4706 matches found
To pay, or not to pay? That is the VPN question
VPNs have been a subject of deliberation for a long time. Is it even important to use one? I think the pandemic has made it clear that, yes, using a VPN is useful, even necessary, most especially for those working remotely. But should you pay for it? Or would you rather settle for free? Were goin...
YouTube ordered to cough up $170M settlement over COPPA infraction
Last week, the Federal Trade Commission FTC announced that it has required Google and YouTube to pay a settlement fee totaling $170 million after its video-sharing platform was found violating the Children’s Online Privacy Protection Act COPPA. The complaint was filed by the FTC and the New York...
Ellen DeGeneres giveaway scam spreading on social media
Scammers are pushing multiple fake Facebook profiles of Ellen DeGeneres, popular US TV show host and producer, with the goal of tricking people into jumping through a few money-making hoops. This isn’t a sophisticated scam. It isn’t hacking the Gibson. It won’t be the focus of a cutting edge...
Mac malware intercepts encrypted web traffic for ad injection
Last week, Malwarebytes researcher Adam Thomas found an interesting new piece of Mac malware that exhibits some troubling behaviors, including intercepting encrypted web traffic to inject ads. Let's take a closer look at this adware, which Malwarebytes for Mac detects as OSX.SearchAwesome, to see...
A cure for the common cold call: freeze them out
The phone rings and it's a number I don’t recognize. That’s enough to bring my mood down a few degrees. It shouldn’t, but unfortunately experience has taught me that at least 95 percent of the calls from numbers that are “private” or that I don’t have an account name stored for on my phone are...
GrayKey iPhone unlocker poses serious security concerns
Ever since the case of the San Bernadino shooter pitted Apple against the FBI over the unlocking of an iPhone, opinions have been split on providing backdoor access to the iPhone for law enforcement. Some felt that Apple was aiding and abetting a felony by refusing to create a special version of...
Inside the Kronos malware – part 2
In the previous part of the Kronos analysis, we took a look at the installation process of Kronos and explained the technical details of the tricks that this malware uses in order to remain more stealthy. Now we will move on to look at the malicious actions that Kronos can perform. Analyzed sampl...
Microsoft fixes six critical vulnerabilities in June Patch Tuesday
Its that time of the month again: We're looking at June's Patch Tuesday roundup. Microsoft has released its monthly update, and compared to previous months, its actually not so bad. No actively exploited zero-days and only six critical vulnerabilities. So, well have the luxury of going over those...
Rubrik is latest victim of the Clop ransomware zero-day campaign
Rubrik, a cybersecurity company specializing in cloud data management, has revealed that some of its systems were infiltrated by the Clop ransomware group. Rubrik is one of many companies attacked by Clop via an infamous zero-day vulnerability in the GoAnywhere file transfer software. The attack...
Has your WordPress site been backdoored by a skimmer?
Skimmers and other threat actors are backdooring websites, and WordPress instances in particular, according to a recently released report. Researchers at Sucuri say attackers have developed methods to make sure that their grip on the infected site is not easily removed by applying the next update...
Update now! Apple patches another privilege escalation bug in iOS and iPadOS
Apple has released a security update for iOS and iPad that addresses a critical vulnerability reportedly being exploited in the wild. The update has been made available for iPhone 6s and later, iPad Pro all models, iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iP...
Important tips for safe online shopping post COVID-19
As more and more countries order their citizens inside in response to COVID-19, online shopping—already a widespread practice—has surged in popularity, especially for practical items like hand sanitizer, groceries, and cleaning products. When people don’t feel safe outside, it’s only natural they...
Facebook scams: Bad ads, bogus grants, and fake tickets lurk on social media giant
We recently highlighted new steps Instagram is taking to try and clamp down on scammers sending fake messages on their platform. It turns out, other social media giants are walking a similar path for a variety of bogus ads and other attacks. Facebook scams in particular have taken off, despite th...
Cooperating apps and automatic permissions are setting you up for failure
“Hey you. Someone from HR has invited you to a meeting on Thursday. Would you like me to add the appointment to the calendar?” Receiving an email notification when someone has invited you to a meeting is a feature that many professionals would not like to miss. Being able to log in at certain sit...
Employee education strategies that work to change behavior
When people make the decision to get in shape, they have to commit the time and energy to do so. Going to the gym once isn’t going to cut it. The same is true when it comes to changing the culture of an organization. In order to be effective in changing employee behavior, training needs to be...
Mozilla launches Firefox Send for private file sharing
Mozilla look to reclaim some ground from the all-powerful Chrome with a new way to send and receive files securely from inside the browser. Firefox Send first emerged in 2017, promising an easy way to send documents without fuss. The training wheels have now come off and Send is ready to go...
A week in security (January 7 – 13)
Last week on the Malwarebytes Labs blog, we took a look at the Ryuk ransomware attack causing trouble over the holidays, as well as a ransom threat for an Irish transportation company. We explored the realm of SSN scams, and looked at what happens when an early warning system is attacked. Other...
