Categories: Personal Tags: UPS Tags: delivery Tags: scam Tags: phish Tags: phishing Tags: smishing Tags: SMS Tags: text Tags: fake Tags: data UPS is warning Canadian customers of potential phishing attempts after data was left accessible via look-up tool. (Read…
Tag: Malwarebytes Labs
Malwarebytes only vendor to win every MRG Effitas award in 2022 & 2023
Categories: Business Dive into where we prevented more than the rest and how we were able to do it. (Read more…) The post Malwarebytes only vendor to win every MRG Effitas award in 2022 & 2023 appeared first on Malwarebytes…
DNA testing company failed to protect sensitive genetic and health data, says FTC
Categories: News Categories: Personal Tags: FTC Tags: privacy Tags: retroactive Tags: DNA. testing Tags: sample Tags: retain Tags: data Tags: unsecured Tags: charge The FTC is going head to head with a DNA testing startup which left consumer data unsecured…
Ransomware attackers email bemused students as leverage for a payout
Categories: Business Categories: News Tags: students Tags: university Tags: university of Manchester Tags: UoM Tags: ransomware Tags: blackmail Tags: theft Tags: pressure Tags: leak Tags: breach We take a look at one group’s creative tactics to ensure a payout from…
Black Cat ransomware group wants $4.5m from Reddit or will leak stolen files
Categories: Business Tags: reddit Tags: ransom Tags: black cat Tags: ransomware Tags: extortion Tags: blackmail Tags: data Tags: leak Tags: breach We take a look at news that data stolen from Reddit may be leaked soon unless the site pays…
Baby monitor safety: What you need to know
Categories: Personal Tags: baby Tags: monitor Tags: wi-fi Tags: wireless Tags: cam Tags: webcam Tags: camera Tags: DECT Tags: FHSS Tags: cloud Tags: storage Tags: secure Tags: safety Tags: password We take a look at some of the options available…
Update now! ASUS fixes nine security flaws
Categories: Exploits and vulnerabilities Categories: News Tags: ASUS Tags: router Tags: models Tags: CVE-2022-26376 Tags: CVE-2018-1160 Tags: Netatalk Tags: disable WAN ASUS has released firmware updates for several router models fixing two critical and several other security issues. (Read more…)…
Why businesses need a disinformation defense plan, with Lisa Kaplan: Lock and Code S04E13
Categories: Podcast This week on Lock and Code, we speak with Lisa Kaplan about why every business with an online presence should ready themselves against a potential disinformation campaign. (Read more…) The post Why businesses need a disinformation defense plan,…
A week in security (June 12 – 18)
Categories: News Tags: week Tags: security Tags: june 2023 A list of topics we covered in the week of June 12 to June 18 of 2023 (Read more…) The post A week in security (June 12 – 18) appeared first…
Phishing scam takes $950k from DoorDash drivers
Categories: Business Tags: door dash Tags: delivery Tags: phish Tags: phishing Tags: scam Tags: fake Tags: fraud Tags: theft Tags: call Tags: support Tags: phone We take a look at a phishing scam that cost 700 DoorDash drivers a combined…
US dangles $10 million reward for information about Cl0p ransomware gang
Categories: News Categories: Ransomware Tags: Cl0p Tags: ransomware Tags: RFJ Tags: 10 million Tags: MOVEit Rewards for Justice (RFJ) is offering a reward of up to $10 million for information the Cl0p ransomware gang is acting at the direction or under…
Fake security researchers push malware files on GitHub
Categories: News Tags: GitHub Tags: malware Tags: repository Tags: security researcher Tags: fake Tags: download Tags: scam Tags: twitter Tags: social We take a look at reports of fake security researchers offering up malware downloads via GitHub repositories. (Read more…)…
MOVEit discloses THIRD critical vulnerability
Categories: Exploits and vulnerabilities Categories: News Categories: Ransomware Tags: Progress Tags: Moveit Tags: CVE-2023-34362 Tags: CVE-2023-35036 Tags: Cl0p Progress has released an advisory about yet another MOVEit Transfer vulnerability while new victims of the first one keep emerging. (Read more…)…
