testing company failed to protect sensitive genetic and health data, says FTC
Categories: News Categories: Personal Tags: FTC Tags: privacy Tags: retroactive Tags: DNA. testing Tags: sample Tags: retain Tags: data Tags: unsecured Tags: charge The FTC is going head to head with a DNA testing startup which left consumer data unsecured…
Ransomware attackers email bemused students as leverage for a payout
Categories: Business Categories: News Tags: students Tags: university Tags: university of Manchester Tags: UoM Tags: ransomware Tags: blackmail Tags: theft Tags: pressure Tags: leak Tags: breach We take a look at one group’s creative tactics to ensure a payout from…
Black Cat ransomware group wants $4.5m from Reddit or will leak stolen files
Categories: Business Tags: reddit Tags: ransom Tags: black cat Tags: ransomware Tags: extortion Tags: blackmail Tags: data Tags: leak Tags: breach We take a look at news that data stolen from Reddit may be leaked soon unless the site pays…
Baby monitor safety: What you need to know
Categories: Personal Tags: baby Tags: monitor Tags: wi-fi Tags: wireless Tags: cam Tags: webcam Tags: camera Tags: DECT Tags: FHSS Tags: cloud Tags: storage Tags: secure Tags: safety Tags: password We take a look at some of the options available…
Update now! ASUS fixes nine security flaws
Categories: Exploits and vulnerabilities Categories: News Tags: ASUS Tags: router Tags: models Tags: CVE-2022-26376 Tags: CVE-2018-1160 Tags: Netatalk Tags: disable WAN ASUS has released firmware updates for several router models fixing two critical and several other security issues. (Read more…)…
Why businesses need a disinformation defense plan, with Lisa Kaplan: Lock and Code S04E13
Categories: Podcast This week on Lock and Code, we speak with Lisa Kaplan about why every business with an online presence should ready themselves against a potential disinformation campaign. (Read more…) The post Why businesses need a disinformation defense plan,…
A week in security (June 12 – 18)
Categories: News Tags: week Tags: security Tags: june 2023 A list of topics we covered in the week of June 12 to June 18 of 2023 (Read more…) The post A week in security (June 12 – 18) appeared first…
Phishing scam takes $950k from DoorDash drivers
Categories: Business Tags: door dash Tags: delivery Tags: phish Tags: phishing Tags: scam Tags: fake Tags: fraud Tags: theft Tags: call Tags: support Tags: phone We take a look at a phishing scam that cost 700 DoorDash drivers a combined…
US dangles $10 million reward for information about Cl0p ransomware gang
Categories: News Categories: Ransomware Tags: Cl0p Tags: ransomware Tags: RFJ Tags: 10 million Tags: MOVEit Rewards for Justice (RFJ) is offering a reward of up to $10 million for information the Cl0p ransomware gang is acting at the direction or under…
Fake security researchers push malware files on GitHub
Categories: News Tags: GitHub Tags: malware Tags: repository Tags: security researcher Tags: fake Tags: download Tags: scam Tags: twitter Tags: social We take a look at reports of fake security researchers offering up malware downloads via GitHub repositories. (Read more…)…
MOVEit discloses THIRD critical vulnerability
Categories: Exploits and vulnerabilities Categories: News Categories: Ransomware Tags: Progress Tags: Moveit Tags: CVE-2023-34362 Tags: CVE-2023-35036 Tags: Cl0p Progress has released an advisory about yet another MOVEit Transfer vulnerability while new victims of the first one keep emerging. (Read more…)…
LockBit ransomware advisory from CISA provides interesting insights
Categories: News Categories: Ransomware Tags: CISA Tags: LockBit Tags: stats Tags: RaaS A joint advisory published by CISA, the FBI and many others shows some interesting stats that align with data found by Malwarebytes. (Read more…) The post LockBit ransomware…
