4659 matches found
Bloomberg blunder highlights supply chain risks
Ooh boy! Talk about a back-and-forth, he said, she said story! No, we’re not talking about that Supreme Court nomination. Rather, we’re talking about Supermicro. Supermicro manufacturers the type of computer hardware that is used by technology behemoths like Amazon and Apple, as well as governmen...
What’s causing the cybersecurity skills gap?
The proliferation of next-gen technology into mainstream society has been a boon for consumers, entrepreneurs, and business owners alike. Between the rise of mobile computing, the Internet of Things IoT, and modern social media, our society is more connected than ever before. But all of this...
New Chrome and Firefox extensions block their removal to hijack browsers
What you don't see won't hurt you, must have been the reasoning of the threat actors who created the latest batch of extensions that make these browser hijackers even more difficult to remove. The extensions redirect users away from pages where they can disable or delete them in order to drive...
Microsoft gives Apple a migraine
On May 18, 2023, Apple published security content for macOS Ventura 13.4, macOS Monterey 12.6.6, and macOS Big Sur 11.7.7 that addressed a logic issue in libxpc. The Common Vulnerabilities and Exposures CVE database lists publicly disclosed computer security flaws. The CVE we are going to discuss...
New ESXiArgs encryption routine outmaneuvers recovery methods
In what seems to be a typical arms race where one side responds to counter the progress the other side has made, the ransomware group behind the massive attack on ESXi Virtual Machines VMs has come up with a new variant that can no longer be decrypted with the recovery script released by the...
Cars and hospital equipment running Blackberry QNX may be affected by BadAlloc vulnerability
Following an announcement by Blackberry the U.S. Food & Drug Administration FDA and the Cybersecurity & Infrastructure Security Agency CISA have put out alerts that vulnerabilities found in the Blackberry QNX real-time operating system RTOS may introduce risks for certain medical devices...
The Clubhouse database “breach” is likely a non-breach. Here’s why.
Before the work week ended last week Friday, a security researcher found a leak of what is claimed to be full phone numbers of users of Clubhouse, the new social media app everyone is talking about and just recently came out of beta. Clubhouse is an audio-only social media platform where, unlike...
StopRansomware.gov brings together information on stopping and surviving ransomware attacks
The US Department of Homeland Security DHS and the US Department of Justice DOJ—along with other federal partners—have launched a new website as part of the US governments fight against ransomware: StopRansomware.gov. StopRansomware.gov is said to be a one-stop hub for ransomware resources for...
Task Force delivers strategic plan to address global ransomware problem
The Ransomware Task Force RTF, a think tank composed of more than 60 volunteer experts who represent organizations encompassing industries and governments, has recently pushed out a comprehensive and strategic plan for tackling the increasing threat and evolution of ransomware. The report, entitl...
Hackers try to poison Florida City’s drinking water
The FBI, the Secret Service, and the Pinellas County Sheriffs Office are currently investigating an attempted poisoning of a city by an individual or group of hackers that occurred Friday last week. If it hadnt been caught in time, at least 15,000 people could have been affected. In a Monday pres...
The passwordless present: Will biometrics replace passwords forever?
When it comes to securing your sensitive, personally identifiable information against criminals who can engineer countless ways to snatch it from under your nose, experts have long recommended the use of strong, complex passwords. Using long passphrases with combinations of numbers, letters, and...
Stalkerware’s legal enforcement problem
Content warning: This piece contains brief descriptions of domestic violence and assault against women and children. In the past five years, only two stalkerware developers, both of whom designed, marketed, and sold tools favored by domestic abusers to pry into victims’ private lives, have faced...
A week in security (June 3 – 9)
Last week on Malwarebytes Labs, we rounded up some leaks and breaches, reported about Magecart skimmers found on Amazon CloudFront CDN, proudly announced we were awarded as Best Cybersecurity Vendor Blog at the annual EU Security Blogger Awards, discussed how Maine inches closer to shutting down...
Vulnerabilities in financial mobile apps put consumers and businesses at risk
Security hubris. It’s the phrase we use to refer to our feeling of confidence grounded on assumptions we all have but may not be aware of or care to admit about cybersecurity—and, at times, privacy. It rears its ugly head when 1 we share the common notion that programmers know how to code securel...