LockBit ransomware advisory from CISA provides interesting insights
Categories: News Categories: Ransomware Tags: CISA Tags: LockBit Tags: stats Tags: RaaS A joint advisory published by CISA, the FBI and many others shows some interesting stats that align with data found by Malwarebytes. (Read more…) The post LockBit ransomware…
Ticket scammers target Taylor Swift tour
Categories: Personal Tags: Taylor Tags: swift Tags: eras Tags: music Tags: gig Tags: concert Tags: tour Tags: scam Tags: ticket Tags: reseller Tags: fraud Tags: fake We take a look at multiple reports of ticket reseller fraud aimed at fans…
Update Chrome now! Google fixes critical vulnerability in Autofill payments
Categories: Exploits and vulnerabilities Categories: News Tags: Google Tags: Chrome Tags: Autofill Tags: payments critical Tags: CVE-2023-3214 Google has released an update which includes five security fixes including a critical vulnerability in Autofill payments. (Read more…) The post Update Chrome…
Microsoft fixes six critical vulnerabilities in June Patch Tuesday
Categories: Exploits and vulnerabilities Categories: News Tags: Microsoft Tags: patch Tuesday Tags: CVE-2023-29357 Tags: CVE-2023-29363 Tags: CVE-2023-32014 Tags: CVE-2023-32015 Tags: CVE-2023-32013 Tags: CVE-2023-24897 Tags: CVE-2023-32031 Tags: SharePoint Tags: PGM Tags: Exchange Tags: Hyper-V Patch Tuesday of June 2023 is relatively…
Edge browser feature sends images you view back to Microsoft
Categories: News Tags: Edge Tags: Enhance images Tags: super resolution Tags: content creators A new Edge feature labelled ‘Enhance images in Microsoft Edge’ has raised some privacy concerns because it sends information to Microsoft. (Read more…) The post Edge browser…
A week in security (June 5 – 11)
Categories: News Tags: week in security A list of topics we covered in the week of June 5 to June 11 of 2023 (Read more…) The post A week in security (June 5 – 11) appeared first on Malwarebytes Labs.…
Public and free WiFi: Can I safely use it?
Categories: News Categories: Personal Tags: Free Tags: public Tags: WiFi Tags: HTTPS Tags: TLS Tags: VPN The Internet has changed. A lot. Does that make it safer to use public, free WiFi? (Read more…) The post Public and free WiFi:…
More MOVEit vulnerabilities found while the first one still resonates
Categories: Exploits and vulnerabilities Categories: News Categories: Ransomware Tags: MOVEit Tags: Progress Tags: Cl0p Tags: ransomware Tags: CVE-2023-34362 A security audit of the MOVEit code has revealed more SQL injection vulnerabilities, while victims of the first vulnerability are coming to…
Strava heatmap loophole may reveal users’ home addresses
Categories: Personal Tags: strava Tags: fitness Tags: health Tags: run Tags: running Tags: jog Tags: jogging Tags: jogger Tags: cycling Tags: bike Tags: race Tags: data Tags: anonymous Tags: anonymise Tags: location Tags: map Tags: heatmap Anonymous data on fitness…
VMware patches critical vulnerabilities in Aria Operations for Networks
Categories: Exploits and vulnerabilities Categories: News Tags: cve-2023-20887 Tags: cve-2023-20888 Tags: cve-2023-20889 Tags: vmware Tags: Aria Operations for Networks Tags: RCE Tags: information disclosure Tags: deserialization Tags: command injection VMware has released security updates to fix a trio of flaws…
Update your Cisco System Secure Client now to fix this AnyConnect bug
Categories: Exploits and vulnerabilities Categories: News Tags: Cisco Tags: anyconnect Tags: system secure client Tags: VPN Tags: bug Tags: patch Tags: update Tags: vulnerability Tags: SYSTEM We take a look at a recent update for Cisco Secure System Client and…
Ransomware review: June 2023
Categories: Ransomware Categories: Threat Intelligence May saw a record number of 556 reported ransomware victims, the unusual emergence of Italy and Russia as major targets, and a significant rise in attacks on the education sector. (Read more…) The post Ransomware…