Ticket scammers target Taylor Swift tour
Categories: Personal Tags: Taylor Tags: swift Tags: eras Tags: music Tags: gig Tags: concert Tags: tour Tags: scam Tags: ticket Tags: reseller Tags: fraud Tags: fake We take a look at multiple reports of ticket reseller fraud aimed at fans…
Update Chrome now! Google fixes critical vulnerability in Autofill payments
Categories: Exploits and vulnerabilities Categories: News Tags: Google Tags: Chrome Tags: Autofill Tags: payments critical Tags: CVE-2023-3214 Google has released an update which includes five security fixes including a critical vulnerability in Autofill payments. (Read more…) The post Update Chrome…
Microsoft fixes six critical vulnerabilities in June Patch Tuesday
Categories: Exploits and vulnerabilities Categories: News Tags: Microsoft Tags: patch Tuesday Tags: CVE-2023-29357 Tags: CVE-2023-29363 Tags: CVE-2023-32014 Tags: CVE-2023-32015 Tags: CVE-2023-32013 Tags: CVE-2023-24897 Tags: CVE-2023-32031 Tags: SharePoint Tags: PGM Tags: Exchange Tags: Hyper-V Patch Tuesday of June 2023 is relatively…
Edge browser feature sends images you view back to Microsoft
Categories: News Tags: Edge Tags: Enhance images Tags: super resolution Tags: content creators A new Edge feature labelled ‘Enhance images in Microsoft Edge’ has raised some privacy concerns because it sends information to Microsoft. (Read more…) The post Edge browser…
A week in security (June 5 – 11)
Categories: News Tags: week in security A list of topics we covered in the week of June 5 to June 11 of 2023 (Read more…) The post A week in security (June 5 – 11) appeared first on Malwarebytes Labs.…
Public and free WiFi: Can I safely use it?
Categories: News Categories: Personal Tags: Free Tags: public Tags: WiFi Tags: HTTPS Tags: TLS Tags: VPN The Internet has changed. A lot. Does that make it safer to use public, free WiFi? (Read more…) The post Public and free WiFi:…
More MOVEit vulnerabilities found while the first one still resonates
Categories: Exploits and vulnerabilities Categories: News Categories: Ransomware Tags: MOVEit Tags: Progress Tags: Cl0p Tags: ransomware Tags: CVE-2023-34362 A security audit of the MOVEit code has revealed more SQL injection vulnerabilities, while victims of the first vulnerability are coming to…
Strava heatmap loophole may reveal users’ home addresses
Categories: Personal Tags: strava Tags: fitness Tags: health Tags: run Tags: running Tags: jog Tags: jogging Tags: jogger Tags: cycling Tags: bike Tags: race Tags: data Tags: anonymous Tags: anonymise Tags: location Tags: map Tags: heatmap Anonymous data on fitness…
VMware patches critical vulnerabilities in Aria Operations for Networks
Categories: Exploits and vulnerabilities Categories: News Tags: cve-2023-20887 Tags: cve-2023-20888 Tags: cve-2023-20889 Tags: vmware Tags: Aria Operations for Networks Tags: RCE Tags: information disclosure Tags: deserialization Tags: command injection VMware has released security updates to fix a trio of flaws…
Update your Cisco System Secure Client now to fix this AnyConnect bug
Categories: Exploits and vulnerabilities Categories: News Tags: Cisco Tags: anyconnect Tags: system secure client Tags: VPN Tags: bug Tags: patch Tags: update Tags: vulnerability Tags: SYSTEM We take a look at a recent update for Cisco Secure System Client and…
Ransomware review: June 2023
Categories: Ransomware Categories: Threat Intelligence May saw a record number of 556 reported ransomware victims, the unusual emergence of Italy and Russia as major targets, and a significant rise in attacks on the education sector. (Read more…) The post Ransomware…
Former TikTok exec: Chinese Communist Party had “God mode” entry to US data
