Criminals are known to take advantage of events that capture people’s attention. This is true for any kind of attack that relies on social engineering, such as the phishing emails exploiting the Covid-19 pandemic. Certain events such as the current…
Tag: Malwarebytes Labs
Online credit card skimming increases by 26% in March
Criminals are known to take advantage of events that capture people’s attention. This is true for any kind of attack that relies on social engineering, such as the phishing emails exploiting the Covid-19 pandemic. Certain events such as the current…
Copycat criminals abuse Malwarebytes brand in malvertising campaign
This fake, copycat Malwarebytes site was set up by cybercriminals to distribute malware in a malvertising campaign. We examine the campaign—and the criminals’ motives. Categories: Exploits and vulnerabilities Tags: copycat criminalscopycat sitesexploit kitexploit kitsfake malwarebytes siteFalloutFallout EKmalvertisingmalvertising campaignmalvertising campaignsMalwarebytesRaccoonraccoon stealerthreat…
Cybersecurity labeling scheme introduced to help users choose safe IoT devices
Several countries are introducing a cybersecurity labeling scheme to inform consumers about the security features of IoT devices and force manufacturers to improve these features. Categories: IoT Tags: apacclscybersecurity labeling schemeIoTpasswordsrouterssecurity labeling schemesecurity labelling schemesingaporesmart homesmart home assistantsmart home hubs…
A week in security (March 30 – April 5)
A roundup of the week’s security news, including data privacy issues, increases in cyberattacks due to COVID-19, Zoom vulnerabilities, and more. Categories: A week in security Tags: covid-19cyber volunteersdraytekgdprhousepartyMarriottonline shoppingrdpvpnzoomzoom-bombing (Read more…) The post A week in security (March 30…
How social media platforms mine personal data for profit
We explore some of the ways social media use personal data to fuel advertising and keep the profits flowing. Categories: Privacy Tags: advertisingData privacyfacebookgated contentLinkedInmarketingprivacyproductsocial mediasocial media advertisingsocial media datasocial networkstwitter (Read more…) The post How social media platforms mine…
GDPR: An impact around the world
Two years after GDPR became effective in the European Union, countries across the world have emulated its approach to data privacy. Here’s a look at a few. Categories: Government Malwarebytes news Privacy Security world Tags: ArgentinaBill No. MEN-2018-147-APN-PTEBrazilBritish AirwaysCaliforniaCalifornia Consumer…
Important tips for safe online shopping post COVID-19
Online shopping can be convenient, especially during a total lockdown. But shopping online in the middle of the COVID-19 crisis brings with it other dangers. Here’s what to watch out for. Categories: Awareness Tags: counterfeitonline shoppingpadlockvpnweb skimmers (Read more…) The…
Lock and Code S1Ep3: Dishing on data privacy with Adam Kujawa
This week on the Lock and Code podcast, we talk with Labs director Adam Kujawa about the state of data privacy today, plus cover the security headlines of the week, including coronavirus scams, credit card skimmers, and more coronavirus. Categories:…
Coronavirus Bitcoin scam promises “millions” working from home
We look at a set of Coronavirus Bitcoin scam emails promising vast sums of cryptocash that can be made working from home—but drains users accounts instead. Categories: Scams Tags: bitcoinbritish celebrities scamcoronaviruscoronavirus bitcoincoronavirus bitcoin scamcoronavirus scamscovid-19covid-19 bitcoincovid-19 scamsemailscamsspam (Read more…)…
Consumerization: a better way to answer cybersecurity challenges
Malwarebytes CPO Akshay Bhargava explains why the consumerization of IT security—consumer-grade ease of use, plus enterprise security expertise—can meet the cybersecurity challenges of today. Categories: Opinion Tags: business cyberattacksbusiness cyberthreatsconsumerizationcyberattacksenterpriseenterprise securityITIT securitysecurity solutionsskills shortageUIUI/UXuser experienceuser interface (Read more…) The post…
Criminals hack Tupperware website with credit card skimmer
This latest hack from Magecart threat actors was well planned and executed. Categories: Hacking Tags: credit cardMagecartskimmerskimmingsteganographytupperware (Read more…) The post Criminals hack Tupperware website with credit card skimmer appeared first on Malwarebytes Labs. Advertise on IT Security News.…
Windows 7 is EOL: What next?
