Tag: Malwarebytes Labs

Read the original article: Beware: not so festive social media scams Social networks are rife with scams leading up to Christmas. We shine a light on some of the worst offenders. Categories: CybercrimePrivacy Tags: fakescamscammersSocial Engineeringsocial networks (Read more…) The…

Read more →

Read the original article: A week in security (December 14 – December 20) A roundup of cybersecurity news from December 14 – 20, including SolarWinds, smart toys, Egregor, and many other topics. Categories: A week in security Tags: brute forcecapella…

Read more →

Read the original article: The many ways you can be scammed on Facebook, part II Not everything on Facebook is a scam, thankfully, but there are some nasty ones that could potentially ruin the Yuletide season for you. Here are…

Read more →

Read the original article: VideoBytes: Brute force attacks increase due to more open RDP ports The number of RDP ports exposed to the Internet grew from about three million in January 2020 to over four and a half million in…

Read more →

Read the original article: Smart toy security: How to keep your kids safe this Christmas IoT toys will be big sellers this festive season. We give a few ideas for improving smart toy security. Categories: CybercrimePrivacy Tags: Christmasconnectedfestiveholiday seasoninternetIoTserversmarttoysWi-Fixmas (Read…

Read more →

Read the original article: Likely lead generation scam targets potential Malwarebytes MSP partners A likely lead generation scam has been hitting potential Malwarebytes MSP partners, as fraudsters flood unsuspecting victims with repeated calls. Categories: Scams Tags: lead generationlead generation scamMalwarebytesMalwarebytes…

Read more →

Read the original article: Threat profile: Egregor ransomware is making a name for itself The Egregror ransomware is quickly making a name for itself by victimizing big corporations. How does it work and what is its background? Categories: RansomwareThreat spotlight…

Read more →

Read the original article: NCSC: Be Cyber Aware, especially during the Christmas season The National Cyber Security Centre (NCSC) recently kicked off a new campaign for Cyber Aware, aiming to remind Christmas shoppers in the UK to remain vigilant and…

Read more →

Read the original article: SolarWinds advanced cyberattack: What happened and what to do now Possibly the largest hacking operation of 2020 was just unveiled. In this blog we share what we know and what you should do right now. Categories:…

Read more →

Read the original article: A week in security (December 7 – December 13) A roundup of cybersecurity news from December 7 – 13, including tax scams, FireEye breach, K12 security, and many other topics. Categories: A week in security Tags:…

Read more →

Read the original article: Malwarebytes detects leaked tools from FireEye breach The security company FireEye was breached by a sophisticated attack that stole multiple red team assessment tools. Malwarebytes customers are safe. Categories: Malwarebytes news Tags: breachdetectionFireEyered teamrules (Read more…)…

Read more →

Read the original article: Buying COVID-19 vaccines from the Dark Web? No thanks! Dark Web vendors are offering COVID-19 vaccines for sale. Here are the reasons why you shouldn’t trust them. Categories: Scams Tags: covid-19Dark Web (Read more…) The post…

Read more →

Read the original article: VideoBytes: Ryuk Ransomware Targeting US Hospitals Ryuk ransomware is infecting US hospitals. But how? And why? Categories: VideoBytes Tags: BazarLoadercobalt strikehospitalryuk (Read more…) The post VideoBytes: Ryuk Ransomware Targeting US Hospitals appeared first on Malwarebytes Labs.…

Read more →

Read the original article: Get a head start on defending against tax scams We look at a major tax scam bust in the US, and think about ways to keep tax details safe for the next tax season. Categories: Social…

Read more →

Read the original article: 50 percent of schools did not prepare for secure distance learning, Labs report reveals Schools faced a crisis this year, as the coronavirus forced educators across the country to suffer through lacking cybersecurity, our new report…

Read more →

Read the original article: Lock and Code S1Ep21: Lesson planning your school’s cybersecurity with Doug Levin Read more…) The post Lock and Code S1Ep21: Lesson planning your school’s cybersecurity with Doug Levin appeared first on Malwarebytes Labs.   Become a…

Read more →

Read the original article: File-sharing and cloud storage sites: How safe are they? File-sharing and online storage are popular online services. Is it worth paying for them or can you use a free one? We look at the pitfalls and…

