Cartoon Network Hacked Worldwide to Show Brazilian Stripper Videos

A famous Brazilian male stripper greeted Cartoon Network viewers worldwide when they tried to stream shows over the weekend – thanks to a pair of hackers that took aim at the cable network’s websites across 16 different regions. In the aftermath, entire Cartoon Network sites and video players hav...

RatVermin Spyware Targets Ukraine Gov Agencies

Researchers have uncovered an ongoing spear-phishing campaign, targeting the Ukraine government and military with emails aiming to distribute the RatVermin malware, which carries out various info-gathering activities. Researchers said that an infrastructure analysis of the attack indicates that t...

Analysis of a targeted attack exploiting the WinRAR CVE-2018-20250 vulnerability

In early March, we discovered a cyberattack that used an exploit for CVE-2018-20250, an old WinRAR vulnerability disclosed just several weeks prior, and targeted organizations in the satellite and communications industry. A complex attack chain incorporating multiple code execution techniques...

A week in security (April 1 – 7)

Last week, Malwarebytes Labs took readers on a brief tour of some of the world's most notable data privacy laws, explored how gamers can protect themselves against cyberthreats, and offered thoughts about the reports that a 23-year-old Chinese woman gained access to President Donald Trump’s...

Cyber Security Week in Review (March 28)

Welcome to this week's Cyber Security Week in Review, where Cisco Talos runs down all of the news we think you need to know in the security world. Top headlines this week ASUS had to release an emergency fix for a malware that may have accidentally deployed to their machines. Attackers may have...

DART: the Microsoft cybersecurity team we hope you never meet

If you spent 270 days away from home, not on vacation, you’d want it to be for a good reason. When boarding a plane, sometimes having been pulled out of bed to leave family for weeks on end, I know it’s because one of our customers is in need. It means there is a security compromise and they may ...

Warning: ASUS Software Update Server Hacked to Distribute Malware

Remember the CCleaner hack? CCleaner hack was one of the largest supply chain attacks that infected more than 2.3 million users with a backdoored version of the software in September 2017. Security researchers today revealed another massive supply chain attack that compromised over 1 million...

Ransomware Attack Forces Aluminum Manufacturer to Shutdown Systems Worldwide

--- Photo by Terje Pedersen / NTB scanpix One of the world's largest producers of aluminum has been forced to shut down several of its plants across Europe and the U.S. after an "extensive cyber attack" hit its operations, leaving companies' IT systems unusable. According to a press release share...

Citrix Falls Prey to Password-Spraying Attack

Citrix is warning that its internal network has been hit by international cybercriminals. The digital workspace and enterprise networks vendor said in a website notice that the FBI contacted it on Wednesday, saying that there was evidence of a successful cyberattack on its network. While details...

This Week in Security News: Malware and Machine Learning

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about an infectious miner-malware and how malware can hide form AV Solutions. Also, understand how to use machine learning to detect...

Researcher: Not Hard for a Hacker to Capsize a Ship at Sea

Maritime transport still contributes in an important way to the world’s economy, with on-time shipments influencing everything from commodities availability and spot pricing to the stability of small countries. Unfortunately, capsizing a ship with a cyberattack is a relatively low-skill enterpris...

Attackers Completely Destroy VFEmail's Secure Mail Infrastructure

A catastrophic, smash-and-destroy cyberattack has eliminated the U.S. infrastructure for secure email service VFEmail. It’s a rare example of a purely destructive offensive, apparently unmotivated by financial gain or espionage goals. An attacker wiped out the company’s U.S. servers on Monday...

Airbus Data Takes Flight; and Billions of Credentials Dumped on Dark Web

French airplane and military aircraft behemoth Airbus SE has become the latest victim of a cyberattack leading to a data breach, with an incident detected on its “commercial aircraft business” information systems. It is only the latest high-profile data exposure to come to light in recent days, a...

Luas data ransom: the hacker who cried wolf?

In a terrible start to the year for Irish tram firm Luas, their site was compromised a week ago and adorned with a stark ransom warning: Click to enlarge You are hacked. Some time ago I wrote that you have serious security holes. You didn’t reply. The next time someone talks to you, press the rep...

Malware Attack Crippled Production of Major U.S. Newspapers

A malware attack targeting Tribune Publishing Co. crippled the printing and deliveries of several major newspapers across the U.S. this weekend – including the Los Angeles Times and Wall Street Journal. The virus impacted computer systems of Tribune Publishing Co., which publishes an array of maj...

The Most-Read Security Stories of 2018

This year saw the most devastating cyberattack in history, a gang of teen hackers, and so much Mueller news...

A week in security (November 26 – December 2)

Last week on Malwarebytes Labs, we took a look at our cybersecurity predictions for 2019, we explained why Malwarebytes participated in AV testing and how we took part in an joint take down of massive ad fraud botnets, warned that ESTA registration websites still lurk in paid ads on Google,...

Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers

Reuters recently reported a hacking campaign focused on a wide range of targets across the globe. In the days leading to the Reuters publication, Microsoft researchers were closely tracking the same campaign. Our sensors revealed that the campaign primarily targeted public sector institutions and...

Windows Defender ATP device risk score exposes new cyberattack, drives Conditional access to protect networks

Several weeks ago, the Windows Defender Advanced Threat Protection Windows Defender ATP team uncovered a new cyberattack that targeted several high-profile organizations in the energy and food and beverage sectors in Asia. Given the target region and verticals, the attack chain, and the toolsets...

Podcast: Breaking Down the Magecart Threat (Part One)

Threatpost editor Lindsey O’Donnell talks to Rapid7’s Chief Data Scientist, Bob Rudis, about the dangers that the Magecart group poses when it comes to e-commerce websites. Magecart, a financially motivated cyberattack group made up of several smaller gangs, has been behind recent payment-card...