Categories: News Categories: Privacy Tags: Yu Tags: TikTok Tags: ByteDance Tags: CCP Tags: influence Tags: data access Tags: loaded gun A former executive at TikTok’s parent company ByteDance has claimed in court documents that the Chinese Community Party (CCP) had…
Update Chrome now! Google patches actively exploited zero-day
Categories: Exploits and vulnerabilities Categories: News Tags: Google Tags: Chrome Tags: V8 Tags: heap corruption Tags: type confusion Tags: CVE-2023-3079 Google has released a Chrome update for a zero-day for which an exploit is actively being used in the wild.…
Warning: Victims’ faces placed on explicit images in sextortion scam
Categories: Personal Tags: sextortion Tags: deepfake Tags: FBI Tags: blackmail Tags: extortion Tags: fake Tags: fakes Tags: synthetic We take a look at some new developments in sextortion cases via a warning issued by the FBI. (Read more…) The post…
Unveiling Nebula’s Report 2.0: A new approach to security reporting
Categories: Business We’re excited to announce Report 2.0, a major upgrade to our report system in Nebula. (Read more…) The post Unveiling Nebula’s Report 2.0: A new approach to security reporting appeared first on Malwarebytes Labs. This article has been…
Microsoft illegally collected and retained children’s data, says FTC
Categories: Personal Tags: Microsoft Tags: Xbox Tags: privacy Tags: children Tags: COPPA Tags: FTC Tags: fine Tags: settlement Tags: games console Tags: gaming Tags: video games Microsoft is counting the cost of privacy violations, with $20m in fines related to…
Facebook clickbait leads to money scam for users
Categories: Threat Intelligence Tags: facebook Tags: posts Tags: google Tags: cloud run Clickbait posts on Facebook can lead to malicious websites. In this campaign, crooks are redirecting Facebook victims to scam pages hosted on Google’s infrastructure. (Read more…) The post…
How Coffee County Schools safeguards 7500 students and 1200 staff
Categories: Business Watch the Byte into Security webinar for a deep dive into K-12 cybersecurity. (Read more…) The post How Coffee County Schools safeguards 7500 students and 1200 staff appeared first on Malwarebytes Labs. This article has been indexed from…
Cl0p ransomware gang claims first victims of the MOVEit vulnerability
Categories: Exploits and vulnerabilities Categories: News Categories: Ransomware Tags: Progress Tags: MOVEit Tags: Transfer Tags: CVE-2023-34362 Tags: BBC Tags: Zellis Tags: BA The first victims of the ongoing attacks on vulnerable MOVEit Transfer instances are coming forward. The Cl0p ransomware…
5 unusual cybersecurity tips that actually work
Categories: Personal It’s time to shake off that special feeling, start lying, forget everything you’ve been told about passwords, spin up a million email addresses, and start throwing away computers for fun. (Read more…) The post 5 unusual cybersecurity tips…
The 2023 State of Ransomware in Education: 84% increase in attacks over 6-month period
Categories: Threat Intelligence In total, 26 separate ransomware-as-a-service gangs contributed to the onslaught on education. (Read more…) The post The 2023 State of Ransomware in Education: 84% increase in attacks over 6-month period appeared first on Malwarebytes Labs. This article…
Information stealer compromises legitimate sites to attack other sites
Categories: News A new web skimming campaign uses compromised legitimate sites to act as command and control servers. (Read more…) The post Information stealer compromises legitimate sites to attack other sites appeared first on Malwarebytes Labs. This article has been…
Play ransomware gang compromises Spanish bank, threatens to leak files
Categories: Business Tags: globalcaja Tags: play ransomware Tags: compromise Tags: data Tags: leak Tags: ransom Tags: bank Tags: banking Tags: Spain Tags: Spanish A large Spanish bank, Globalcaja, has fallen victim to the Play ransomware gang. (Read more…) The post…