Spoofed addresses and anonymous sending: new Gmail bugs make for easy pickings
Tim Cotten, a software developer from Washington, DC, was responding to a request for help from a female colleague last week, who believed that her Gmail account has been hacked, when he discovered something phishy. The evidence presented was several emails in her Sent folder, purportedly sent by...
Explained: SQL injection
Even though SQL injection is a type of attack that is relatively easy to prevent, it is one of the most common web hacking techniques. So, what’s it all about? The basics SQL is short for Structured Query Language and usually pronounced as “sequel.” SQL is a standard language used to query and...
Gartner recognizes Malwarebytes as a “Visionary” in the Magic Quadrant
I’m proud to announce that Gartner has recognized Malwarebytes as a “visionary” in the 2018 Gartner Magic Quadrant for Endpoint Protection Platforms. Malwarebytes was selected for its completeness of vision and ability to execute. Our goal is to give every user a malware-free experience and empow...
Attackers replaced JDownloader installer downloads with malware
If you downloaded the JDownloader installer during the compromise window May 6-7, you are advised to verify the file. JDownloader is a popular download management application, particularly favored for automated downloads from file-hosting services, video sites, and premium link generators. The...
A proxyjacking campaign is looking for vulnerable SSH servers
A researcher at Akamai has posted a blog about a worrying new trend--proxyjacking--where criminals sell your bandwidth to a third-party proxy service. To understand how proxyjacking works, well need to explain a few things. There are several legitimate services that pay users to share their surpl...
Zyxel patches two critical vulnerabilities
Zyxell has released a security advisory for multiple buffer overflow vulnerabilities. Exploitation of these vulnerabilities could allow an unauthenticated attacker to cause denial-of-service DoS conditions and even a remote code execution on the affected Zyxell firewalls. Affected users should...
Bad rhythm: Janet Jackson song resonates poorly with some old hard drives
Janet Jacksons Rhythm Nation music video would have caused quite the commotion back in the old Windows XP days. If youre still running a certain model of an OEM hard drive from the Windows XP days, you may still be liable to experience the same thing today. However, said commotion was not solely...
Stealthy new Android malware poses as ad blocker, serves up ads instead
Since its discovery less than a month ago, a new Trojan malware for Android we detect as Android/Trojan.FakeAdsBlock has already been seen on over 500 devices, and it’s on the rise. This nasty piece of mobile malware cleverly hides itself on Android devices while serving up a host of...
Explained: war shipping
Yesterday, Mike from the mailroom came up and asked whether I knew anyone called “Simon Smith.” He received an envelope addressed to our company and to the attention of Mr. Smith, but there was no one by that name on his list of employees. It wasn’t on mine either and HR was unaware of a person b...
A week in security (May 27 – June 2)
Last week on Malwarebytes Labs, we took readers through a deep dive—way down the rabbit hole—into the novel malware called “Hidden Bee.” We also looked at the potential impact of a government agency’s privacy framework, and delivered to readers everything they needed to know about ATM attacks and...
NIST’s privacy framework lets privacy tell its own story
Online privacy remains unsolved. Congress prods at it, some companies fumble with it while a small handful excel, and the public demands it. But one government agency is trying to bring everyone together to fix it. As the Senate sits on no fewer than four data privacy bills that their own members...
The global data privacy roadmap: a question of risk
For most American businesses, complying with US data privacy laws follows a somewhat linear, albeit lengthy, path. Set up a privacy policy, don’t lie to the consumer, and check the specific rules if you’re a health care provider, video streaming company, or kids’ app maker. For American businesse...
Christmas tech scams roundup
There’s a fair few Christmas tech scams floating around out there as 2018 winds up, and we thought it’d be a good time to warn you about them. It’s the usual mish-mash of phone antics, social media shenanigans, and click bait. Shall we begin? This scam looks divine BOOM reports on a collection of...
Breaches, breaches everywhere, it must be the season
After last weeks shocker from Marriott this week started off with disclosures about breaches at Quora, Dunkin’ Donuts, and 1-800-Flowers. Quora Quora is an online community that focuses on asking and answering questions. It was founded in 2009 by two former Facebook employees. The stolen data may...
Fortnite’s Google Play rebuff sparks security concerns for Android users
There's been no small outbreak of chaos in mobile land recently, all because of an astonishingly popular game called Fortnite. Here's the thing: people refer to Android as "open platform," saying that, in theory, you can do what you want with it. In practice, you buy an Android phone and then...
Mobile Menace Monday: Fake WhatsApp can steal info from your phone
Last month, a blogger at My Online Security reported receiving a spam comment containing WhatsApp Plus. Going through the process, they downloaded an APK of this so-called WhatsApp Plus. Where they ended was as stated, I am not certain exactly what this does, but from the sandbox reports it looks...