Former TikTok exec: Chinese Communist Party had “God mode” entry to US data
Categories: News Categories: Privacy Tags: Yu Tags: TikTok Tags: ByteDance Tags: CCP Tags: influence Tags: data access Tags: loaded gun A former executive at TikTok’s parent company ByteDance has claimed in court documents that the Chinese Community Party (CCP) had…
Update Chrome now! Google patches actively exploited zero-day
Categories: Exploits and vulnerabilities Categories: News Tags: Google Tags: Chrome Tags: V8 Tags: heap corruption Tags: type confusion Tags: CVE-2023-3079 Google has released a Chrome update for a zero-day for which an exploit is actively being used in the wild.…
Warning: Victims’ faces placed on explicit images in sextortion scam
Categories: Personal Tags: sextortion Tags: deepfake Tags: FBI Tags: blackmail Tags: extortion Tags: fake Tags: fakes Tags: synthetic We take a look at some new developments in sextortion cases via a warning issued by the FBI. (Read more…) The post…
Unveiling Nebula’s Report 2.0: A new approach to security reporting
Categories: Business We’re excited to announce Report 2.0, a major upgrade to our report system in Nebula. (Read more…) The post Unveiling Nebula’s Report 2.0: A new approach to security reporting appeared first on Malwarebytes Labs. This article has been…
Microsoft illegally collected and retained children’s data, says FTC
Categories: Personal Tags: Microsoft Tags: Xbox Tags: privacy Tags: children Tags: COPPA Tags: FTC Tags: fine Tags: settlement Tags: games console Tags: gaming Tags: video games Microsoft is counting the cost of privacy violations, with $20m in fines related to…
Facebook clickbait leads to money scam for users
Categories: Threat Intelligence Tags: facebook Tags: posts Tags: google Tags: cloud run Clickbait posts on Facebook can lead to malicious websites. In this campaign, crooks are redirecting Facebook victims to scam pages hosted on Google’s infrastructure. (Read more…) The post…
How Coffee County Schools safeguards 7500 students and 1200 staff
Categories: Business Watch the Byte into Security webinar for a deep dive into K-12 cybersecurity. (Read more…) The post How Coffee County Schools safeguards 7500 students and 1200 staff appeared first on Malwarebytes Labs. This article has been indexed from…
Cl0p ransomware gang claims first victims of the MOVEit vulnerability
Categories: Exploits and vulnerabilities Categories: News Categories: Ransomware Tags: Progress Tags: MOVEit Tags: Transfer Tags: CVE-2023-34362 Tags: BBC Tags: Zellis Tags: BA The first victims of the ongoing attacks on vulnerable MOVEit Transfer instances are coming forward. The Cl0p ransomware…
5 unusual cybersecurity tips that actually work
Categories: Personal It’s time to shake off that special feeling, start lying, forget everything you’ve been told about passwords, spin up a million email addresses, and start throwing away computers for fun. (Read more…) The post 5 unusual cybersecurity tips…
The 2023 State of Ransomware in Education: 84% increase in attacks over 6-month period
Categories: Threat Intelligence In total, 26 separate ransomware-as-a-service gangs contributed to the onslaught on education. (Read more…) The post The 2023 State of Ransomware in Education: 84% increase in attacks over 6-month period appeared first on Malwarebytes Labs. This article…
Information stealer compromises legitimate sites to attack other sites
Categories: News A new web skimming campaign uses compromised legitimate sites to act as command and control servers. (Read more…) The post Information stealer compromises legitimate sites to attack other sites appeared first on Malwarebytes Labs. This article has been…
Play ransomware gang compromises Spanish bank, threatens to leak files
