A week in security (March 17 – March 23)

Last week on Malwarebytes Labs: What Google Chrome knows about you, with Carey Parker Lock and Code S06E06 Personal data revealed in released JFK files Semrush impersonation scam hits Google Ads Targeted spyware and why it’s a concern to us The "free money" trap: How scammers exploit financial...

A week in security (September 16 – September 22)

Last week on Malwarebytes Labs: "Simply staggering" surveillance conducted by social media and streaming services, FTC finds Tor anonymity compromised by law enforcement. Is it still safe to use? Walmart customers scammed via fake shopping lists, threatened with arrest Snapchat wants to put your...

A week in security (September 9 – September 15)

Last week on Malwarebytes Labs: Ford seeks patent for conversation-based advertising Scammers advertise fake AppleCare+ service via GitHub repos Facebook scrapes photos of kids from Australian user profiles to train its AI PartnerLeak scam site promises victims full access to "cheating" partner’s...

Planned Parenthood partly offline after ransomware attack

In late August, Intermountain Planned Parenthood of Montana suffered a cyberattack which is still under investigation. The attack has been claimed by a ransomware group. Intermountain Planned Parenthood Inc., doing business as Planned Parenthood Of Montana, is a nonprofit organization that provid...

CODAC Behavioral Healthcare, US Marshalls are latest ransomware targets

The Qilin ransomware group listed CODAC Behavioral Healthcare, a nonprofit health care treatment organization, as one of their latest victims. Qilin seems to have a preference for healthcare and support organizations. One of their most well-known victims was the pathology lab services provider...

A week in security (August 19 – August 25)

Last week on Malwarebytes Labs: Millennials’ sense of privacy uniquely tested in romantic relationships Hacked GPS tracker reveals location data of customers "We will hold them accountable": General Motors sued for selling customer driving data to third parties Why you need to know about ransomwa...

Google patches actively exploited zero-day in Chrome. Update now!

Google has released an update for its Chrome browser which includes a patch for a vulnerability that Google says is already being exploited, known as a zero-day vulnerability. Google has fixed that zero-day with the release of versions 128.0.6613.84/.85 for Windows/macOS and 128.0.6613.84 for Lin...

A week in security (July 22 – July 28)

Last week on Malwarebytes Labs: Meta takes down 63,000 sextortion-related accounts on Instagram Windows update may present users with a BitLocker recovery screen TracFone will pay $16 million to settle FCC data breach investigation Google admits it can’t quite quit third-party cookies Heritage...

A week in security (June 24 – June 30)

Last week on Malwarebytes Labs: TEMU sued for being "dangerous malware" by Arkansas Attorney General Driving licences and other official documents leaked by authentication service used by Uber, TikTok, X, and more "Poseidon" Mac stealer distributed via Google ads Federal Reserve "breached" data m...

A week in security (June 17 – June 23)

Last week on Malwarebytes Labs: Microsoft Recall delayed after privacy and security concerns Almost everything you always wanted to know about cybersecurity, but were too afraid to ask, with Tjitske de Vries: Lock and Code S05E13 43% of couples experience pressure to share logins and locations,...

Active Nitrogen campaign delivered via malicious ads for PuTTY, FileZilla

In the past couple of weeks, we have observed an ongoing campaign targeting system administrators with fraudulent ads for popular system utilities. The malicious ads are displayed as sponsored results on Googles search engine page and localized to North America. Victims are tricked into downloadi...

60% of small businesses are concerned about cybersecurity threats

According to a recent poll by the US Chamber of Commerce, 60% of small businesses are concerned about cybersecurity threats, and 58% are concerned about a supply chain breakdown. Not surprisingly, small businesses in the professional services sector feel significantly more concerned about...

A week in security (March 25 – March 31)

Last week on Malwarebytes Labs: MFA bombing taken to the next level How to back up your Mac How to back up your Windows 10/11 PC to OneDrive How to back up your iPhone to a Windows computer How to back up your iPhone to a Mac How to back up your iPhone to iCloud Powering the future of ThreatDown...

Powering the future of ThreatDown with AI

Nobody can deny the influence of AI today. In just a few years, we have observed AIs capacity to be as transformative as the internet and smartphones, especially for cybersecurity. Indeed, the potential of AI to radically simplify complex security environments is unmistakable, and aligns closely...

Stopping a K-12 cyberattack (SolarMarker) with ThreatDown MDR

In early 2024, a large K-12 school district partnered with ThreatDown MDR to strengthen its cybersecurity posture. Shortly after onboarding, ThreatDown MDR analysts detected unusual patterns of activity subsequently identified as the work of SolarMarker, a sophisticated backdoor. It became eviden...

ThreatDown achieves perfect score in latest AVLab assessment

ThreatDown has once again earned a perfect score in AVLabs January 2024 real-world malware detection tests, marking the eleventh consecutive quarter in achieving this feat. Let’s delve into the details of the test and how ThreatDown outperformed competitors in exhaustive testing. The AVLab...

How to update outdated software on Mac endpoints: Introducing ThreatDown VPM for Mac

ThreatDown is happy to announce that our Vulnerability Assessment and Patch Management VPM tool is now available for Mac endpoints. There are hundreds of third-party apps that Mac endpoint use on a daily basis—and with that large number of apps comes a dizzying amount of software updates to apply...

Stopping a targeted attack on a Managed Service Provider (MSP) with ThreatDown MDR

In late January 2024, the ThreatDown Managed Detection and Response MDR team found and stopped a three-month long malware campaign against a Managed Service Provider MSP based in Europe. In line with our observations of attackers increasingly relying on legitimate software in their attacks, the...

Why ransomware gangs love using RMM tools—and how to stop them

One of the most alarming trends our ThreatDown Intelligence team has noticed lately is the increased exploitation of legitimate Remote Monitoring and Management RMM tools by ransomware gangs in their attacks. RMM software, such as AnyDesk, Atera, and Splashtop, are essential for IT administrators...

ThreatDown EDR update: Streamlined Suspicious Activity investigation

Navigating the complex world of alerts just got easier, thanks to our latest enhancements to the ThreatDown Endpoint Detection and Response EDR platform. The detailed technical information in EDR alerts—replete with complicated diagrams and references to advanced cybersecurity tactics—can overwhe...