Lucene search
K
MalwarebytesMost viewed

4706 matches found

Malwarebytes
Malwarebytes
added 2022/03/18 4:13 p.m.98 views

How to protect RDP

You didn’t really think that the ransomware wave was coming to an end, did you? You may be tempted to think so, given the decline in reports about massive ransomware campaigns. Dont be fooled. Over the last five years, one of the primary attack vectors for ransomware attacks has been the Remote...

7.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/01/03 6:52 p.m.98 views

How not to buy drugs on the Internet

Disclaimer: This post is satirical in nature and meant to educate on the proliferation of scams, misinformation, and traps set up to trick those engaging in illicit or illegal activities online. Malwarebytes does not condone buying drugs on the Internet. Perhaps you're sitting at work one day whe...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/11/06 6:5 p.m.98 views

Compromising vital infrastructure: transport and logistics

Back when I was a dispatcher for a courier and trucking company, we used to joke that it only took a few strategically-placed accidents to cause a traffic jam that could completely stop circulation around the city of Rotterdam. Rotterdam is one of the major ports in the world and consequently,...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/10/11 10:45 a.m.97 views

Smart lights vulnerable to "blink and you'll miss it" attack

Over the last couple of years, key parts of our daily lives have been sliding into some form of Internet connectivity. Smartphones and other devices have become necessities. Paying bills? Those systems have moved online. Tax? Online. Wage slips and bank statements? Its paperless time. Welfare...

7.2AI score0.00399EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2022/04/28 2:28 p.m.97 views

QNAP customers urged to disable AFP to protect against severe vulnerabilities

MacOS users that have a network-attached storage NAS device made by QNAP are being advised to disable the Apple Filing Protocol AFP on their devices until some severe vulnerabilities have been fixed. But QNAP is not the only vendor that needed to fix these vulnerabilities. Others have already don...

0.7AI score0.08594EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2019/08/19 3:0 p.m.97 views

How much personalization is too much?

This story originally ran in The Parallax on January 25, 2019, and was written by Dan Tynan. In 2012, when Target used data analytics to identify customers who were expecting a baby, then mailed them coupons for maternity clothing and nursery furniture, it inadvertently revealed a teenage girl’s...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/11/19 4:0 p.m.97 views

Business email compromise scam costs Pathé $21.5 million

Recently released court documents show that European-based cinema chain Pathé lost a small fortune to a business email compromise BEC scam in March 2018. How much? An astonishing US$21.5 million roughly 19 million euros. The attack, which ran for about a month, cost the company 10 percent of its...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/07/03 3:0 p.m.97 views

Obfuscated Coinhive shortlink reveals larger mining operation

During the past several months, in-browser mining has continued to affect a large number of websites, predominantly relying on Coinhive's infamous API. We documented several campaigns on this blog, in particular Drupalgeddon, where attackers are taking advantage of vulnerabilities in popular...

Exploits0
Malwarebytes
Malwarebytes
added 2023/10/12 4:0 a.m.96 views

Update now! Atlassian Confluence vulnerability is being actively exploited

Microsoft Threat Intelligence has revealed that it has been tracking the active exploitation of a vulnerability in Atlassian Confluence software since September 14, 2023. At the time the attacks were first observed the vulnerability was a zero-day, meaning that no update was available, so defende...

7.5CVSS9.7AI score0.99999EPSS
Exploits84
Malwarebytes
Malwarebytes
added 2021/09/14 4:28 p.m.96 views

Update now! Google Chrome fixes two in-the-wild zero-days

Google announced on Monday that it will be issuing patches for 11 high severity vulnerabilities found in Chrome, including two that are currently being exploited in the wild. The patch, which is part of the Stable Channel Update for Chrome 93 93.0.4577.82, will be released for Windows, Mac, and...

6.8CVSS9.1AI score0.70435EPSS
Exploits12
Malwarebytes
Malwarebytes
added 2020/06/04 3:30 p.m.96 views

Sodinokibi ransomware gang auctions off stolen data

Is it legal to buy stolen data from criminals? In most countries the answer would be no. But will it lead to a penalty or a fine? That is a different question and I’m afraid some companies and organizations will be inclined to seriously consider the last question even when they know the answer to...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/05/22 3:0 p.m.96 views

Going dark: encryption and law enforcement

UPDATE, 05/22/2020: In the advent of the EARN IT Act, the debate on government subversion of encryption has reignited. Given that the material conditions of the technology have not changed, and the arguments given in favor of the bill are not novel, we've decided to republish the following blog...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/08/20 3:0 p.m.96 views