Categories: Business Tags: globalcaja Tags: play ransomware Tags: compromise Tags: data Tags: leak Tags: ransom Tags: bank Tags: banking Tags: Spain Tags: Spanish A large Spanish bank, Globalcaja, has fallen victim to the Play ransomware gang. (Read more…) The post…
Vice Society: The #1 cyberthreat to schools, colleges, and universities
Categories: News Categories: Ransomware In the last 12 months, the Vice Society ransomware gang has conducted more known attacks against education targets globally, and in the USA and the UK individually, than any other ransomware group. (Read more…) The post…
Update now! MOVEit Transfer vulnerability actively exploited
Categories: Exploits and vulnerabilities Categories: News Tags: Progress Tags: MOVEit Tags: vulnerability Tags: human2.aspx A critical vulnerability in Progress MOVEit Transfer is being used to steal large amounts of data (Read more…) The post Update now! MOVEit Transfer vulnerability actively…
Amazon’s Ring cameras were used to spy on customers
Categories: News Categories: Personal It’s what we all feared, but hoped wouldn’t be the case. (Read more…) The post Amazon’s Ring cameras were used to spy on customers appeared first on Malwarebytes Labs. This article has been indexed from Malwarebytes…
US hospital forced to divert ambulances after cyberattack
Categories: News Categories: Ransomware Tags: Idaho Tags: hospital Tags: cyberattack Tags: virus Tags: ransomware The Idaho Falls Community Hospital fell victim to a cyberattack on Monday and had to divert ambulances to nearby hospitals and close some of its clinics.…
[updated] Barracuda Networks patches zero-day vulnerability in Email Security Gateway
Categories: Exploits and vulnerabilities Categories: News Barracuda Networks issued a patch for a zero-day vulnerability in its Email Security Gateway that was actively being exploited (Read more…) The post [updated] Barracuda Networks patches zero-day vulnerability in Email Security Gateway appeared…
CISA issues warning to US businesses: Beware of China’s state-sponsored cyber actor
Categories: Business US businesses: watch out for Volt Typhoon, a threat actor sponsored by the People’s Republic of China (PRC). (Read more…) The post CISA issues warning to US businesses: Beware of China’s state-sponsored cyber actor appeared first on Malwarebytes…
Microsoft gives Apple a migraine
Categories: Exploits and vulnerabilities Categories: News Tags: Apple Tags: macOS Tags: Ventura 13.4 Tags: Monterey 12.6.6 Tags: Big Sur 11.7.7 Tags: libxpc Tags: SIP Tags: XPC Tags: NVRAM Tags: CVE-2023-32369 Tags: Migraine Microsoft has released details about a vulnerability that…
Financial services company OneMain fined $4.25 million for security lapses
Categories: Business Tags: one-man Tags: financial Tags: loans Tags: cyber Tags: lapses Tags: security Tags: update Tags: New York Tags: lapse We take a look at a fine totalling millions aimed at financial services company OneMain. (Read more…) The post…
Barracuda Networks patches zero-day vulnerability in Email Security Gateway
Categories: Exploits and vulnerabilities Categories: News Barracuda Networks issued a patch for a zero-day vulnerability in its Email Security Gateway that was actively being exploited (Read more…) The post Barracuda Networks patches zero-day vulnerability in Email Security Gateway appeared first…
A week in security (May 22-28)
Categories: News Tags: Cisco Tags: Zyxel Tags: ChatGPT Tags: Malvertising Tags: Apple Tags: Google Tags: insider threat Tags: Pentagon explosion Tags: CISA Tags: ransomware guide Tags: Rheinmetall Tags: BlackBasta Tags: WordPress A list of topics we covered in the week…
Zyxel patches two critical vulnerabilities
Categories: Exploits and vulnerabilities Categories: News Zyxel has released a security advisory about two critical vulnerabilities that could allow an unauthorized, remote attacker to take control of its firewall devices. (Read more…) The post Zyxel patches two critical vulnerabilities appeared…
“Beautiful Cookie Consent Banner” WordPress plugin vulnerability: Update now!