Windows 7 is EOL, meaning it’s reached the end of its lifecycle. It’s time to move on to a more secure OS—but that doesn’t mean you no longer need security software. Categories: Awareness Tags: Anti-Malwareantivirusbrowser threatsChromebookEnd Of LifeEOLexploitslinuxmacmacOSMalwarebyteswindows 10windows 7…
Fake “Corona Antivirus” distributes BlackNET remote administration tool
Beware of fraudulent antivirus products taking advantage of the COVID-19 crisis. Categories: Social engineering Threat analysis Tags: antivirusbotnetcoronaviruscovid-19fakemalwarerat (Read more…) The post Fake “Corona Antivirus” distributes BlackNET remote administration tool appeared first on Malwarebytes Labs. Advertise on IT Security…
Fake “Corona Antivirus” distributes BlackNET remote administration tool
Beware of fraudulent antivirus products taking advantage of the COVID-19 crisis. Categories: Social engineering Threat analysis Tags: antivirusbotnetcoronaviruscovid-19fakemalwarerat (Read more…) The post Fake “Corona Antivirus” distributes BlackNET remote administration tool appeared first on Malwarebytes Labs. Advertise on IT Security…
Fake “Corona Antivirus” distributes BlackNET remote administration tool
Beware of fraudulent antivirus products taking advantage of the COVID-19 crisis. Categories: Social engineering Threat analysis Tags: antivirusbotnetcoronaviruscovid-19fakemalwarerat (Read more…) The post Fake “Corona Antivirus” distributes BlackNET remote administration tool appeared first on Malwarebytes Labs. Advertise on IT Security…
A week in security (March 16 – 22)
A roundup of the previous week’s most notable security stories and events, including COVID-19-themed threats, child identity theft, and securely working from home. Categories: A week in security Tags: APT36awiscovid-19emotetfake newsmoney muleMonitorMinorphishing scamromance scamshadow IoTSlackstalkerwaretrickbotweek in securityweekly blog roundupWHOWorld Health…
Coronavirus scams, found and explained
Here are some of the many coronavirus email scams that Malwarebytes spotted in the wild, with full details on what they say, what they’re lying about, and which malware they’re trying to install on your machine. Categories: Scams Tags: 1…
Security tips for working from home (WFH)
MMany people are working from home (WFH) as part of a global social distancing effort to avoid spreading the coronavirus. Learn how to stay secure (and a couple tips for staying sane) in the process. Categories: How-tos Tags: coronaviruspasswordremoteremote workremote…
Cybercriminals impersonate World Health Organization to distribute fake coronavirus e-book
Threat actors ramp up on coronavirus-themed campaigns, posing as the World Health Organization sending emails with fake e-book content. Instead of advice, users get compromised with malware. Categories: Social engineering (Read more…) The post Cybercriminals impersonate World Health Organization to…
Child identity theft, part 2: How to reclaim your child’s identity
In part 2 of our series on child identity theft, we examine the signs their PII might be compromised and how to reclaim your child’s identity if it is. We also list ways to protect their data and ID in…
Lock and Code S1Ep2: On the challenges of managed service providers
On episode 2 of Lock and Code, we discuss the latest security news, including how to secure remote workers, security conferences cancelled because of coronavirus, and Google Play’s poor performance on stopping malware. Plus, we speak to two MSP representatives…
APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT
We look at a spear phishing attack from APT36, an Advanced Persistent Threat group posing as the government of India and offering guidance on coronavirus. Instead, users are infected with a Crimson RAT that steals data. Categories: Threat analysis Tags:…
The effects of climate change on cybersecurity
We explore the relationship between climate change and cybersecurity, two of the major issues of our time. Does cybersecurity actually contribute to global warming? Or can climate change illicit an uptick in cybercrime? We take a look. Categories: Awareness Tags:…
Coronavirus impacts security conferences and events: check your schedule
We look at upcoming cancellations, postponements, and moves to virtual for security conferences in the wake of the coronavirus pandemic. Categories: Security world Tags: black hatbsidescancellationsconferencescoronavirusDEF CONdisruptioneventsinfosecRSARSA Conferencesecurity conferencesecurity conferencessecurity event (Read more…) The post Coronavirus impacts security conferences and…