Vice Society: The #1 cyberthreat to schools, colleges, and universities
Categories: News Categories: Ransomware In the last 12 months, the Vice Society ransomware gang has conducted more known attacks against education targets globally, and in the USA and the UK individually, than any other ransomware group. (Read more…) The post…
Update now! MOVEit Transfer vulnerability actively exploited
Categories: Exploits and vulnerabilities Categories: News Tags: Progress Tags: MOVEit Tags: vulnerability Tags: human2.aspx A critical vulnerability in Progress MOVEit Transfer is being used to steal large amounts of data (Read more…) The post Update now! MOVEit Transfer vulnerability actively…
Amazon’s Ring cameras were used to spy on customers
Categories: News Categories: Personal It’s what we all feared, but hoped wouldn’t be the case. (Read more…) The post Amazon’s Ring cameras were used to spy on customers appeared first on Malwarebytes Labs. This article has been indexed from Malwarebytes…
US hospital forced to divert ambulances after cyberattack
Categories: News Categories: Ransomware Tags: Idaho Tags: hospital Tags: cyberattack Tags: virus Tags: ransomware The Idaho Falls Community Hospital fell victim to a cyberattack on Monday and had to divert ambulances to nearby hospitals and close some of its clinics.…
[updated] Barracuda Networks patches zero-day vulnerability in Email Security Gateway
Categories: Exploits and vulnerabilities Categories: News Barracuda Networks issued a patch for a zero-day vulnerability in its Email Security Gateway that was actively being exploited (Read more…) The post [updated] Barracuda Networks patches zero-day vulnerability in Email Security Gateway appeared…
CISA issues warning to US businesses: Beware of China’s state-sponsored cyber actor
Categories: Business US businesses: watch out for Volt Typhoon, a threat actor sponsored by the People’s Republic of China (PRC). (Read more…) The post CISA issues warning to US businesses: Beware of China’s state-sponsored cyber actor appeared first on Malwarebytes…
Microsoft gives Apple a migraine
Categories: Exploits and vulnerabilities Categories: News Tags: Apple Tags: macOS Tags: Ventura 13.4 Tags: Monterey 12.6.6 Tags: Big Sur 11.7.7 Tags: libxpc Tags: SIP Tags: XPC Tags: NVRAM Tags: CVE-2023-32369 Tags: Migraine Microsoft has released details about a vulnerability that…
Financial services company OneMain fined $4.25 million for security lapses
Categories: Business Tags: one-man Tags: financial Tags: loans Tags: cyber Tags: lapses Tags: security Tags: update Tags: New York Tags: lapse We take a look at a fine totalling millions aimed at financial services company OneMain. (Read more…) The post…
Barracuda Networks patches zero-day vulnerability in Email Security Gateway
Categories: Exploits and vulnerabilities Categories: News Barracuda Networks issued a patch for a zero-day vulnerability in its Email Security Gateway that was actively being exploited (Read more…) The post Barracuda Networks patches zero-day vulnerability in Email Security Gateway appeared first…
A week in security (May 22-28)
Categories: News Tags: Cisco Tags: Zyxel Tags: ChatGPT Tags: Malvertising Tags: Apple Tags: Google Tags: insider threat Tags: Pentagon explosion Tags: CISA Tags: ransomware guide Tags: Rheinmetall Tags: BlackBasta Tags: WordPress A list of topics we covered in the week…
Zyxel patches two critical vulnerabilities
Categories: Exploits and vulnerabilities Categories: News Zyxel has released a security advisory about two critical vulnerabilities that could allow an unauthorized, remote attacker to take control of its firewall devices. (Read more…) The post Zyxel patches two critical vulnerabilities appeared…
“Beautiful Cookie Consent Banner” WordPress plugin vulnerability: Update now!