Categories: Business Tags: beautiful cookie consent banner Tags: WordPress Tags: plugin Tags: vulnerability Tags: exploit Tags: XSS Tags: javascript Tags: update Tags: website We take a look at a vulnerability in a popular WordPress plugin. It’s been fixed, but you’ll…
CISA updates ransomware guidance
Categories: News Categories: Ransomware Tags: CISA Tags: StopRansomware Tags: guide Tags: ZTA Tags: compromised Tags: cloud Tags: MDR CISA has updated its #StopRansomware guide to account for changes in ransomware tactics and techniques. (Read more…) The post CISA updates ransomware…
Webinar alert: How Coffee County Schools safeguards 7500 students and 1200 staff
Categories: Business Join our upcoming Byte into Security webinar for a deep dive into K-12 cybersecurity. (Read more…) The post Webinar alert: How Coffee County Schools safeguards 7500 students and 1200 staff appeared first on Malwarebytes Labs. This article has…
Tracking down a trojan: An inside look at threat hunting in a corporate network
Categories: Business How Malwarebytes MDR successfully helped a company detect and respond to the potent banking Trojan QBot. (Read more…) The post Tracking down a trojan: An inside look at threat hunting in a corporate network appeared first on Malwarebytes…
Rheinmetall attacked by BlackBasta ransomware
Categories: News Categories: Ransomware Tags: Rheinmetall Tags: BlackBasta Tags: ransomware A cyberattack on arms manufacturer Rheinmetall has been claimed by the BlackBasta ransomware group on its leak site. (Read more…) The post Rheinmetall attacked by BlackBasta ransomware appeared first on…
Malvertising via brand impersonation is back again
Categories: Threat Intelligence Tags: malvertising Tags: google Tags: ads Tags: amazon Tags: cloaking Ads containing the official website of an impersonated brand are running again, allowing fraudsters to scam users. (Read more…) The post Malvertising via brand impersonation is back…
Update now! Apple issues patches for three actively used zero-days
Categories: Exploits and vulnerabilities Categories: News Tags: Apple Tags: RSR Tags: CVE-2023-32409 Tags: CVE-2023-28204 Tags: CVE-2023-32373 Tags: out of bounds Tags: use after free Apple issued information about patches against three actively exploited zero-days in WebKit. One vulnerability is new,…
Google to pay $40m for “deceptive and unfair” location tracking practices
Categories: Personal Tags: Google Tags: tracking Tags: location Tags: data Tags: court Tags: lawsuit Tags: settlement Tags: advertising We take a look at a case where Google is agreeing to pay $40m as a result of disclosure related to location…
Employee guilty of joining ransomware attack on his own company
Categories: News Categories: Ransomware Tags: employee Tags: insider threat Tags: access control Tags: policy Tags: ransom An employee that tried to take advantage of a ransomware attack on his own company has pleaded guilty after 5 years of denying he…
AI generated Pentagon explosion photograph goes viral on Twitter
Categories: News Categories: Personal Tags: AI Tags: twitter Tags: misinformation Tags: disinformation Tags: fake Tags: viral Tags: hoax Tags: news Tags: verified Tags: checkmark Tags: debunk We take a look at a viral hoax on Twitter which used AI generated…
A week in security (May 15-21)
Categories: News Tags: Week in security Tags: May 2023 The most interesting security-related news of the week from May 15-21. (Read more…) The post A week in security (May 15-21) appeared first on Malwarebytes Labs. This article has been indexed…
Update now: 9 vulnerabilities impact Cisco Small Business Series
Categories: Business Tags: Cisco Tags: small business series Tags: web interface Tags: CVE Tags: exploit Tags: root If you’re using one of the affected products from the Cisco small business range, you need to patch immediately. (Read more…) The post…
ChatGPT: Cybersecurity friend or foe?