RemoteSec: achieving on-prem security levels with cloud-based remote teams
Times are quickly changing and many teams are scrambling to embrace a shift to remote work. How will security protocols change? Time to move from on-prem to RemoteSec. Categories: Business Tags: cloud infrastructurecloud securitycloud servicesremote securityremote workremote workersremote workingremotesectelecommutingV2 Cloudworkforce…
Securing the MSP: best practices for vetting cybersecurity vendors
How do you spot the unicorn cybersecurity vendors amongst the bad apples? We show MSPs the ins and outs of vendor vetting. Categories: Business Tags: cybersecurity vendorsenterprisemanaged service providersMSPrisk managementSOCSOC teamsvetting cybersecurity vendorsvetting security vendors (Read more…) The post Securing…
Rocket Loader skimmer impersonates CloudFlare library in clever scheme
URLs can be deceiving, but the one used to mimic CloudFlare’s Rocket Loader in the latest Magecart attack takes it to a whole new level. Categories: Threat analysis Tags: HTTPSJavaScriptMagecartskimmerskimming (Read more…) The post Rocket Loader skimmer impersonates CloudFlare library…
A week in security (March 2 – 8)
A roundup of the previous week’s security headlines, including the introduction of a new series on child identity theft, an examination of law enforcement’s cybersecurity woes, a progress check on our stalkerware initiative, and more coronavirus scammers on the prowl.…
International Women’s Day: awareness of stalkerware, monitoring, and spyware apps on the rise
For International Women’s Day, Malwarebytes is measuring the impact of our own campaign to raise awareness and protect users. These are the numbers on stalkerware, monitoring, and spyware apps. Categories: Stalkerware Tags: Bureau of Justice Statisticscenter for disease control and…
Bring your own privacy: VPNs for consumers and orgs
VPNs are all the rage, but they’re not without their problems. Where do you stand on the great “Should we deploy a VPN” debate? Categories: Privacy Tags: anonymityanonymousdesktopIP addressMobileprivacyprivate browsingproxyremote workremote workerssecurevirtual private networksvpnVPNs (Read more…) The post Bring your…
Technology and the power of moral panic
We look at how technology and a splash of moral panic have made for strange companions down the years. Categories: Awareness Tags: computer gamescyberdiscordelvishackingkalilinuxmoral panicpostervideo gamesvirtual machine (Read more…) The post Technology and the power of moral panic appeared first…
Are our police forces equipped to deal with modern cybercrimes?
Police forces are working hard to keep up with the latest developments in cybercrime, training digital experts for the purpose. But is it enough? And is it happening across the globe? Categories: Opinion Tags: critical infracstructurecybercrimedigital evidencedigital expertdigital tracingdutch policefbiforensicsnetwork…
Child identity theft, part 1: On familiar fraud
In this two-part series on child identity theft, we shed light on the growing problem of familiar fraud, where those entrusted with a minor’s information are the very ones who abuse it. Categories: Awareness Tags: child identity fraudchild identity theftcyberbullyingfamiliar…
Lock and Code S1Ep1: On RSA, the human element, and the week in security
We look at all the interesting security news from last week’s RSA Conference and beyond, plus present the first episode of our brand-new podcast: Lock and Code. Categories: Podcast Tags: lock and codemalwarepodcastscamssecuritythreatsweek in security (Read more…) The post Lock…
Domen toolkit gets back to work with new malvertising campaign
We describe the latest malvertising campaign that uses Domen, an advanced social engineering toolkit. Categories: Threat analysis Tags: buren ransomwareDomendomen toolkitintelrapid cryptominerJavaScriptmalicious websitesmalvertisingmalvertising campaignssmoke loaderSocial EngineeringtoolkitVidarvidar stealer (Read more…) The post Domen toolkit gets back to work with new malvertising…
Mac adware is more sophisticated and dangerous than traditional Mac malware
Adware and PUPs can actually be far more invasive and dangerous on the Mac than “real” malware. We demonstrate with analysis of Crossrider, a sophisticated Mac adware that uses evasion and persistence techniques more complex than nation-state malware. Categories: Mac…
Stalkerware and online stalking are accepted by Americans. Why?