Magecart criminals caught stealing with their poker face on

Earlier in June, we documented how Magecart credit card skimmers were found on Amazon S3. This was an interesting development, since threat actors weren't actively targeting specific e-commerce shops, but rather were indiscriminately injecting any exposed S3 bucket. Ever since then, we've monitor...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/11/16 4:0 p.m.96 views

6 security concerns to consider when automating your business

Automation is an increasingly-enticing option for businesses, especially when those in operations are in a perpetual cycle of "too much to do and not enough time to do it." When considering an automation strategy, business representatives must be aware of any security risks involved. Here are six...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/09/13 3:0 p.m.96 views

Partnerstroka: Large tech support scam operation features latest browser locker

Tech support scams continue to be one of the top consumer threats in 2018, despite actions from security vendors and law enforcement. Scammers are constantly looking for new ways to reel in more victims, going beyond cold calls impersonating Microsoft to rogue tech support ads using the good name...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/06 1:0 a.m.95 views

Update Android now! Google patches three actively exploited zero-days

In Julys update for the Android operating system OS, Google has patched 43 vulnerabilities, three of which are actively exploited zero-day vulnerabilities. The security bulletin notes that there are indications that these three vulnerabilities may be under limited, targeted exploitation. If your...

9CVSS7.8AI score0.05786EPSS
Exploits1
Malwarebytes
Malwarebytes
added 2022/09/22 11:0 a.m.95 views

2K games helpdesk abused to spread RedLine malware

On September 20, 2022, the official Twitter account for 2K Support tweeted an important message from the Customer Support team. The tweet said an unauthorized party illegally accessed the credentials of one of the vendors of the helpdesk platform. The attacker then used that access to send out...

Exploits0
Malwarebytes
Malwarebytes
added 2019/02/14 4:56 p.m.95 views

Hacker destroys VFEmail service, wipes backups

An email service called VFEmail was essentially put out of business after a hack intended to delete everything in and out of sight. "Yes, @VFEmail is effectively gone. It will likely not return. I never thought anyone would care about my labor of love so much that they’d want to completely and...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/02/07 4:53 p.m.95 views

Merging Facebook Messenger, WhatsApp, and Instagram: a technical, reputational hurdle

Secure messaging is supposed to be just that—secure. That means no backdoors, strong encryption, private messages staying private, and, for some users, the ability to securely communicate without giving up tons of personal data. So, when news broke that scandal-ridden, online privacy pariah...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/11/07 4:0 p.m.95 views

Google logins: JavaScript now required

Google users: In news that may sound alarming, it is now a requirement for you to enable JavaScript. Why? When your username and password are entered on Google’s sign-in page, Google runs a risk assessment and only allows the sign-in if nothing looks suspicious. Recently, Google went about...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/08/20 4:42 p.m.95 views

The enemy is us: a look at insider threats

They can go undetected for years. They do their questionable deeds in the background. And, at times, one wonders if they're doing more harm than good. Although this sounds like we're describing some sophisticated PUP you haven’t heard of, we're not. These are the known attributes of insider...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/12 3:0 a.m.94 views

Update now! Microsoft patches a whopping 130 vulnerabilities

Its that time of the month again. For the July 2023 Patch Tuesday, Microsoft has issued security updates for 130 vulnerabilities. Nine of the vulnerabilities are rated as critical and four of them are known to be actively exploited. The Cybersecurity & Infrastructure Security Agency CISA has...

6.8CVSS8.1AI score0.98998EPSS
Exploits8
Malwarebytes
Malwarebytes
added 2022/09/26 10:0 a.m.94 views

Critical WhatsApp vulnerabilities patched: Check you've updated!

WhatsApp has fixed two remote code execution vulnerabilities in its September update, according to its security advisory. These could have allowed an attacker to remotely access a device and execute commands from afar. These versions of WhatsApp are affected by at least one of the vulnerabilities...

9AI score0.01961EPSS
Exploits1
Malwarebytes
Malwarebytes
added 2021/06/14 10:51 p.m.94 views

Another one bites the dust: Avaddon ransomware group shuts down operation

Are you seeing some pattern here? In what could be a called "shocking news" on Friday, BleepingComputer revealed that the gang behind the Avaddon ransomware shut down its operations after releasing more than 2,000 decryption keys to the technology news site. BleepingComputer claimed they received...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/10/07 3:43 p.m.94 views

A week in security (September 30 – October 6)

Last week on Malwarebytes Labs, Malwarebytes renewed its pledge to fight stalkerware for National Cybersecurity Awareness NCSA and Domestic Violence Awareness Month. We also looked into what security orchestration is and reported about partnering with security firm, HYAS, to determine the...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/04/27 3:0 p.m.94 views

Malwarebytes CrackMe 2: try another challenge

Last November, we released the first edition of the Malwarebytes CrackMe. Encouraged by the positive response we received from the security community, we decided to repeat the game, hopefully making it even more interesting and entertaining. As before, the CrackMe is dedicated to malware analysts...