Categories: Business There are a lot of benefits to ChatGPT, but many in the security community have concerns about it. Malwarebytes’ CEO Marcin Kleczynski takes a deep dive into the topic. (Read more…) The post ChatGPT: Cybersecurity friend or foe?…
Webinar recap: EDR vs MDR for business success
Categories: Business Learn more about EDR and MDR and which is right for your business. (Read more…) The post Webinar recap: EDR vs MDR for business success appeared first on Malwarebytes Labs. This article has been indexed from Malwarebytes Labs…
Identity crisis: How an anti-porn crusade could jam the Internet, featuring Alec Muffett: Lock and Code S04E11
Categories: Podcast This week on Lock and Code, we speak with longtime security researcher about the eerily similar attempts across the globe to weaken the Internet to achieve one specific, social goal. (Read more…) The post Identity crisis: How an…
KeePass vulnerability allows attackers to access the master password
Categories: Exploits and vulnerabilities Categories: News Categories: Personal Tags: KeePass Tags: memory dump Tags: CVE-2023-32784 There is a Proof-of-Concept available for an unpatched vulnerability in KeePass that allows attackers to dump the master password. (Read more…) The post KeePass vulnerability…
Child safety app riddled with vulnerabilities: Update now!
Categories: Personal Tags: Parental control kids place Tags: child Tags: safety Tags: controls Tags: restrict. block Tags: limit Tags: vulnerability Tags: exploit Tags: password Tags: upload Tags: dashboard Child safety app Parental Control – Kids Place has been found to…
Zip domains, a bad idea nobody asked for
Categories: News Just, why? (Read more…) The post Zip domains, a bad idea nobody asked for appeared first on Malwarebytes Labs. This article has been indexed from Malwarebytes Labs Read the original article: Zip domains, a bad idea nobody asked…
APT attacks: Exploring Advanced Persistent Threats and their evasive techniques
Categories: Business Unpacking one of the most dangerous threats in cybersecurity. (Read more…) The post APT attacks: Exploring Advanced Persistent Threats and their evasive techniques appeared first on Malwarebytes Labs. This article has been indexed from Malwarebytes Labs Read the…
PharMerica breach impacts almost 6 million people
Categories: News Categories: Ransomware Tags: PharMerica Tags: Money Message Tags: ransomware Tags: PII Tags: SSN US pharmacy giant PharMerica has reported a cybersecurity incident that affects over 5.8 million people. The data theft has been claimed by ransomware group Money…
Leaked Babuk ransomware builder code lives on as RA Group
Categories: News Tags: ransomware Tags: RA Group Tags: babuk Tags: code Tags: leaked Tags: encrypted Tags: stolen Tags: exfiltrated Tags: ransom Tags: hijack Tags: blackmail Tags: double extortion Tags: leak Tags: sell We take a look at yet another ransomware…
3 reasons to use a VPN
Categories: Personal Categories: Privacy Tags: VPN Tags: Privacy Tags: always on Tags: location Tags: sensitive information Most VPN users can be put in one of three categories. It all depends on your needs and your threat model. (Read more…) The…
A week in security (May 8-14)
Categories: News Tags: YouTube Tags: ad block Tags: sponsored tweets Tags: Twitter Tags: fake BBC News Tags: AVLab assessment Tags: Google Tags: Google Passkey Tags: MSP Tags: Patch Tuesday Tags: Discord Tags: RedStinger Tags: tech support scam Tags: Aurora stealer…
Why we should be more open about ransomware attacks
Categories: News Categories: Ransomware Tags: ransomware Tags: data breach Tags: dark web Tags: share information Paying the ransom and not saying a word about what happened is what cybercriminals would like us all to do. (Read more…) The post Why…
Windows 11 is showing its first signs of Rust
Categories: News Tags: Windows 11 Tags: OS Tags: operating system Tags: programming language Tags: rust Tags: C Tags: C++ Tags: kernel Tags: buffer overflow We take a look at the slow introduction of programming language Rust into the Windows 11…
Update now! Ruckus vulnerability added to CISA’s list of actively exploited bugs
Categories: Exploits and vulnerabilities Categories: News Tags: Ruckus Tags: CISA Tags: AndoryuBot Tags: CVE-2023-25717 Tags: 163.123.142.146 CISA has added a Ruckus vulnerability being abused by the AndoryuBot botnet to its catalog. (Read more…) The post Update now! Ruckus vulnerability added…