Americans may be accepting and minimizing online stalking behaviors, including the use of invasive apps that can pry into a user’s text messages, emails, photos, videos, and phone logs. Categories: Malwarebytes news Stalkerware Tags: BJSBureau of Justice StatisticsCDCcenter for disease…
Fraudsters cloak credit card skimmer with fake content delivery network, ngrok server
Criminals set up fraudulent infrastructure that looks like a typical content delivery network—except it isn’t. Behind it hides a credit card skimmer injected into Magento online stores. Categories: Threat analysis Tags: cdncontent delivery networkcredit card datadata exfiltrationMagecartmagentongrokproxy serversecure tunnelsskimmerstunnelingweb skimmerweb…
Biotech health care innovations meet security challenges
Advancements in biotech could save thousands, if not millions of lives. But what security and privacy challenges do they introduce? We take a close look at recent innovations. Categories: Vital infrastructure Tags: AIbiosensorsBLEbluetoothdna-testfdapacemakerpharmaceuticalssmart pillsweyntoothvulnerabilities (Read more…) The post Biotech health…
Introducing Lock and Code: a Malwarebytes Labs podcast
Malwarebytes is launching a podcast, called Lock and Code, on Monday, March 2, breaking down cybersecurity headlines and diving into complex issues with guest interviews. Tune in every two weeks. Categories: Podcast Tags: cybercrimecybersecurity awarenesslock and codelock and code S1Ep0lock…
A week in security (February 17 – 23)
A roundup of the previous week’s most notable security stories and events, including cloud identity management, a noteworthy Twitter scam-tastrophy, RobbinHood ransomware, and more. Categories: A week in security Tags: awisBlueKeepcatfishingChrome ExtensionCrypto scamsdeepfakeselectionsepic gamesfirmwareIDaaSidentity-as-a-serviceJamila KayaLokiBotransomwarescammerstwitterVoatzweek in securityweekly blog roundupYouTube hack…
Why managed service providers (MSP) are critical for business continuity
What many don’t realize is that SMBs need the same level of protection from threats that are usually only afforded to enterprises. Managed service providers (MSPs) are the key to getting the protection and service they need while staying on…
Threat spotlight: RobbinHood ransomware takes the driver’s seat
RobbinHood a is a ransomware family that specifically targets organizations using a vulnerable kernel driver to prepare systems for encryption. Learn how to protect against it. Categories: Threat spotlight Tags: .enc_robbinhoodAnti-RansomwarebaltimorebitcoingreenvilleMalwarebytesransomransom noteransomwareransomware rollbackrobbinhoodrobbinhood ransomwarerollback (Read more…) The post Threat spotlight:…
Rudy Giuliani’s Twitter mishaps invite typosquatters and scammers
Rudy Giuliani’s Twitter account contains many typos that lead to the wrong website—and scammers and typosquatters are taking advantage. Categories: Scams Tags: adwarebrowser extensionscybersecurity czargiulianihacktivismmalvertisingmalvertising schemespolitical targetsrudy giulianiscamstweetstwittertypotyposquatting (Read more…) The post Rudy Giuliani’s Twitter mishaps invite typosquatters and scammers…
Harnessing the power of identity management (IDaaS) in the cloud
With security, compliance, and customer engagement driving organizations to the cloud, it’s no wonder IDaaS has become the standard in identity management. Learn about the benefits and concerns of IDaaS for organizations of all sizes. Categories: Explained Tags: hybrid environmentiamIDaaSidentity…
A week in security (February 10 – 16)
A roundup of the previous week’s security news, including Malwarebytes’ release of the 2020 State of Malware Report, online dating woes, Emotet infection vectors, ransomware attacks, and more. Categories: A week in security Tags: accusoftCISOcoronavirusDellemotetEquifaxgigabytegridworkshelixHollywoodnude photosonline datingrobbinhoodstate of malware reportxHelper…