1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/09/06 11:0 p.m.94 views

Nigerian scams without the Nigerians

Users in English speaking countries are quite familiar with the Nigerian scam: an important guy in Nigeria needs your help getting his money out of the country and if you assist with some transaction fees, a chunk of his fortune could be yours. But what about non-English speaking countries? What...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/11/17 5:5 p.m.93 views

WebNavigator Chromium browser published by search hijackers

A mystery Chromium browser recently made a sudden appearance, and is certainly proving popular. But what is it, and where did it come from? Malwarebytes detects the browser as PUP.Optional.WebNavigator, and we found several clues that this browser was brought to you by a notorious family of searc...

1.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/11/12 9:16 p.m.93 views

Hat trick for Google as it patches two more zero-days in Chrome

Slightly over a week ago we advised you to update your Chrome browser. That warning came only a week or so after we advised you to update your Chrome browser. Things are getting a bit repetitive round here. Today, we are compelled to repeat that statement as Google has issued patches for two new...

6.8CVSS0.1AI score0.48574EPSS
Exploits3
Malwarebytes
Malwarebytes
added 2019/12/09 5:15 p.m.93 views

Please don’t buy this: smart doorbells

Though Black Friday and Cyber Monday are over, the two shopping holidays were just precursors to the larger Christmas season—a time of year when online packages pile high on doorsteps and front porches around the world. According to some companies, it's only logical to want to protect these...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/02/26 1:0 p.m.93 views

What K–12 schools need to shore up cybersecurity

Crumbling infrastructure. Gaps in curriculum. Antiquated devices. Difficult COPPA laws. Lack of funding. Those are just a few of the obstacles facing K–12 schools looking to adopt technology into their 21st century learning initiatives. Now add security concerns to the list, and you can see why...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/02/20 7:21 p.m.93 views

Sophisticated phishing: a roundup of noteworthy campaigns

Phishing is a problem nearly as old as the Internet. Yet, criminals continue to reach into their bag of phishing tricks in 2019 because, in a nutshell, it just works. Dialing into the human psyche and capitalizing on emotions such as fear, anxiety, or plain laziness, phishing attacks are successf...

7.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/11/05 8:37 p.m.93 views

Browlock flies under the radar with complete obfuscation

Browlocks are the main driving force behind tech support scams, using a combination of malvertising and clever browser locker tricks to fool users. In fact, the effects can be so convincing that people call the rogue Microsoft support number for help because they believe their computer has been...

1.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/10/31 4:41 p.m.93 views

How to tighten security and increase privacy on your browser

Is my browser making an effort to keep my system safe and my online behavior private? This is usually not the first question we ask ourselves when we choose our default browser. But maybe it should be. These days, threats to your privacy and security come at your from all angles, but browser-base...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/08/04 6:0 p.m.93 views

Learning PowerShell: basic programs

In the previous posts we have looked at some elementary PowerShell concepts and we have constructed some basic commands to export and compare data. We did this by using an example of certificates being dumped in the “Untrusted” category by some malware. This time we will try to write a program th...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/14 6:0 a.m.92 views

New ESXiArgs encryption routine outmaneuvers recovery methods

In what seems to be a typical arms race where one side responds to counter the progress the other side has made, the ransomware group behind the massive attack on ESXi Virtual Machines VMs has come up with a new variant that can no longer be decrypted with the recovery script released by the...

5.8CVSS0.1AI score0.47795EPSS
Exploits7
Malwarebytes
Malwarebytes
added 2022/04/04 10:22 a.m.92 views

Update now! Zyxel patches critical firewall bypass vulnerability

In a security advisory Zyxel has urged customers to update because a security flaw can lead to the circumvention of firewall protection in several Zyxel products. Zyxel is a Taiwanese producer of modems and other networking equipment and its products are sold in over 150 countries. The...

7.5CVSS9.8AI score0.84839EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2021/08/31 1:29 p.m.92 views

ProxyToken: Another nail-biter from Microsoft Exchange

Had I known this season of Microsoft Exchange was going to be so long Id have binge watched. Does anyone know how many episodes there are? Sarcasm aside, while ProxyToken may seem like yet another episode of 2021s longest running show, that doesn’t make it any less serious, or any less...