Read more →

Read the original article: VideoBytes: Is it goodbye forever to Maze ransomware? The notorious Maze ransomware group, known for its corporate targeting and data leaking extortion schemes is, apparently, shutting down operations. Categories: VideoBytes Tags: extortiongandcrabMazeryukshutdownSodinokibi (Read more…) The post…

Read more →

Read the original article: The many ways you can be scammed on Facebook, part I With the COVID-19 virus still very much at large and the holiday season just around the corner, scams, too, are on the hype. Here’s what…

Read more →

Read the original article: Deep learning: An explanation and a peek into the future Deep learning is a special field in machine learning that is showing new developments in many industries. We explain the concept and give some examples of…

Read more →

Read the original article: Baltimore gets hit by ransomware again, the schools this time Baltimore County Public Schools have been paralyzed by a ransomware attack. The investigation is ongoing but meanwhile schools are closed. Categories: RansomwareReports Tags: baltimoreBaltimore City Schoolseducationransomware…

Read more →

Read the original article: German users targeted with Gootkit banker or REvil ransomware After a noted absence, the Gootkit banking Trojan returns en masse to hit Germany. In an interesting twist, some of the victims may receive ransomware instead. Categories:…

Read more →

Read the original article: A week in security (November 23 – November 29) A roundup of cybersecurity news from November 23 – 29, including Zoom, Spotify, and the IoT Cybersecurity Bill. Categories: A week in security Tags: AppleawisChris Boydcovid-19fbilock and…

Read more →

Read the original article: November spam roundup: Stalkers, property tips, porn, stern words and PayPal We look at some of the more recent spam mails taking up space in mailboxes. Categories: CybercrimeSocial engineering Tags: emailmailphishphishingroundupspam (Read more…) The post November…

Read more →

Read the original article: IoT cybersecurity bill passed by Senate The US Senate passed a bill to improve security guidelines and protocols for Internet of Things devices purchased and owned by the Federal government. Categories: GovernmentSecurity world Tags: House of…

Read more →

Read the original article: Spotify resets some user logins after hacker database found floating online The 380 million record database. didn’t belong to Spotify itself, but instead to fraudsters who’d uploaded it. Categories: Reports Tags: 2facredential stuffingdatabaseElasticsearchmfaPIISpotify (Read more…) The…

Read more →

Read the original article: Apple security hampers detection of unwanted programs Recent moves by Apple signal a potentially difficult future on macOS, where antivirus developers will have to play by increasingly limiting rules. Categories: Mac Tags: ApplemacOSPUPs (Read more…) The…

Read more →

Read the original article: Looks like we’re stuck with Zoom: Is it any safer? Zoom got into hot water at the start of the pandemic for its much publicized security risks. As you prepare to log in to your next…

Read more →

Read the original article: Lock and Code S1Ep20: Tracking the charities that track you online with Chris Boyd This week on Lock and Code, we talk to Chris Boyd, lead malware intelligence analyst for Malwarebytes, about charity organizations and online…

Read more →

Read the original article: Demystifying two common misconceptions with e-commerce security HTTPS and iframe containers augment security, but are not a panacea for online shoppers and merchants. Categories: Cybercrime Tags: e-commerceHTTPSiframeMagecartmerchantpadlocksecurityskimmerskimming (Read more…) The post Demystifying two common misconceptions with…

Read more →

Read the original article: Black Friday 2020: How to shop safely online With the promise of a mostly online Black Friday 2020, we offer up some tips for keeping yourself safe over the upcoming sales frenzy. Categories: Scams Tags: black…

Read more →

Read the original article: Chris Krebs, director of Cybersecurity and Infrastructure Security Agency, fired by President On Tuesday evening, President Donald Trump fired Chris Krebs, director of the Cybersecurity and Infrastructure Security Agency (CISA). Categories: Malwarebytes news Tags: 2020 presidential…

Read more →

Read the original article: IoT forecast: Running antivirus on your smart device? Cybersecurity for the Internet of Things (IoT) could look a lot like the cybersecurity overall in the future, including running antivirus on devices. Categories: Malwarebytes news Tags: antivirusDDos…