Flurry of new Mac malware drops in December
Last week, we wrote about a new piece of malware called DarthMiner. It turns out there was more to be seen, as not just one but two additional pieces of malware had been spotted. The first was identified by Microsoft's John Lambert and analyzed by Objective-See's Patrick Wardle, and the second wa...
HMRC phish swipes email login, payment details
It's not tax season in the UK, but that hasn't deterred scammers from sending out mail looking to swipe both card details and email logins in one fell swoop. The email, which claims UKGOV has issued a tax refund to the tune of 542.94 GBP, arrives under the following title, which is spectacularly...
Mobile Menace Monday: Adware MobiDash gets stealthy
The Adware known as MobiDash, detected by Malwarebytes for Android as Android/Adware.MobiDash, is far from a new. However, this ad-displaying nuisance now comes with some additional stealth features. First appearing last spring, these new features are not limited to a single variant of MobiDash...
Why tech companies wanted Senate Bill 315 vetoed
When Georgia Senate Bill 315 SB-315 was introduced, people in the tech world anxiously awaited its fate, regardless of their geographic location. They knew that some laws initially restricted to single states become more widespread after politicians set precedents. And they knew that this law cou...
How to remove adware from your PC
“Close. Close. Close. Close,” my mother mumbles as she aggressively clicks her mouse over and over. “What’s wrong, Ma?” I’m home for the holidays, and cozy, cold evenings are often spent in front of the fireplace. This night, however, my mom is stuck at her computer. “This stupid thing won’t stop...
Learning PowerShell: some basic commands
My first Powershell script The first PowerShell script I wrote see below was a quick fix to remove certificates from the “Untrusted” registry key after a Vonteera infection. After some initial commands, this script basically loops back for every certificate that doesn’t belong under a certain key...
A week in security (July 24 – July 30)
Last week, we recognized one of the unsung heroes of our times, explained what the Dark Web is, revealed challenges one of our experienced when putting together his conference presentation for SteelCon, revealed the potential dangers of smart toys to kids, and made a prediction following the...
The key to old Petya versions has been published by the malware author
As research concluded, the original author of Petya, Janus, was not involved in the latest attacks on Ukraine. His original malware was pirated and extended by an unknown actor read more here. As a result of the recent events, Janus probably decided to shut down the Petya project. Similarly to th...
Attackers replaced JDownloader installer downloads with malware
If you downloaded the JDownloader installer during the compromise window May 6-7, you are advised to verify the file. JDownloader is a popular download management application, particularly favored for automated downloads from file-hosting services, video sites, and premium link generators. The...
Update now! Microsoft patches two zero-days
The Microsoft September 2022 Patch Tuesday includes fixes for two publicly disclosed zero-day vulnerabilities, one of which is known to be actively exploited. Five of the 60+ security vulnerabilities were rated as "Critical", and 57 as important. Two vulnerabilities qualify as zero-days, with one...
SAP customers are urged to patch critical vulnerabilities in multiple products
German enterprise software maker SAP has patched three critical vulnerabilities affecting Internet Communication Manager ICM, a core component of SAP business applications. Customers are urged by both SAP and CISA to address these critical vulnerabilities as soon as possible. On February 8, SAP...
BlackMatter, a new ransomware group, claims link to DarkSide, REvil
Theres a new ransomware gang in town—and, frankly, were not at all surprised. After DarkSide disappeared—coincidentally, immediately after Colonial Pipeline gave in to the groups ransom demand of roughly $5M USD worth in Bitcoin—a new ransomware group who calls themselves BlackMatter surfaced on...
Deep learning: An explanation and a peek into the future
Deep learning is one of the most advanced forms of machine learning, and is showing new developments in many industries. In this article, well explain the concept and give some examples of the latest and greatest ways its being used. What is deep learning? There have been many attempts at creatin...
Coalition Against Stalkerware bulks up global membership
Today, the Coalition Against Stalkerware brought aboard 11 new organizations to address the potentially dangerous capabilities of stalkerware, an invasive, digital threat that can rob individuals of their expectation of, and right to, privacy. These types of apps can provide domestic abusers with...
Explained: the strengths and weaknesses of the Zero Trust model
In a US court of law, the accused are deemed to be innocent until proven guilty. In a Zero Trust security model, the opposite is true. Everything and everyone must be considered suspect—questioned, investigated, and cross-checked—until we can be absolutely sure it is safe to be allowed. Zero Trus...