Misleading cybersecurity lessons from pop culture: how Hollywood teaches to hack
We take a look at some of the most famous (or infamous) hacking scenes from TV and movies and the cybersecurity lessons, if any, we can learn from them. Categories: Awareness Tags: black hatscybercrimecybercrime in the moviescybercrime on TVcybersecuritycybersecurity awarenesshackhackershackinghacking…
Cyber tips for safe online dating: How to avoid privacy gaffs, exploits, and scams
We give advice on safe online dating, including steering clear of scams, buttoning up on privacy, and avoiding vulnerable apps. Categories: Privacy Tags: appsdatingonline datingopsecromancescams (Read more…) The post Cyber tips for safe online dating: How to avoid privacy gaffs,…
Android Trojan xHelper uses persistent re-infection tactics: here’s how to remove
A new variant of the Android Trojan xHelper re-infects just hours after removal—and with the help of Google PLAY?! A forum user helps us investigate. Categories: Android Tags: Androidandroid malwareAndroid/Trojan.Dropper.xHelpermobile malwarexHelper (Read more…) The post Android Trojan xHelper uses persistent…
Malwarebytes Labs releases 2020 State of Malware Report
The 2020 State of Malware Report reveals how cybercriminals upped the ante on businesses, Mac threats outpaced PCs, and ransomware continued its targeted, deadly assault with new families in 2019. Learn all this and more in the full report, linked…
Battling online coronavirus scams with facts
New online scams have preyed on the public’s fear about coronavirus outbreak. Don’t be fooled. Here is what we know about coronavirus and its related scams. Categories: Social engineering Tags: 2019-nCoVCDCCenters for Disease Control and Preventionchinacoronavirusemail scamemotetHubeimalwareNovel Coronavirusphishing campaignphishing scamquarantineUS…
A week in security (February 3 – 9)
Last week on Malwarebytes Labs, we looked at Washington state’s latest efforts to provide better data privacy rights for their residents, dove into the many security questions regarding fintech, and took a look at performance art’s impact on Google Maps.…
Google Maps: online interventions with offline ramifications
We look at some of the ways people have gamed online mapping systems over the years. Categories: Privacy Tags: art vs techbusinessescarscrowdsourcingGooglegoogle mapsgpsgps locationlocationmap makermapsreviewstraffic appstraffic sensorsuser generated content (Read more…) The post Google Maps: online interventions with offline ramifications…
Adposhel adware takes over browser push notifications administration
Adware.Adposhel has been noticed to use Chrome policies to ensure that their permissions for web push notifications don’t get removed by the user. Categories: Adware Tags: adwareAdware.AdposhelDefaultNotificationsSettingnotificationsNotificationsAllowedForUrlsweb push notifications (Read more…) The post Adposhel adware takes over browser push notifications…
Adware.Adposhel takes over your web push notifications administration
Adware.Adposhel has been noticed to use Chrome policies to ensure that their permissions for web push notifications don’t get removed by the user. Categories: Adware Tags: adwareAdware.AdposhelDefaultNotificationsSettingnotificationsNotificationsAllowedForUrlsweb push notifications (Read more…) The post Adware.Adposhel takes over your web push notifications…
Fintech security: the challenges and fails of a new era
The fintech industry has gone through some dramatic changes during the last decade and is still trying to adapt. Is security still one of their priorities? Categories: Vital infrastructure Tags: cryptocurrencyfinacialsfintechgdprgreen padlockidentity managementMagecartpayment requestsransomwarevital infrastructureweb skimmers (Read more…) The post…
Washington Privacy Act welcomed by corporate and nonprofit actors