Read more →

Read the original article: WebNavigator Chromium browser published by search hijackers A mystery Chromium browser recently made a sudden appearance, and is certainly proving popular. But what is it, and where did it come from? Categories: AdwarePUPs Tags: browserchromiumMalwarebytes Privacysearch…

Read more →

Read the original article: Malsmoke operators abandon exploit kits in favor of social engineering scheme Threat actors behind malsmoke, one of the largest malvertising campaigns we’ve seen in recent months, have switched malware delivery tactics. Categories: ExploitsSocial engineeringThreat analysis Tags:…

Read more →

Read the original article: A week in security (November 9 – November 15) In this week in security (November 9 – November 15), we look at RegretLocker, the future of IoT cybersecurity, and far more. Categories: A week in security…

Read more →

Read the original article: Hat trick for Google as it patches two more zero-days in Chrome Google has patched two more zero-day vulnerabilities that were actively being exploited in the wild. Update now! Categories: Exploits and vulnerabilities Tags: chromecve-2020-16013cve-2020-16017Googlepatchessite-isolation (Read…

Read more →

Read the original article: Surviving college distance learning during the pandemic: a cybersecurity guide Students in higher education are exposed to online risks more than ever. Keep yourself secure while distance learning from home with this practical guide. Categories: How-tos…

Read more →

Read the original article: RegretLocker, new ransomware, can encrypt Windows virtual hard disks Cybersecurity researchers discovered a new ransomware called RegretLocker that can quickly encrypt virtual had disks on Windows machines. Categories: Ransomware Tags: .mousecontiCTemplarlockergogamedusa lockerransomwareregretlockerryukRyuk ransomwaresamsamsamsam ransomwareSodinokibisodinokibi ransomwarevirtual diskvirtual…

Read more →

Read the original article: Mozilla patches critical security issues in Firefox and Thunderbird Time to update! Mozilla has patched critical security issues in Firefox and Thunderbird. Categories: Exploits and vulnerabilities Tags: buffer overflowcve-2020-26950firefoxmcallgetpropertymozillarcethunderbirduse-after-free (Read more…) The post Mozilla patches critical…

Read more →

Read the original article: Lock and Code S1Ep19: Forecasting IoT cybersecurity with John Donovan and Adam Kujawa This week on Lock and Code, get a backstage pass to a Malkwarebytes employee cybersecurity training about the future of protecting the Internet…

Read more →

Read the original article: Update your iOS now! Apple patches three zero-day vulnerabilities Apple has issued an update for iOS and IPadOS to patch three zero-day vulnerabilities that were being exploited in targeted attacks. We advise you to install it…

Read more →

Read the original article: RegTech explained: a crucial toolset for the financial industry The financial industry has come to rely on RegTech. It helps financials comply with regulations and tightens up data safety and security. But what is it exactly?…

Read more →

Read the original article: Prop 24 passes in California, will change data privacy law Prop 24, which will change California’s current data privacy law, received firm support in the Golden State this week, likely sailing into passage. Categories: Privacy Tags:…

Read more →

Read the original article: QBot Trojan delivered via malspam campaign exploiting US election uncertainties Criminals won’t pass a unique opportunity to leverage current events to deliver malware. Categories: Cybercrime Social engineering Tags: electionsmalspamPinkslipbotQakbotQbotspam (Read more…) The post QBot Trojan delivered…

Read more →

Read the original article: Update your Chrome again as Google patches second zero-day in two weeks Google has patched its second Chrome zero-day in two weeks. Users are urgently advised to update their browser. Categories: Exploits and vulnerabilities Tags: 0daychromecve-2020-16009JavaScript…

Read more →

Read the original article: Maze ransomware gang announces retirement On November 1, the cybercriminals behind Maze ransomware announced their retirement. Is this a reason to go all out and celebrate? We’re afraid not. Categories: Ransomware Tags: egregorMazeransom.sekhmetransomwareretirement (Read more…) The…

Read more →

Read the original article: Hospital ransomware: Gangs are back to target healthcare With some countries and states heading back in to lockdown due to rising rates of COVID-19 infections, it seems horrible timing that hospital ransomware is back in the…