5CVSS7.8AI score0.97502EPSS
Exploits2
Malwarebytes
Malwarebytes
added 2019/10/31 9:41 p.m.92 views

SMBs lack resources to defend against cyberattacks, plus pay more in the aftermath

Cyberattacks, many have noted, are the fastest growing economic crime not only in the United States, but also around the world. This upward trend has been observed since 2014, according to PricewaterhouseCoopers PwC, and won’t likely be slowing down anytime soon. Cyberattacks—much like the...

Exploits0
Malwarebytes
Malwarebytes
added 2019/07/10 3:0 p.m.92 views

What should a US federal data privacy law ideally include?

In the constant David-and-Goliath struggle between digital privacy advocates and corporate privacy invaders, the question of how to legally protect Americans with a comprehensive, federal data privacy law provides conflicting answers. Advocates want protections, which Big Tech interprets as...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/06/24 3:0 p.m.92 views

Mobile stalkerware: a long history of detection

Recently, we have received an alarming question from many Malwarebytes users, asking, “Do you detect stalkerware?” The answer is an overwhelming, “Absolutely, and for good reason!” Moreover, we have been doing so for a long time, and are expanding our efforts in the months to come. Going back mor...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/12/18 4:0 p.m.92 views

All the reasons why cybercriminals want to hack your phone

When people think of hacking, most imagine desktop computers, laptops, or perhaps even security cameras. However, in recent years, cybercriminals have expanded their repertoire to include smartphones, too. Here are 10 reasons why they may be looking to hack your phone. 1. To infect it with malwar...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/04/13 3:0 p.m.92 views

Facebook spammers making things worse

Facebook's having a bad couple of weeks. Between Congressional testimony and new information coming forward about Cambridge Analytica's use of user data, the tech giant is having problems keeping its users aboard. Unfortunately, misery loves company. We noticed a few Facebook spam campaigns this...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/09/05 4:30 p.m.91 views

Zero-day puts a dent in Chrome's mojo

On Friday, Google announced the release of a new version of its Chrome browser that includes a security fix for a zero-day tracked as CVE-2022-3075. As with previous announcements, technical details about the vulnerability won't be released until a certain number of Chrome users have already...

8.4AI score0.70461EPSS
Exploits4
Malwarebytes
Malwarebytes
added 2022/01/27 9:56 p.m.91 views

Update now! Apple patches another actively used zero-day

Apple has released patches for iOS 15.3, iPadOS 15.3, and macOS Monterey 12.2 and is urging users to update. The most significant reasons are two actively exploited zero-day vulnerabilities, one of which has a publicly disclosed Proof-of-Concept PoC. Using this vulnerability, designated...

9.3CVSS8.7AI score0.28839EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2019/07/30 3:0 p.m.91 views

How to get your Equifax money and stay safe doing it

UPDATE August 2, 2019: The US Federal Trade Commission has warned consumers that, due to the high number of claims made for a cash payout regarding the Equifax data breach, the actual value that will be paid out might be "far less" than the originally-stated $125. You can read the FTC's full...

Exploits0
Malwarebytes
Malwarebytes
added 2019/06/05 3:0 p.m.91 views

Maine inches closer to shutting down ISP pay-for-privacy schemes

Maine residents are one step closer to being protected from the unapproved use, sharing, and sale of their data by Internet service providers ISPs. A new state bill, already approved by the state House of Representatives and Senate, awaits the governor’s signature. If signed, the bill would provi...

Exploits0
Malwarebytes
Malwarebytes
added 2019/01/07 5:59 p.m.91 views

Australia’s Early Warning Network compromised

An early warning network designed to notify subscribers about dangerous weather in Australia has been compromised. The hacker sent many bogus messages via phone, SMS, and email, telling users that the service had been hacked. Early Warning Network, a service used by local governments to send...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/11/01 3:0 p.m.91 views

Introducing Malwarebytes for Chromebook

Have you been thinking about switching over to Chromebook because you don’t need all the built-in software programs of a PC or the sleek design of a Mac? Or perhaps you’ve already made the jump because Chromebooks are so much cheaper than a Windows or Mac system. Either way, did you worry that yo...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/08/29 4:48 p.m.91 views

Fileless malware: getting the lowdown on this insidious threat

Traditionally, malware attacks as we have always known them are files written to disk in one form or another that require execution in order to carry out their malicious scope. Fileless malware, on the other hand, is intended to be memory resident only, ideally leaving no trace after its executio...

0.4AI score
Exploits0
Total number of security vulnerabilities4706