The Washington Privacy Act would extend new data rights of access, correction, and deletion to Washington residents, with new rules on facial recognition. Categories: Privacy Tags: 2019 Washington Privacy Act2020 Washington Privacy ActCalifornia Consumer Privacy ActCCPAConsumer Reportsdata portabilitydata privacy lawdata…
A week in security (January 27 – February 2)
A roundup of the previous week’s most interesting security news Categories: A week in security Tags: a week in securitycybersecurity newsinfosecmalwarephishingroundupsmsweek in security (Read more…) The post A week in security (January 27 – February 2) appeared first on Malwarebytes…
Securing the MSP: their own worst enemy
Behind each cyberattack on the MSP is typically a system left unpatched, asset management undone, security officer not hired, or board who sees investment in security as a cost center rather than a long-term investment. Categories: Opinion Tags: advanced persistent…
Spear phishing 101: what you need to know
We look at the threat of spear phishing, why it’s such a problem, and what organizations can do to lessen the chance of a successful attack. Categories: Social engineering Tags: 101businessmalspamorganisationorganizationorganizationsphishphishingscamsmishingSocial Engineeringspamspear phishspear phishingwhaling (Read more…) The post Spear phishing…
Explained: the strengths and weaknesses of the Zero Trust model
Zero Trust is an information security framework that insists its users “never trust, always verify.” Is this the best security model for organizations today? We examine its strengths and weaknesses. Categories: Explained Tags: byodcloudframeworkidentity managementinsider threatsIoTlateral threat movementmfaperimeterrdpsecuritysecurity orchestrationstrategyzero trustzero…
A week in security (January 20 – 26)
A roundup of the previous week’s most notable security stories and events, including tech support scams, deepfakes, and the latest ransomware attack in Florida. Categories: A week in security Tags: Appleawisblog recapbreachfacebook phishingfake job listingsGooglehiring scamJhoneRATNest IOTPupyRATransomwareratremote access Trojansextortiontech support…
Tampa Bay Times hit with Ryuk ransomware attack
Florida newspaper The Tampa Bay Times suffered a Ryuk ransomware attack Thursday, making it the latest major victim of the notorious ransomware family that continues to rise in popularity. Categories: Ransomware Tags: Chicago TribuneCrowdStrikeDCH Health SystememotetImperial CountyImperial County CaliforniaLake CityLake…
Deepfakes laws and proposals flood US
In a rare example of legislative haste, roughly one dozen state and federal bills were introduced in the past 12 months to regulate deepfakes, the relatively modern technology that some fear could upend democracy. Categories: Artificial Intelligence Tags: AB 602AB…
WOOF locker: Unmasking the browser locker behind a stealthy tech support scam operation
We reveal the inner workings of WOOF locker, the most sophisticated browser locker campaign we’ve seen to date. Learn how this tech support scam evades researchers and ensnares users by hiding in plain sight. Categories: Social engineering Threat analysis Tags:…
A week in security (January 13 – 19)
Our weekly security roundup for January 13-19, with a look at elastic servers, data enrichment, rootkits, regulation for deepfakes, and more. Categories: A week in security Tags: apt40Ciscocitrixdata enrichmentdeepfakeselastic serversemotetrootkittravelexweleakinfo (Read more…) The post A week in security (January 13…
Business in the front, party in the back: backdoors in elastic servers expose private data
It’s all too easy to discover data leaks online, especially in cloud services. We take a look at misconfigurations in elastic servers that lead to exposed data on the Internet. Categories: Threat spotlight Tags: awsAWS bucketscloud databasecloud databasescloud infrastructureelastic databaseselastic…
Explained: data enrichment
