9 matches found
New Threat Actor 'Void Arachne' Targets Chinese Users with Malicious VPN Installers
Chinese-speaking users are the target of a never-before-seen threat activity cluster codenamed Void Arachne that employs malicious Windows Installer MSI files for virtual private networks VPNs to deliver a command-and-control C&C framework called Winos 4.0. "The campaign also promotes compromised...
Picking fights and gaining rights, with Justin Brookman: Lock and Code S05E09
This week on the Lock and Code podcast… Our Lock and Code host, David Ruiz, has a bit of an apology to make: “Sorry for all the depressing episodes.” When the Lock and Code podcast explored online harassment and abuse this year, our guest provided several guidelines and tips for individuals to lo...
A week in security (January 15 – January 21)
Last week on Malwarebytes Labs: Google failing to scrub abortion access in location history, study claims Google changes wording for Incognito browsing in Chrome CISA urges urgent patching of two actively exploited Citrix NetScaler vulnerabilities Cybersecurity spend to soar in 2024: How companie...
A true tale of virtual kidnapping: Lock and Code S05E02
This week on the Lock and Code podcast… On Thursday, December 28, at 8:30 pm in the Utah town of Riverdale, the city police began investigating what they believed was a kidnapping. 17-year-old foreign exchange student Kai Zhuang was missing, and according to Riverdale Police Chief Casey Warren,...
A true tale of virtual kidnapping: Lock and Code S05E02
This week on the Lock and Code podcast… On Thursday, December 28, at 8:30 pm in the Utah town of Riverdale, the city police began investigating what they believed was a kidnapping. 17-year-old foreign exchange student Kai Zhuang was missing, and according to Riverdale Police Chief Casey Warren,...
A week in security (April 10 - 16)
Last week on Malwarebytes Labs: How the cops buy a "God view" of your location data, with Bennett Cyphers: Lock and Code S04E09 Apple releases emergency updates for two known-to-be-exploited vulnerabilities Don't plug your phone into a free charging station, warns FBI KFC, Pizza Hut owner employe...
Is AI being used for virtual kidnapping scams?
You may have seen a worrying report of Artificial Intelligence AI being used in a virtual kidnapping scam. The AI was supposedly used to imitate the voice of an Arizona resident's daughter, who claimed to have been kidnapped. The daughter was safe and well elsewhere on a school trip. Unfortunatel...
A week in security (December 12 - 18)
Last week on Malwarebytes Labs: Indiana sues TikTok, describes it as "Chinese Trojan Horse" Iranian hacking group uses compromised email accounts to distribute MSP remote access tool Electronic Sales Suppression Tools are cooking the books Silence is golden partner for Truebot and Cl0p ransomware...
Virtual kidnapping scam strikes again. Spot the signs
Warnings abound of a major new piece of fraud doing the rounds which uses your relatives voice as part of a blackmail scam. What happens is the victim receives a call from said relatives number, and theyre cut off by blackmailers who have them held hostage. The only way to get them back safely is...