SolarWinds Hackers Also Breached Malwarebytes Cybersecurity Firm

Malwarebytes on Tuesday said it was breached by the same group who broke into SolarWinds to access some of its internal emails, making it the fourth major cybersecurity vendor to be targeted after FireEye, Microsoft, and CrowdStrike. The company said its intrusion was not the result of a SolarWin...

SolarWinds Hackers Also Breached Malwarebytes Cybersecurity Firm

Malwarebytes on Tuesday said it was breached by the same group who broke into SolarWinds to access some of its internal emails, making it the fourth major cybersecurity vendor to be targeted after FireEye, Microsoft, and CrowdStrike. The company said its intrusion was not the result of a SolarWin...

Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments

A nation state attack leveraging software from SolarWinds has caused a ripple effect throughout the security industry, impacting multiple organizations. We first reported on the event in our December 14 blog and notified our business customers using SolarWinds asking them to take precautionary...

A week in security (January 11 – January 17)

Last week on Malwarebytes Labs, we looked at IoT problems, Microsoft’s Patch Tuesday, and how cybercriminals want access to your cloud services. We also explored how VPNs can protect your privacy, and asked if MSPs have picked the right PSA. Other cybersecurity news Hot phishing targets: Some...

CVE-2020-25533

An issue was discovered in Malwarebytes before 4.0 on macOS. A malicious application was able to perform a privileged action within the Malwarebytes launch daemon. The privileged service improperly validated XPC connections by relying on the PID instead of the audit token. An attacker can constru...

CVE-2020-25533

An issue was discovered in Malwarebytes before 4.0 on macOS. A malicious application was able to perform a privileged action within the Malwarebytes launch daemon. The privileged service improperly validated XPC connections by relying on the PID instead of the audit token. An attacker can constru...

Race condition

An issue was discovered in Malwarebytes before 4.0 on macOS. A malicious application was able to perform a privileged action within the Malwarebytes launch daemon. The privileged service improperly validated XPC connections by relying on the PID instead of the audit token. An attacker can constru...

CVE-2020-25533

CVE-2020-25533 describes a local privilege issue in Malwarebytes for macOS prior to 4.0. A malicious application could exercise a privileged action within the Malwarebytes launch daemon because the service incorrectly validated XPC connections by relying on the process ID (PID) instead of the aud...

CVE-2020-25533

An issue was discovered in Malwarebytes before 4.0 on macOS. A malicious application was able to perform a privileged action within the Malwarebytes launch daemon. The privileged service improperly validated XPC connections by relying on the PID instead of the audit token. An attacker can constru...

Malwarebytes Competitive Conditions Issue Vulnerability

Malwarebytes is an application from the American company Malwarebytes that provides anti-malware features to devices. The software is designed to protect against viruses, spyware, Trojans, worms, dial-up programs, and other malware. A security vulnerability exists in Malwarebytes before 4.0 on...

“I have full control of your device”: Sextortion scam rears its ugly head in time for 2021

Malwarebytes recently received a report about a fresh spate of Bitcoin sextortion scam campaigns doing the rounds. Bitcoin sextortion scams tend to email you to say theyve videoed you on your webcam performing sexual acts in private, and ask you to pay them amount in Bitcoin to keep the video whi...

VPN usage is increasing, says December 2020 survey

I won’t reveal my mom’s exact age, but she’s in her late 60s. Other than her phone, my mom doesn’t own or use a computer—but she knows what Zoom is. Not since “Kleenex” has a brand become so pervasive that people use the brand name as a generic term for the product. For my mom, any kind of video...

A week in security (December 28 – January 3)

First off we would like to wish all our readers a happy and secure 2021! Last week on Malwarebytes Labs we presented an overview of developments in the SearchDimension hijackers, we looked at the most enticing cyberattacks of 2020, and we also looked back at the strangest cybersecurity events of...

VideoBytes: Offensive security tools and the bad guys that use them

Hello Folks! In this Videobyte, we’re talking about what penetration testing tools malware gangs love to use and why they are better than what you can get on the black market. This article describes the VirusBulletin talk of a security researcher from Interzer Labs, Paul Litvak, in which he...

CVE-2020-28641

In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system by exploiting the local quarantine system...

CVE-2020-28641

In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system by exploiting the local quarantine system...

Design/Logic Flaw

In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system by exploiting the local quarantine system...

CVE-2020-28641

In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system by exploiting the local quarantine system...

CVE-2020-28641

CVE-2020-28641 affects Malwarebytes Free 4.1.0.56. A symbolic link in the local quarantine system can be exploited to delete arbitrary files on the system. The issue is triggered locally and does not require user interaction. Documented impact is arbitrary file deletion, with high integrity/avail...

Emotet returns just in time for Christmas

Emotet is a threat we have been tracking very closely throughout the year thanks to its large email distribution campaigns. Once again, and for about two months, the botnet stopped its malspam activity only to return days before Christmas. In typical Emotet fashion, the threat actors continue to...