Data enrichment applies to the process of enhancing, refining, and improving raw data. Used by companies to improve marketing efforts, data enrichment impacts both privacy and security. Categories: Explained Tags: contact enrichmentdata cleaningdata enrichmentgdpr (Read more…) The post Explained: data…
Rules on deepfakes take hold in the US
Rather than creating new policies or crimes for deepfakes—like making it illegal to use them to deceive—the NDAA seeks a better understanding to the burgeoning technology. Categories: Artificial Intelligence Tags: Barack ObamaBoris JohnsoncheapfakedeepfakedeepfakesDepartment of DefenseDirector of National IntelligenceDNIGavin NewsomGovernor Gavin…
How to prevent a rootkit attack
Rootkit attacks are considered one of the most dangerous cyberthreats today. Learn what they are, how they infect systems, and how to protect against them. Categories: How-tos Tags: application rootkitsbootloaderfirmware rootkitshardware rootkitskernel rootkitsphishingrootkitrootkit attacksSocial Engineeringvirtualized rootkits (Read more…) The post…
A week in security (January 6 – 12)
A cybersecurity news roundup from January 6–12, with a look at Phobos ransomware and a discovery of pre-installed malware on government-funded phones. Categories: A week in security Tags: CESCES 2020Consumer Electronics Showeducation cybersecurityGooglePhobosPhobos ransomwarepre-installed mobile malwareransomwareretail industryRingsearch industrytiktok (Read more…)…
Threat spotlight: Phobos ransomware lives up to its name
Phobos, which many believe was named after the Greek god of fear, isn’t as widespread as it was before nor is it more novel than your average ransomware. Yet, it remains a threat to consumers and businesses alike. We dive…
United States government-funded phones come pre-installed with unremovable malware
A US-funded government assistance program is selling budget-friendly mobile phones that come pre-installed with unremovable malicious apps. Malwarebytes Labs investigates the malware’s origins. Categories: Android Tags: android malwareAndroid/Trojan.Dropper.Agent.UMXAndroid/Trojan.HiddenAdschinaMobilemobile malwarepre-installed mobile malwarepre-installed softwaretrojan (Read more…) The post United States government-funded phones…
6 ways hackers are targeting retail businesses
Whether it’s a high-volume shopping season or not, retail businesses are at risk from cybercriminals in a number of ways. Learn how hackers target retailers and shoppers alike. Categories: Web threats Tags: credential stuffingEMV technologyMagecartnear field communicationnfc technologyonline retailonline retailersonline…
Dubious downloads: How to check if a website and its files are malicious
Users often search the web for downloads when companies no longer support software, and what they find is dubious. How can they tell if the files are safe? We tell how to spot the difference. Categories: How-tos Tags: certificatechecksumdownloadpadlockscantrusted (Read…
Billion-dollar search engine industry attracts vultures, shady advertisers, and cybercriminals
We look at the ways in which criminals and vultures use less-than-honest tactics to fleece the search engine industry for a piece of its billion-dollar pie. Categories: PUPs Tags: adfraudadvertisementsadwareextensionshijackerspotentially unwanted programsPUPsresultssearchsearch enginesearch engine optimizationsearch enginesSEOseo poisoningsponsored (Read more…) The…
A week in security (December 30 – January 5)
A roundup of the previous week’s most notable security stories and events, including new web skimmer techniques, an explanation of edge computing, and more. Categories: A week in security Tags: CISOmalwareskimmertiktokweek in securityweekly roundup (Read more…) The post A week…
How not to buy drugs on the Internet
Most get-rich-quick schemes on the Internet prove to be scams in disguise—and that includes buying drugs. Learn how scammers take advantage of users looking for illegal activities online. Categories: Scams Tags: clearnetdark netdrug scamsdrugsfraudInternet crimeonline crimeonline drug scamsscams (Read more…)…