Read more →

Read the original article: A week in security (October 26 – November 1) In this week in security (October 26 – November 1), we look at Google’s Chrome zero-day patch, Cybersecurity Awareness Month, ransomware cash and far more. Categories: Malwarebytes…

Read more →

Read the original article: Vastaamo psychotherapy data breach sees the most vulnerable victims extorted A Finnish psychotherapy practice suffered a data breach (or two). Now its patients are receiving extortion messages. Categories: Cybercrime Tags: data breachextortiongdprpatient recordsvastaamo (Read more…) The…

Read more →

Read the original article: California’s Prop 24 splits data privacy supporters Prop 24 in California has split the data privacy community, with major organizations both supporting and opposing the proposed changes to data privacy law. Categories: Malwarebytes news Tags: "sensitive…

Read more →

Read the original article: HP printer issue on Mac: What happened? Last week, many Mac users received a ‘malware’ warning on their screens when trying to access their HP printer. Here’s what happened. Categories: Malwarebytes news Tags: ApplecertificatesmacOS (Read more…)…

Read more →

Read the original article: New Emotet delivery method spotted during downward detection trend Emotet got a superficial facelift this week, hiding itself within a fake request asking users to update Microsoft Word to take advantage of new features. Categories: Malwarebytes…

Read more →

Read the original article: Fake COVID-19 survey hides ransomware in Canadian university attack Universities are a hot target for malware right now. In this latest attack, a threat actor was targeting the University of British Columbia with the goal of…

Read more →

Read the original article: Scammers are spoofing bank phone numbers to rob victims Phone scammers are using spoofed caller ID numbers to convince their victims they are employees of your bank. Don’t fall for their tricks. Categories: Social engineering Tags:…

Read more →

Read the original article: Keeping ransomware cash away from your business Ransomware gangs are in the news for donating stolen funds to charitable organisations. Is this a good thing, or will it cause more trouble for the charity than it’s…

Read more →

Read the original article: Lock and Code S1Ep18: Finding consumer value in Cybersecurity Awareness Month with Jamie Court This week on Lock and Code, we talk to Jamie Court, president of Consumer Watchdog, about the consumer value in Cybersecurity Awareness…

Read more →

Read the original article: Google patches actively exploited zero-day bug that affects Chrome users Update your Chrome browser to its latest version—86.0.4240.111—to protect yourself from a vulnerability that Google says is being actively exploited. Categories: Exploits and vulnerabilities Tags: 86.0.4240.111browser…

Read more →

Read the original article: The value of cybersecurity integration for MSPs The nature of the MSP business demands integration. MSPs should ask the same from their cybersecurity solutions, streamlining endpoint security and more. Categories: Malwarebytes news Tags: cybersecuritycybersecurity integrationmanaged service…

Read more →

Read the original article: XSS to TSS: tech support scam campaign abuses cross-site scripting vulnerability This tech support scam is being spread via Facebook links and uses several redirection mechanisms to avoid detection. Categories: Cybercrime Social engineering Tags: cross-site scriptingtech…

Read more →

Read the original article: Brute force attacks increase due to more open RDP ports More open ports are inviting attackers to try and gain entry by using brute force attacks. Why is this happening and what can we do? Categories:…

Read more →

Read the original article: A week in security (September 12 – September 18) A roundup of interesting security news from our blog and around the web for the week of September 12 – September 18. Categories: A week in security…

Read more →

Read the original article: Deepfakes and the 2020 United States election: missing in action? We look at whether the 2020 United States election will be plagued by deepfakes, or if it’s not the concern experts once thought it was. Categories:…

Read more →

Read the original article: How Covid fatigue puts your physical and digital health in jeopardy More than seven months into the pandemic, much of the world is suffering from Covid fatigue. Learn how to identify the symptoms, why Covid fatigue…

Read more →

Read the original article: QR code scams are making a comeback With QR codes being used more as a means to help create a COVID-19 proof environment, we’re also seeing a comeback of QR codes scams. Categories: Scams Tags: advance…

Read more →

Read the original article: FIFA 21 game scams: watch out for unsporting conduct With the recent launch of the new FIFA 2021 video game, we look at some of the common scams to avoid. Categories: Cybercrime Social engineering Tags: coinsEAfakeFIFAfootballFUTgamesoriginscamsocial…

