A week in security (February 7 – February 13)

Last week on Malwarebytes Labs: Securitas breached, 3TB of airport employee records exposed How to avoid being scammed this Valentine’s Day News Corp falls victim to cyberattack “We absolutely do not care about you”: Sugar ransomware targets individuals Microsoft takes macros out of the equation...

Malwarebytes 安全漏洞

Malwarebytes is an application from the American company Malwarebytes that provides anti-malware features to devices. The software is designed to protect against viruses, spyware, Trojans, worms, dial-up programs, and other malware. A security vulnerability exists in Malwarebytes Binisoft Windows...

How a few PhD students revealed that phishing trainings might just not work: Lock and Code S03E03

Youve likely fallen for it before—a simulated test sent by your own company to determine whether or not its employees are vulnerable to one of the most pernicious online threats today: Phishing. Phishing has evolved in recent history, and as scammers have rolled out increasingly clever—and...

North Korean Hackers Return with Stealthier Variant of KONNI RAT Malware

A cyberespionage group with ties to North Korea has resurfaced with a stealthier variant of its remote access trojan called Konni to attack political institutions located in Russia and South Korea. "The authors are constantly making code improvements," Malwarebytes researcher Roberto Santos said...

Ransomware attacks Finalsite, renders 8,000 school sites unreachable for days

Finalsite, a popular platform for creating school websites, appears to have recovered significant functionality after being attacked by a still-unknown ransomware on Tuesday, January 4, 2022. At least 8,000 schools are said to have been affected by the resulting outage. An important message from...

Why Macs are the best, according to Mac expert Thomas Reed: Lock and Code S02E23

In the year 2021, the war for computer superiority has a clear winner, and it is the Macintosh, by Apple. The companys Pro model laptops are finally, belatedly equipped with ports that have been standard in other computers for years. The companys beleaguered "butterfly" keyboard has seemingly bee...

Hackers all over the world are targeting Tasmania’s emergency services

Emergency services—under which the police, fire, and emergency medical services departments fall—is an infrastructure vital to any country or state. But when those services come under threat from either physical or cyber entities, it’s as good as putting the lives of citizens at risk as well...

If You're Not Using Antivirus Software, You're Not Paying Attention

Stop tempting fate and take a look at our picks for the best antivirus programs on the market today. Every year there are billions of malware attacks worldwide. And these threats are constantly evolving. So if you are not currently using antivirus software, or you still rely on some free software...

A week in security (Nov 15 – Nov 21)

Last week on Malwarebytes Labs Instagram’s memorialize feature abused to memorialize…Instagram’s boss Evasive manoeuvres: HTML smuggling explained FBI server hijacked to send up to 100,000 bogus attack mails New Mac malware raises more questions about Apple’s security patching SharkBot Android...

Malwarebytes CrackMe – contest summary

On October 29 we published our third CrackMe Challenge and announced two parallel tracks for the contest: "The fastest solve" , and "The best write-up". In the first category "The fastest solve" , we got three winners already the first weekend following publication. Big congratulations to: @nazyw...

New Mac malware raises more questions about Apple’s security patching

Apples reputation on security has been taking a beating lately. As mentioned in some of our previous coverage, security researcher Joshua Long recently shone a light on problems with Apples security patching strategy. His findings showed a shocking number of cases where Apple patched a...

How to remove adware on an Android phone

It shouldn’t be surprising that Android devices are the targets of threats like adware and other Potentially Unwanted Programs PUPs. After all, there are millions of apps on the Google Play Store, servicing billions of monthly active users globally. And, as we have noted with Mac virus trends,...

Why we fail at getting the cybersecurity basics right, with Jess Dodson: Lock and Code S02E21

The cybersecurity basics should be just that—basic. Easy to do, agreed-upon, and adopted at a near 100 percent rate by companies and organizations everywhere, right? Youd hope. But the reality is that basic cybersecurity blunders continue to affect businesses of all sizes, which has led to...

Credit card skimmer evades Virtual Machines

This blog post was authored by Jérôme Segura There are many techniques threat actors use to slow down analysis or, even better, evade detection. Perhaps the most popular method is to detect virtual machines commonly used by security researchers and sandboxing solutions. Reverse engineers are...

This Steam phish baits you with free Discord Nitro

Weeks ago, we talked about the one effective lure that could get a Discord user to consider clicking on a scam link they were generously given, either by a random user or a legitimate contact who also happened to have fallen for the same ploy: free Discord Nitro subscriptions. And similar to how...

The return of the Malwarebytes CrackMe

This blog post was authored by Hasherezade Update: Malwarebytes Crackme : we already have the winners in the category "the fastest solve", congratulations! 1st: @nazywam 2nd: Suvaditya Sur @x0r19x91 3rd:@evandrix But we are still waiting for your submissions! -- Malwarebytes Threat Intelligence...

Ransomware: Why do backups fail when you need them most?

Its widely known, and endlessly repeated, that the last, best line of defence against the potentially devastating effects of a ransomware attack is your backups. So why do we keep hearing things like this: Were also feeling relatively confident, we have a very good backup system … and then we fin...

ExpressVPN made a choice, and so did I: Lock and Code S02E19

On September 14, the US Department of Justice announced that it had resolved an earlier investigation into an international cyber hacking campaign coming from the United Arab Emirates that has reportedly impacted hundreds of journalists, activists, and human rights defenders in Yemen, Iran, Turke...

Inside Apple: How macOS attacks are evolving

The start of fall 2021 saw the fourth Objective by the Sea OBTS security conference, which is the only security conference to focus exclusively on Apples ecosystem. As such, it draws many of the top minds in the field. This year, those minds, having been starved of a good security conference for ...

A week in security (Sept 27 – Oct 3)

Last week on Malwarebytes Labs Teaching cybersecurity skills to special needs children with Alana Robinson: Lock and Code S02E18 Phone screenshots accidentally leaked online by stalkerware-type company FoggyWeb, analysis of a Nobelium backdoor Instagram Kids put on hold Microsoft, CISA and NSA...