145 matches found
Hackers Broke Into Real News Sites to Plant Fake Stories
A disinfo operation broke into the content management systems of Eastern European media outlets in a campaign to spread misinformation about NATO...
USN-4428-1 python2.7, python3.4, python3.5, python3.6, python3.8 vulnerabilities
It was discovered that Python documentation had a misleading information. A security issue could be possibly caused by wrong assumptions of this information. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2019-17514 It was discovered that...
A week in security (June 8 – 14)
Last week on Malwarebytes Labs, we looked into nasty search hijackers that worried a lot of Chrome users; a list of considerations for MSPs when looking for an RMM platform; the complaint faced by ParetoLogic, the company that issues SpeedyPC, a product that claims to find and remove various PC...
When the coronavirus infodemic strikes
Social media sites are stepping up their efforts in the war against misinformation… specifically, the coronavirus/COVID-19 infodemic30461-X/fulltext. There’s a seemingly endless stream of potentially dangerous misinformation flying around online related to the COVID-19 pandemic, and that could ha...
TikTok Flaw Allows Threat Actors to Plant Forged Videos in User Feeds
A security weakness in the popular TikTok video-sharing service allows a local attacker to hijack any video content streamed to a user’s TikTok feed and swap it out with hacker-generated content. Researchers created a proof-of-concept PoC hack using a technique called a man-in-the-middle MiTM...
Lock and Code S1Ep4: coronavirus and responding to computer viruses with Akshay Bhargava
This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Akshay Bhargava, Chief Product Officer of Malwarebytes, about the similarities between coronavirus and computer viruses. We discuss computer virus...
WhatsApp Axes COVID-19 Mass Message Forwarding
In an effort to stem what it says is misinformation being spread on its platform, WhatsApp is limiting the number of recipients to which its users can forward certain messages about the COVID-19 pandemic. Now, users of the Facebook-owned messaging app can only forward messages with double arrows ...
Spearphishing Campaign Exploits COVID-19 To Spread Lokibot Infostealer
Researchers have discovered threat actors once again capitalizing on the COVID-19 pandemic and current attention on the World Health Organization WHO with a new spearphishing email designed to spread the LokiBot trojan sent using the WHO trademark as a lure. Researchers at FortiGuard Labs on Marc...
Nord Security: Account deletion requests not entirely honoured. Misinformation even after seeking clarification from customer support.
Summary: Requesting account deletion from NordVPN customer support that is supposed to have "removed your account from our database." does not truly remove account from database. Even after asking if critical information such a billing information is removed, which customer support confirms...
Battling online coronavirus scams with facts
Panic and confusion about the recent coronavirus outbreak spurred threat actors to launch several malware campaigns across the world, relying on a tried-and-true method to infect people’s machines: fear. Cybercriminals targeted users in Japan with an Emotet campaign that included malicious Word...
Elections Globally Are Under Threat. Here's How to Protect Them
A new report calls for safeguards to reduce the dangers posed by misinformation, online extremism, and social media manipulation...
NSO Group President Defends Controversial Tactics
In a rare public appearance by Shiri Dolev, the president of the secretive NSO Group Technologies, the company leader vented over what she called “false myths” about the firm. Dolev also took indirect aim at secure messaging platforms, offered by the likes of Facebook, explaining surveillance...
Trump, Putin and Politics Name-Dropped to Peddle Malware
With the U.S. presidential elections looming, bad actors are tapping into the political craze with several malware distribution campaigns, using high-profile political names to tap into victims’ emotions and convince them to click on malicious links. Researchers have uncovered hundreds of...
A Deepfake Deep Dive into the Murky World of Digital Imitation
About a year ago, top deepfake artist Hao Li came to a disturbing realization: Deepfakes, i.e. the technique of human-image synthesis based on artificial intelligence AI to create fake content, is rapidly evolving. In fact, Li believes that in as soon as six months, deepfake videos will be...
California Bans Deepfakes in Elections, Porn
California has passed a law that bans the use of deepfake technology in political speech, and for non-consensual use in adult content. Deepfakes are a manipulation of images and recordings, created by artificial intelligence technology, that make it appear as if an individual is doing or saying...
A week in security (August 19 – 25)
Last week on Malwarebytes Labs, we reported on the presence of Magecart on a type of poker software; outlined how the Key Negotiation of Bluetooth KNOB attack works; followed the money on a Bitcoin sextortion campaign; looked back at DEF CON 27; and reported on continuing ransomware attacks on...
China Attacks Hong Kong Protesters With Fake Social Posts
Twitter and Facebook say they’ve taken down misinformation campaigns from China that cast pro-democracy activists as ISIS members and cockroaches...
Election Security Threats: From Misinformation to Voting Machine
Election security continues to be a top concern – from social media misinformation campaigns, to vulnerabilities in the actual voting machines themselves. At Black Hat USA 2019, Threatpost caught up with Matt Olney, director of threat intelligence at Cisco Talos, to discuss the challenges that...
Building Resilience to Foreign Interference, Misinformation Activities
As part of the effort to Protect2020, the Cybersecurity and Infrastructure Security Agency CISA is working with national partners to build resilience to foreign interferences, particularly information activities e.g., disinformation, misinformation. The Department of Homeland Security DHS views...
Fake News and Pandemics
When the next pandemic strikes, we'll be fighting it on two fronts. The first is the one you immediately think about: understanding the disease, researching a cure and inoculating the population. The second is new, and one you might not have thought much about: fighting the deluge of rumors,...