Read more →

Read the original article: Silent Librarian APT right on schedule for 20/21 academic year As expected, this Iranian APT set up a new campaign to target universities around the world when schools and universities went back. Categories: Malwarebytes news Tags:…

Read more →

Read the original article: Amazon Prime Day—8 tips for safer shopping Amazon Prime Day is here. With the ongoing pandemic further complicating life as we know it, how can you, the practical and cyber-sensible shopper, protect yourself from threats banking…

Read more →

Read the original article: Lock and Code S1Ep17: Journalism’s role in cybersecurity with Alfred Ng and Seth Rosenblatt Read more…) The post Lock and Code S1Ep17: Journalism’s role in cybersecurity with Alfred Ng and Seth Rosenblatt appeared first on Malwarebytes…

Read more →

Read the original article: Credit card skimmer targets virtual conference platform Criminals have gone after an online conference platform to steal credit card data from virtual attendees. Categories: Malwarebytes news Tags: InterMagecartskimmer (Read more…) The post Credit card skimmer targets…

Read more →

Read the original article: Healthcare security update: death by ransomware, what’s next? Read more…) The post Healthcare security update: death by ransomware, what’s next? appeared first on Malwarebytes Labs.   Advertise on IT Security News. Read the original article: Healthcare…

Read more →

Read the original article: Risky business: survey shows majority of people use work devices for personal use More people are working from home than ever before, many for the first time. And with that, come a lot more work devices.…

Read more →

Read the original article: Release the Kraken: Fileless APT attack abuses Windows Error Reporting service We discovered a new attack that injected its payload—dubbed “Kraken—into the Windows Error Reporting (WER) service as a defense evasion mechanism. Categories: Malware Malwarebytes news…

Read more →

Read the original article: Mobile network operator falls into the hands of Fullz House criminal group The Fullz House threat group has struck again, this time inserting a credit card skimmer into a mobile phone operator and seller. Categories: Malwarebytes…

Read more →

Read the original article: A week in security (September 28 – October 4) A roundup of the best cybersecurity stories from September 28 – October 4, including several tricky cases ransomware installed on… coffee makers? Categories: A week in security…

Read more →

Read the original article: Introducing VideoBytes, by Malwarebytes Labs This week, we’re launching VideoBytes, a new video series featuring research from Adam Kujawa, security evangelist and a director for Malwarebytes Labs. Categories: VideoBytes Tags: Explainedmalwarebytes labsplease don’t buy thisransomwarethreat cinemaTwitter…

Read more →

Read the original article: Caught in the payment fraud net: when, not if? Will we be stuck with payment fraud forever? Come with us as we explore what can go wrong, and why you shouldn’t blame yourself if you suffer…

Read more →

Read the original article: Lock and Code S1Ep16: Investigating digital vulnerabilities with Samy Kamkar This week on Lock and Code, we talk to Samy Kamkar, chief security officer and co-founder of Open Path, about the digital vulnerabilities in our physical…

Read more →

Read the original article: Lock and Code S1Ep16: Investigating digital vulnerabilities in our physical world with Samy Kamkar This week on Lock and Code, we talk to Samy Kamkar, chief security officer and co-founder of Open Path, about the digital…

Read more →

Read the original article: Lock and Code S1Ep15: Investigating digital vulnerabilities in our physical world with Samy Kamkar This week on Lock and Code, we talk to Samy Kamkar, chief security officer and co-founder of Open Path, about the digital…

Read more →

Read the original article: Taurus Project stealer now spreading via malvertising campaign The Taurus Project stealer gains an additional distribution vector via exploit kit. Categories: Malwarebytes news Tags: exploit kitsFallout EKmalvertisingpredator the thiefstealertaurus (Read more…) The post Taurus Project stealer…

Read more →

Read the original article: Sandbox in security: what is it, and how it relates to malware Sandboxes and virtual machines are tools that security researchers use to determine whether samples are malicious and what their payload is. Categories: Awareness Tags:…

