Understanding ransomware reinfection: An MDR case study

Ransomware is like that stubborn cold that you thought you kicked, but creeps back up determined to run amok again. The question is what medicine is available to kick this nasty infection for good. In this post, we'll break down the idea of ransomware reinfection and share a real-life episode whe...

81% concerned about ChatGPT security and safety risks, Malwarebytes survey shows

Seven months after ChatGPT burst into our lives, it seems the lustre of the chatbot-that's-going-to-change-everything is starting to fade. A new survey by Malwarebytes exposes deep reservations about ChatGPT, with optimism in startlingly short supply. Of the respondents familiar with ChatGPT: 81%...

CVE-2023-36631

Lack of access control in wfc.exe in Malwarebytes Binisoft Windows Firewall Control 6.9.2.0 allows local unprivileged users to bypass Windows Firewall restrictions via the user interface's rules tab. NOTE: the vendor's perspective is "this is intended behavior as the application can be locked usi...

CVE-2023-36631

Malwarebytes Binisoft Windows Firewall Control (wfc.exe) version 6.9.2.0 is affected by a lack of access control that lets local, unprivileged users bypass Windows Firewall restrictions through the Rules tab in the UI. The vendor notes this as intended behavior when the application is password-lo...

PT-2023-25644 · Malwarebytes · Malwarebytes Binisoft Windows Firewall Control

Name of the Vulnerable Software and Affected Versions: Malwarebytes Binisoft Windows Firewall Control version 6.9.2.0 Description: The issue concerns a lack of access control in the wfc.exe component of Malwarebytes Binisoft Windows Firewall Control, allowing local unprivileged users to bypass...

Malwarebytes 安全漏洞

Malwarebytes is an application from the American company Malwarebytes that provides anti-malware features to devices. The software is designed to protect against viruses, spyware, Trojans, worms, dial-up programs, and other malware. A security vulnerability exists in Malwarebytes Binisoft Windows...

CVE-2023-36631

Lack of access control in wfc.exe in Malwarebytes Binisoft Windows Firewall Control 6.9.2.0 allows local unprivileged users to bypass Windows Firewall restrictions via the user interface's rules tab. NOTE: the vendor's perspective is "this is intended behavior as the application can be locked usi...

Malwarebytes only vendor to win every MRG Effitas award in 2022 & 2023

MRG Effitas, a world leader in independent IT research, published their anti-malware efficacy assessment results for Q1 2023. Malwarebytes Endpoint Protection EP achieved the highest possible score 100% and received certifications for Level 1, Exploit, Online Banking, and Ransomware. These result...

Update Chrome now! Google fixes critical vulnerability in Autofill payments

Google has released a Chrome update which includes five security fixes. One of these security fixes is for a critical vulnerability in Autofill payments. Google labels vulnerabilities as critical if they allow an attacker to run arbitrary code on the underlying platform with the user's privileges...

A week in security (June 5 - 11)

Last week on Malwarebytes Labs: Trusting AI not to lie: The cost of truth: Lock and Code S04E12 5 unusual cybersecurity tips that actually work The 2023 State of Ransomware in Education: 84% increase in attacks over 6-month period Information stealer compromises legitimate sites to attack other...

Vice Society: The #1 cyberthreat to schools, colleges, and universities

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim didn't pay a ransom. This provides the best overall picture of...

Unmasking XE Group: Experts Reveal Identity of Suspected Cybercrime Kingpin

Cybersecurity researchers have unmasked the identity of one of the individuals who is believed to be associated with the e-crime actor known as XE Group. According to Menlo Security, which pieced together the information from different online sources, "Nguyen Huu Tai, who also goes by the names J...

Zyxel patches two critical vulnerabilities

Zyxell has released a security advisory for multiple buffer overflow vulnerabilities. Exploitation of these vulnerabilities could allow an unauthenticated attacker to cause denial-of-service DoS conditions and even a remote code execution on the affected Zyxell firewalls. Affected users should...

Tracking down a trojan: An inside look at threat hunting in a corporate network

At Malwarebytes, we talk a lot about the importance of threat hunting for SMBs--and not for no good reason, either. Just consider the fact that, when a threat actor breaches a network, they dont attack right away. The median amount of time between system compromise and detection is 21 days. By th...

A week in security (May 15-21)

Last week on Malwarebytes Labs: Why we should be more open about ransomware attacks Windows 11 is showing its first signs of Rust Update now! Ruckus vulnerability added to CISAs list of actively exploited bugs 3 reasons to use a VPN PharMerica breach impacts almost 6 million people Leaked Babuk...

Leaked Babuk ransomware builder code lives on as RA Group

The bones of long gone ransomware group Babuk continue to rattle in the breeze, in the form of reused code. Researchers from Cisco Talos have named this new team the "RA Group", a ransomware collective which may have only been up and running since last month. Babuk famously threatened to leak law...

3 reasons to use a VPN

There are many good reasons to use a Virtual Private Network VPN, even if you are just casually scrolling. Privacy is a right that is yours to value and defend, and if you want to increase your online privacy then a VPN is one of the possible solutions. A VPN works like this: When youre connected...

Update now! Ruckus vulnerability added to CISA’s list of actively exploited bugs

Along with six older vulnerabilities, the Cybersecurity and Infrastructure Agency CISA has added a vulnerability in multiple Ruckus wireless products to the Known Exploited Vulnerabilities Catalog. This means that Federal Civilian Executive Branch FCEB agencies need to remediate these...

New APT Group Red Stinger Targets Military and Critical Infrastructure in Eastern Europe

A previously undetected advanced persistent threat APT actor dubbed Red Stinger has been linked to attacks targeting Eastern Europe since 2020. "Military, transportation, and critical infrastructure were some of the entities being targeted, as well as some involved in the September East Ukraine...

Malwarebytes achieves perfect score in latest AVLab assessment

Malwarebytes has once again earned a perfect score in AVLabs March 2023 real-world malware detection tests, marking the sixth consecutive quarter achieving this feat. Let's delve into the details of the test and how both consumer and business products outperformed competitors in exhaustive testin...