Categories: Business Tags: beautiful cookie consent banner Tags: WordPress Tags: plugin Tags: vulnerability Tags: exploit Tags: XSS Tags: javascript Tags: update Tags: website We take a look at a vulnerability in a popular WordPress plugin. It’s been fixed, but you’ll…
CISA updates ransomware guidance
Categories: News Categories: Ransomware Tags: CISA Tags: StopRansomware Tags: guide Tags: ZTA Tags: compromised Tags: cloud Tags: MDR CISA has updated its #StopRansomware guide to account for changes in ransomware tactics and techniques. (Read more…) The post CISA updates ransomware…
Webinar alert: How Coffee County Schools safeguards 7500 students and 1200 staff
Categories: Business Join our upcoming Byte into Security webinar for a deep dive into K-12 cybersecurity. (Read more…) The post Webinar alert: How Coffee County Schools safeguards 7500 students and 1200 staff appeared first on Malwarebytes Labs. This article has…
Tracking down a trojan: An inside look at threat hunting in a corporate network
Categories: Business How Malwarebytes MDR successfully helped a company detect and respond to the potent banking Trojan QBot. (Read more…) The post Tracking down a trojan: An inside look at threat hunting in a corporate network appeared first on Malwarebytes…
Rheinmetall attacked by BlackBasta ransomware
Categories: News Categories: Ransomware Tags: Rheinmetall Tags: BlackBasta Tags: ransomware A cyberattack on arms manufacturer Rheinmetall has been claimed by the BlackBasta ransomware group on its leak site. (Read more…) The post Rheinmetall attacked by BlackBasta ransomware appeared first on…
Malvertising via brand impersonation is back again
Categories: Threat Intelligence Tags: malvertising Tags: google Tags: ads Tags: amazon Tags: cloaking Ads containing the official website of an impersonated brand are running again, allowing fraudsters to scam users. (Read more…) The post Malvertising via brand impersonation is back…
Update now! Apple issues patches for three actively used zero-days
Categories: Exploits and vulnerabilities Categories: News Tags: Apple Tags: RSR Tags: CVE-2023-32409 Tags: CVE-2023-28204 Tags: CVE-2023-32373 Tags: out of bounds Tags: use after free Apple issued information about patches against three actively exploited zero-days in WebKit. One vulnerability is new,…
Google to pay $40m for “deceptive and unfair” location tracking practices
Categories: Personal Tags: Google Tags: tracking Tags: location Tags: data Tags: court Tags: lawsuit Tags: settlement Tags: advertising We take a look at a case where Google is agreeing to pay $40m as a result of disclosure related to location…
Employee guilty of joining ransomware attack on his own company
Categories: News Categories: Ransomware Tags: employee Tags: insider threat Tags: access control Tags: policy Tags: ransom An employee that tried to take advantage of a ransomware attack on his own company has pleaded guilty after 5 years of denying he…
AI generated Pentagon explosion photograph goes viral on Twitter
Categories: News Categories: Personal Tags: AI Tags: twitter Tags: misinformation Tags: disinformation Tags: fake Tags: viral Tags: hoax Tags: news Tags: verified Tags: checkmark Tags: debunk We take a look at a viral hoax on Twitter which used AI generated…
A week in security (May 15-21)
Categories: News Tags: Week in security Tags: May 2023 The most interesting security-related news of the week from May 15-21. (Read more…) The post A week in security (May 15-21) appeared first on Malwarebytes Labs. This article has been indexed…
Update now: 9 vulnerabilities impact Cisco Small Business Series
Categories: Business Tags: Cisco Tags: small business series Tags: web interface Tags: CVE Tags: exploit Tags: root If you’re using one of the affected products from the Cisco small business range, you need to patch immediately. (Read more…) The post…
ChatGPT: Cybersecurity friend or foe?
Categories: Business There are a lot of benefits to ChatGPT, but many in the security community have concerns about it. Malwarebytes’ CEO Marcin Kleczynski takes a deep dive into the topic. (Read more…) The post ChatGPT: Cybersecurity friend or foe?…