Read more →

Read the original article: Phishers spoof reliable cybersecurity training company to garner clicks In a recent campaign, phishers were seen taking advantage of user trust on KnowBe4 and stealing their work email credentials. Categories: Scams Tags: Cofensecybersecurity trainingKnowBe4phishingphishing scamratremote access…

Read more →

Read the original article: A week in security (September 14 – 20) A round up of cybersecurity news from September 14 – 20, including the Zerologon exploit, BLURtooth vulnerability, APT41, and phishing scams. Categories: A week in security Tags: apt41blurtoothcharitiesChinesechrome…

Read more →

Read the original article: Is domain name abuse something companies should worry about? Should you worry about domain name abuse? For the most part it depends on what kind of company you are and what you expect to encounter. Categories:…

Read more →

Read the original article: Fintech industry developments, differences between Europe and the US The developments in fintech differ between regions due to legislation. How does that effect the industry and the safety of their customers? Categories: Business Tags: brexitfintechgdprlegislationonline shoppingpci…

Read more →

Read the original article: Charities and the advertising industry: data ecosystems and privacy risks We take a look at a study which dives into the connection between popular UK based charity organisations and tracking, Real Time Bidding, and data analysis…

Read more →

Read the original article: Fintech industry developments, differences between Europe and the US The developments in fintech differ between regions due to legislation. How does that effect the industry and the safety of their customers? Categories: Business Tags: brexitfintechgdprlegislationonline shoppingpci…

Read more →

Read the original article: Lock and Code S1Ep15: Safely using Google Chrome Extensions with Pieter Arntz This week on Lock and Code, we talk to Pieter Arntz, malware intelligence researcher for Malwarebytes, about Google Chrome extensions. Categories: Podcast Tags: advanced…

Read more →

Read the original article: The informed voter’s guide to election cyberthreats Read more…) The post The informed voter’s guide to election cyberthreats appeared first on Malwarebytes Labs.   Advertise on IT Security News. Read the original article: The informed voter’s…

Read more →

Read the original article: Report: Pandemic caused significant shift in buyer appetite in the dark web The pandemic has had a ripple effect on all facets of life—even the criminal. A new report looks at how the dark web has…

Read more →

Read the original article: Malvertising campaigns come back in full swing Threat actors monetize on adult traffic in several large malvertising campaigns. Categories: Social engineering Tags: ad networksbad adsexploit kitexploit kitsFallout EKmalvertisingmalvertising campaignsRIG EK (Read more…) The post Malvertising campaigns…

Read more →

Read the original article: A week in security (August 31 – September 6) A round up of the previous week’s most interesting security news and happenings. Categories: A week in security Tags: facebookmalwarephishround upscamsecuritytiktokweek in security (Read more…) The post…

Read more →

Read the original article: SMB cybersecurity posture weakened by COVID-19, Labs report finds In parsing the data for our August report on COVID-19, we learned that SMB cybersecurity faced many challenges, some of which are being unaddressed. Categories: Reports Tags:…

Read more →

Read the original article: PCI DSS compliance: why it’s important and how to adhere PCI DSS compliance is an important topic for those in the online payment and credit card industries. But if it’s so crucial, why is it so…

Read more →

Read the original article: How to keep K–12 distance learners cybersecure this school year As a new school season opens, educational institutions strive to adapt to the IT needs and challenges that come with the introduction of new learning schemes…

Read more →

Read the original article: New web skimmer steals credit card data, sends to crooks via Telegram Criminals steal payment data from online shoppers by abusing the Telegram instant messaging API, inserting credit card skimming code. Categories: Web threats Tags: credit…

Read more →

Read the original article: Apple’s notarization process fails to protect Read more…) The post Apple’s notarization process fails to protect appeared first on Malwarebytes Labs.   Advertise on IT Security News. Read the original article: Apple’s notarization process fails to…

Read more →

Read the original article: Lock and Code S1Ep14: Uncovering security hubris with Adam Kujawa This week on Lock and Code, we talk to Adam Kujawa, security evangelist and director of Malwarebytes Labs, about “security hubris.” Categories: Podcast Tags: enduring from…

Read more →

Read the original article: Missing person scams: what to watch out for Missing person alerts can be a prime source of inspiration for scammers looking to turn a quick buck. We explore some of the techniques used to further ill-gotten…

Read more →