Tech support scammers GeeksHelp caught again, two years later
Many researchers have noted an increase in tech support scam activity during the past few months. This trend, facilitated by browser lockers, is not surprising considering that other web-based infection methods are not as effective. While people are still receiving cold calls from alleged Microso...
Deepfakes FakeApp tool (briefly) includes cryptominer
A few weeks ago, we took a look at a forum dedicated to Deepfake clips where the site was pushing Coinhive mining scripts in the website's HTML code. As it turns out, there's been another mining blow-out in the form of one of the apps used to make the fakes. That's right—a tool designed to push...
Back to school cybersecurity tips for parents and kids
The time to start the new school term is just around the corner. And for parents, the excitement and anxiety may be palpable, especially if it's their kid's first time attending a new school. Ads for back-to-school gear start as early as July, increasing in frequency and urgency until the kiddos...
Update now! Emergency fix for Google Chrome's V8 JavaScript engine zero-day flaw released
On Friday, December 2, Google rolled out an out-of-band patch for an actively exploited zero-day vulnerability in its V8 JavaScript engine. The flaw could allow attackers to cause a system crash or execute potentially malicious code. That means you'll want to update Chrome to patch against this...
[updated]Unpatched Atlassian Confluence vulnerability is actively exploited
Researchers found a vulnerability in Atlassian Confluence by conducting an incident response investigation. Atlassian rates the severity level of this vulnerability as critical. Atlassian has issued a security advisory and is working on a fix for the affected products. This qualifies the...
Italian mafia cybercrime sting leads to 100+ arrests
The Spanish National Police Policía Nacional has successfully dismantled an organized crime ring of hundreds of members in a sting operation supported by Europol, the Italian National Police Polizia di Stato, and Eurojust. This is the end result of a year-long investigation. The organized crime...
A week in security (May 24 -30)
Last week on Malwarebytes Labs we discussed VPN Android apps, how even the FBI has to deal with insider threats, Chromes Incognito mode, new rules for critical infrastructure spurred by the Colonial Pipeline attack, how to delete your Twitter account, what encryption is, how healthcare service...
How social media platforms mine personal data for profit
It’s almost impossible not to rely on social networks in some way, whether for personal reasons or business. Sites such as LinkedIn continue to blur the line, increasing the amount of social function over time with features and services resembling less formal sites, such as Facebook. Can anyone...
ACCESS Act might improve data privacy through interoperability
Data privacy is back in Congressional lawmakers’ sights, as a new, legislative proposal focuses not on data collection, storage, and selling, but on the idea that Americans should be able to more easily pack up their user data and take it to a competing service—perhaps one that better respects...
A week in security (August 26 – September 1)
Last week on Malwarebytes Labs, we analysed the Android xHelper trojan, we wondered why the Nextdoor app would send out letters on behalf of their customers, reported about a study that explores the clickjacking problem across top Alexa-ranked websites, wondered how to get the board to invest in...
A week in security (March 4 – 11)
Last week, Malwarebytes Labs released its in-depth, international data privacy survey of nearly 4,000 individuals, revealing that every generation, including Millennials, cares about online privacy. We also covered a novel case of zombie email that involved a very much alive account user, delved...
A week in security (February 4 – 8)
Last week on Malwarebytes Labs, we took a closer look at the technical and reputational challenges for Facebook as it tries to integrate secure messaging across Messenger, WhatsApp, and Instagram. We explored Google’s latest attempts to change how the public sees—literally—web browser URLs, gave...
This online quiz is now confirmed to be a phishing scam
Ah, online quizzes. Many of us know that they can be somewhat dodgy and nonsense, really—but that doesn’t stop us from clicking the “Start quiz” button anyway. Besides, you have time to kill, and there are only three questions to answer, right? The right kind of wrong Phishing attacks don’t alway...
ESTA registration websites still lurk in paid ads on Google
Google has taken direct action against adverts promoting ESTA registration services, often offered by third parties at highly inflated prices. Ads displayed on the Google network shouldn’t display fees higher than what a public source or government charges for products or services. This tightenin...
Why Malwarebytes decided to participate in AV testing
Starting this month, Malwarebytes began participating in the antivirus software for Windows comparison test performed by AV-test.org. This is uncharted territory for us, as we have refrained from participating in these types of tests since our inception. Although recent testing results show...
My precious: security, privacy, and smart jewelry
Emery was staring at her computer screen for almost an hour, eyes already lackluster as the full-page ad on Motiv looped once more. She was contemplating whether she'd give in and get her boyfriend Ben a new fitness tracker as a present for his upcoming marathon. The phone app he was currently...
TrickBot takes over as top business threat
Last quarter brought with it a maddening number of political ads, shocking and divisive news stories on climate change and gun laws, and mosquitoes. We hate mosquitoes. In related unpleasant news, it also apparently ushered in an era of banking Trojans that, as of this moment, shows no signs of...