Sponsored Twitter post uses fake BBC News site to boost slippery oil trading app
Categories: News Categories: Personal Tags: forex Tags: BBC Tags: fake Tags: trading Tags: digital Tags: reviews Tags: website Tags: AI Tags: app Tags: phone Tags: twitter Tags: sponsored Tags: ad Tags: advert Tags: blue check Tags: verified We take a…
YouTube is testing ad blocker detection
Categories: News Categories: Personal Tags: youtube Tags: ad Tags: advert Tags: network Tags: ad industry Tags: block Tags: blocker Tags: adblock Tags: malware Tags: malvertising Tags: intrusive Tags: popup Tags: affiliate We take a look at YouTube’s testing of ad…
Google Passkeys: How to create one and when you shouldn’t
Categories: News Tags: Google passkey Tags: passkey Tags: passwordless future Tags: passwordless Tags: phishing Google is offering users the best option to date to securing their accounts from phishing. (Hint: It’s not passwords.) (Read more…) The post Google Passkeys: How…
Malwarebytes achieves perfect score in latest AVLab assessment
Categories: Business We blocked 100% of malware for the sixth consecutive quarter in a row. (Read more…) The post Malwarebytes achieves perfect score in latest AVLab assessment appeared first on Malwarebytes Labs. This article has been indexed from Malwarebytes Labs…
How to spot and avoid a tech support scam
Categories: Awareness Categories: Personal Categories: Scams Tags: Tech Support Scams Tags: Malwarebytes Tags: impersonating Tags: screen lockers Tags: fake warnings Tags: remote access Tech support scams are an ongoing nuisance. Knowing how they operate helps you to recognize them. (Read…
New Discord username policy raises user privacy fears
Categories: News Tags: Discord Tags: privacy Tags: username Tags: discriminator Tags: DM Tags: bot Tags: chat Tags: change Tags: changing Tags: server Tags: hijack phish Tags: private We take a look at the reaction to Discord’s proposed changes to how…
Uncovering RedStinger – Undetected APT cyber operations in Eastern Europe since 2020
Categories: Threat Intelligence We discovered a new interesting lure that targeted the Eastern Ukraine region and started tracking the threat actor behind it. (Read more…) The post Uncovering RedStinger – Undetected APT cyber operations in Eastern Europe since 2020 appeared…
Update now! May 2023 Patch Tuesday tackles three zero-days
Categories: Exploits and vulnerabilities Categories: News Tags: Microsoft Tags: CVE-2023-29336 Tags: CVE-2023-24932 Tags: bootkit Tags: CVE-2023-29325 Tags: Outlook Tags: preview Tags: CVE-2023-24941 Tags: Apple Tags: Cisco Tags: Google Tags: Android Tags: VMWare Tags: SAP Tags: Mozilla Microsoft’s Patch Tuesday round…
Navigating mobile malware trends: Crucial insights and predictions for MSPs
Categories: Business How MSPs can prepare for the complex landscape of mobile malware. (Read more…) The post Navigating mobile malware trends: Crucial insights and predictions for MSPs appeared first on Malwarebytes Labs. This article has been indexed from Malwarebytes Labs…
Brightline breach hits at least 964,000 people, US records show
Categories: News Categories: Ransomware Tags: Brightlight Tags: GoAnywhere MFT Tags: data breach Tags: Cl0p Following the Cl0p ransomware gang’s attacks that leveraged Fortra’s GoAnywhereMFT software tool, behavioral health provider Brightline informed customers about a data breach related to the attacks.…
Ransomware attack on MSI led to compromised Intel Boot Guard private keys
Categories: News Categories: Ransomware Tags: MSI Tags: Intel Tags: Boot Guard Tags: firmware updates Tags: Money Message The leaked data after the ransomware attack on MSI includes private keys which could be used to bypass Intel Boot Guard (Read more…)…
Fake system update drops Aurora stealer via Invalid Printer loader
Categories: Threat Intelligence Tags: malvertising Tags: Aurora stealer Tags: loader Tags: Amadey Not all system updates mean well, and some will even trick you into installing malware. (Read more…) The post Fake system update drops Aurora stealer via Invalid Printer…
A week in security (May 1 – 7)
