Malwarebytes Premium Denial of Service Vulnerability (CNVD-2018-02565)

Malwarebytes Premium is a suite of anti-malware spyware from the American company Malwarebytes. The software supports the removal of worms, dial-up programs, Trojans, rootkits, spyware, exploits, bots, and other malware, among others. A security vulnerability exists in the FARFLT.SYS driver file ...

Malwarebytes Premium Denial of Service Vulnerability (CNVD-2018-02556)

Malwarebytes Premium is a suite of anti-malware spyware from the American company Malwarebytes. The software supports the removal of worms, dial-up programs, Trojans, rootkits, spyware, exploits, bots, and other malware, among others. A security vulnerability exists in the FARFLT.SYS driver file ...

PT-2018-16856 · Malwarebytes · Malwarebytes Premium

Name of the Vulnerable Software and Affected Versions: Malwarebytes Premium version 3.3.1.2183 Description: The issue allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C40E020 in the driver file...

Malwarebytes Premium Denial of Service Vulnerability (CNVD-2018-02557)

Malwarebytes Premium is a suite of anti-malware spyware from the American company Malwarebytes. The software supports the removal of worms, dial-up programs, Trojans, rootkits, spyware, exploits, bots, and other malware, among others. A security vulnerability exists in the FARFLT.SYS driver file ...

PT-2018-16854 · Malwarebytes · Malwarebytes Premium

Name of the Vulnerable Software and Affected Versions: Malwarebytes Premium version 3.3.1.2183 Description: The issue allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e014 in the driver file...

PT-2018-16859 · Malwarebytes · Malwarebytes Premium

Name of the Vulnerable Software and Affected Versions: Malwarebytes Premium version 3.3.1.2183 Description: The issue allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e00c in the driver file...

Malwarebytes Premium Denial of Service Vulnerability (CNVD-2018-02562)

Malwarebytes Premium is a suite of anti-malware spyware from the American company Malwarebytes. The software supports the removal of worms, dial-up programs, Trojans, rootkits, spyware, exploits, bots, and other malware, among others. A security vulnerability exists in the FARFLT.SYS driver file ...

Malwarebytes Premium Denial of Service Vulnerability (CNVD-2018-02559)

Malwarebytes Premium is a suite of anti-malware spyware from the American company Malwarebytes. The software supports the removal of worms, dial-up programs, Trojans, rootkits, spyware, exploits, bots, and other malware, among others. A security vulnerability exists in the FARFLT.SYS driver file ...

malwarebytes-s.cleverbridge.com Open Redirect vulnerability

Open Bug Bounty ID: OBB-485352 Description| Value ---|--- Affected Website:| malwarebytes-s.cleverbridge.com Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N Disclosure Standard:| Coordinated Disclosu...

malwarebytes-cgn.cleverbridge.com Open Redirect vulnerability

Open Bug Bounty ID: OBB-485223 Description| Value ---|--- Affected Website:| malwarebytes-cgn.cleverbridge.com Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N Disclosure Standard:| Coordinated...

Search engine shenanigans: Malwarebytes mentions aren’t what they seem

Thing might be a touch quiet at the moment as we ease into 2018, but that doesn't mean dubious antics and dodgy dealings aren't still making waves online. As a matter of fact, should you go searching for some of our researchers, their blog posts, or just a couple of notable quotables from news...

Lo lo lo Loapi Trojan could break your Android

Kaspersky has found what they deem as a jack of all trades malicious app they call Trojan.AndroidOS.Loapi. Like the Trojan AsiaHitGroup we discovered last month on Google Play, this malware can do all the things—it's a downloader, dropper, SMS Trojan, and can push ads all from the same malicious...

Exosrv.com, an ad server for adult sites, tops Malwarebytes detections

Update 12/18/2017: Upon review, we have decided to lift the block on those two ad servers. You can read ExoClick's comments below: At Exoclick we use large resources to ensure that the ads that we serve are clear, clean and issue free. Where malwares and other forms of malvertising are detected...

A week in security (December 04 – December 10)

Last week on the blog, we looked at a RIG EK malware campaign, explored how children are being tangled up in money mule antics, took a walk through the world of Blockchain, and gave a rundown of what's involved when securing web applications. We also laid out the trials and tribulations of the...

Interesting disguise employed by new Mac malware HiddenLotus

On November 30, Apple silently added a signature to the macOS XProtect anti-malware system for something called OSX.HiddenLotus.A. It was a mystery what HiddenLotus was until, later that same day, Arnaud Abbati found the sample and shared it with other security researchers on Twitter. The...

Terdot Trojan likes social media

We usually advise people that have fallen victim to banker Trojans to change all their passwords, especially the ones that are related to their financial sites and apps. Besides the dangers of re-used passwords, there are other reasons why this is important. This advice is especially applicable t...

A week in security (November 6 – November 12)

After coming out victorious in a case against PUPs, Malwarebytes CEO Marcin Kleczynski has this to say: We fought for our users and we won. -- Marcin Kleczynski @mkleczynski November 9, 2017 And my, do we feel like champions! You can read more about this here. Last week, we looked into the...

How to solve the Malwarebytes CrackMe: a step-by-step tutorial

The topic of this post is a Malwarebytes CrackMe—an exercise in malware analysis that I recently created. First, the challenge was created to serve internal purposes, but then it was released to the community on Twitter and triggered a lot of positive response. Thanks to all of you who sent in yo...

Winning the battle against PUPs on your computer and in court

I know very few people, other than lawyers, that get excited about corporate court cases. But, I want to share with you a recent decision that I believe is cause for every computer user to celebrate. This week, a United States District Court judge ruled in Malwarebytes' favor, dismissing a lawsui...

Phony WhatsApp used Unicode to slip under Google’s radar

After a troubling week for Google not so long ago, the company is under the spotlight once more for missing another app that, after further investigations by several members of Reddit, was found laden with adware. This app, which was called "Update WhatsApp Messenger," used the logo and developer...