Categories: News The most interesting security related news of the week from May 1 till 7 (Read more…) The post A week in security (May 1 – 7) appeared first on Malwarebytes Labs. This article has been indexed from Malwarebytes…
The rise of “Franken-ransomware,” with Allan Liska: Lock and Code S04E11
This week on Lock and Code, we speak with Allan Liska about a new trend in ransomware delivery and development, and why it presents new challenges to organizations and law enforcement investigators. (Read more…) The post The rise of “Franken-ransomware,”…
Ransomware review: May 2023
LockBit maintained its position as the top ransomware attacker and was also observed expanding into the Mac space. (Read more…) The post Ransomware review: May 2023 appeared first on Malwarebytes Labs. This article has been indexed from Malwarebytes Labs Read…
Google and Apple cooperate to address unwanted tracking
Categories: News Categories: Privacy Tags: Google Tags: Apple Tags: AirTag Tags: Tile Tags: Samsung Tags: Bluetooth Tags: trackers Tags: stalking Tags: car thieves Google and Apple want to create a specification for tech that alerts users when they’re being tracked…
Microsoft vs Google spat sees users rolling back security updates to fix browser issues
Categories: News Tags: Chrome Tags: Windows Tags: Edge Tags: browser Tags: update Tags: Microsoft Tags: default Tags: install We take a look at trouble brewing in browser land after a controversial Windows update leaves Chrome fans without a useful feature.…
Newspaper evades Russian censors, hides news in Counter-Strike map
Categories: News Tags: Russia Tags: Ukraine Tags: censorship Tags: press Tags: freedom Tags: restrictions Tags: evade Tags: counter-strike: global offensive Tags: counter strike GO Tags: steam Tags: workshop Tags: map Tags: de_vonya We take a look at one newspaper’s innovative…
Apple releases first Rapid Security Response update for iOS, iPadOS, and macOS users
Categories: Apple Categories: News Tags: macOS Tags: iOS Tags: iPadOS Tags: Rapid Security Response Tags: RSR After announcing Rapid Security Response (RSR) last year, Apple has finally released the first RSR patches to the public. (Read more…) The post Apple…
World Password Day must die
Categories: News Critical technology should not require an annual pep talk to function correctly. (Read more…) The post World Password Day must die appeared first on Malwarebytes Labs. This article has been indexed from Malwarebytes Labs Read the original article:…
The one and only password tip you need
Categories: News I was asked to write a list of password tips. It’s a short list. (Read more…) The post The one and only password tip you need appeared first on Malwarebytes Labs. This article has been indexed from Malwarebytes…
How small businesses can secure employees’ mobile devices
Categories: Business Categories: News Tags: Small Business Week Tags: mobile security policy Tags: A third of organizations aren’t protecting their mobile devices at all. Don’t be one of them. (Read more…) The post How small businesses can secure employees’ mobile…
AI-powered content farms start clogging search results with ad-stuffed spam
Categories: News Tags: spam Tags: AI Tags: GPT Tags: generated Tags: content Tags: farm Tags: SEO Tags: click Tags: news Tags: ad Tags: advert Tags: google Tags: advertisers We take a look at the potential issues surrounding AI-generated content produced…
Upcoming webinar: Is EDR or MDR better for your business?
Categories: Business Be sure to catch the full webinar on Wednesday, May 10, 2023. (Read more…) The post Upcoming webinar: Is EDR or MDR better for your business? appeared first on Malwarebytes Labs. This article has been indexed from Malwarebytes…
Google Authenticator WILL get end-to-end encryption. Eventually.
Categories: News Google has promised to add end-to-end encryption to Google Authenticator backups after users were warned against turning on the new feature. (Read more…) The post Google Authenticator WILL get end-to-end encryption. Eventually. appeared first on Malwarebytes Labs. This…
Google takes CryptBot to the wood shed
Categories: News Tags: CryptBot Tags: malware Tags: chrome Tags: download Tags: package Tags: packages Tags: google Tags: legal Tags: court order Tags: RICO Tags: Pakistan We take a look at Google’s efforts to shut down a particularly nasty set of…