Emotet revisited: pervasive threat still a danger to businesses
One of the most common and pervasive threats for businesses today is Emotet, a banking Trojan turned downloader that has been on our list of top 10 detections for many months in a row. Emotet, which Malwarebytes detects as Trojan.Emotet, has been leveled at consumers and organizations across the...
A week in security (July 23 – July 29)
Last week on Labs, we looked at an adware called MobiDash getting stealthy, a new strain of Mac malware called Proton that was found after two years, and the ‘Hidden Bee’ miner that was delivered via an improved drive-by download toolkit. We also delved into the security improvements expected in...
Myspace vs. Facebook: the good old days?
Many people have fond memories of ye olde Myspace dotte comme, and those rose-splashed spectacles seem to have grown ever larger in light of the recent Facebook happenings. In recent days, I've seen many declaring their love for all things Tom, and how everything was just one huge barrel of laugh...
Mobile Menace Monday: Olympics app has more ads than games
An app claiming to live stream the 2018 Winter Olympics but really serving up a blizzard of ads had a short run on Google Play. It was uploaded to the Play store on February 8, 2018. Since then, it's been removed. The last known existence of it on the store was a cached snapshot from February 10...
Scarab ransomware: new variant changes tactics
The Scarab ransomware was discovered in June 2017. Since then, several variants have been created and discovered in the wild. The most popular or widespread versions were distributed via the Necurs botnet and initially written in Visual C compiled. However, after unpacking, we've found that anoth...
FBI: Smart toys could harm children’s privacy and physical safety
The Federal Bureau of Investigation has recently issued a Public Service Announcement PSA, encouraging consumers—parents, in particular—to think twice before purchasing internet-connected toys. Smart toys and entertainment devices for kids are part of the Internet of Things, and as such, they hav...
Something’s phishy: How to detect phishing attempts
Dear you, It appears you need to update your information. Click here to tell us all your secrets. No really, it's totally safe. We're not going to steal your identity, we swear. If only phishing attempts were that obvious. Instead, these days it's hard to tell a phish apart from a foul, if you...
Update Chrome now! Google fixes critical vulnerability in Autofill payments
Google has released a Chrome update which includes five security fixes. One of these security fixes is for a critical vulnerability in Autofill payments. Google labels vulnerabilities as critical if they allow an attacker to run arbitrary code on the underlying platform with the user's privileges...
Ransomware in December 2022
Malwarebytes Threat Intelligence builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their dark web leak sites. This information represents victims who were successfully attacked but opted not to pay a ransom. Lockbit has rebounded from i...
Urgent update for macOS and iOS! Two actively exploited zero-days fixed
Apple has released emergency security updates to fix two zero-day vulnerabilities previously exploited by attackers to hack iPhones, iPads, or Macs. Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures CVE database. Its goal is to make it easier to sha...
Child identity theft, part 1: On familiar fraud
In 2013, 30-year-old Axton Betz-Hamilton received an angry phone call from her father two weeks after her mother, Pam, died. "What the hell were you thinking?" he screamed. He had just unearthed a credit card statement in her name that had run over its limit from a box of her mother’s paperwork...
ACCESS Act might improve data privacy through interoperability
Data privacy is back in Congressional lawmakers’ sights, as a new, legislative proposal focuses not on data collection, storage, and selling, but on the idea that Americans should be able to more easily pack up their user data and take it to a competing service—perhaps one that better respects...
Insurance data security laws skirt political turmoil
Across the United States, a unique approach to lawmaking has proved radically successful in making data security stronger for one industry—insurance providers. The singular approach has entirely sidestepped the prolonged, political arguments that have become commonplace when trying to pass federa...
The top six takeaways for corporate data privacy compliance
For nearly two months, Malwarebytes Labs has led readers on a journey through data privacy laws around the world, exploring the nuances between “personal information” and “personal data,” as well as between data breach notification laws in Florida, Utah, California, and Iowa. We explored the risk...
A week in security (November 19 – 25)
Last week on Malwarebytes Labs, we took a look at a devastating business email compromise attack, web skimming antics, and the fresh perils of Deepfakes. We also checked out some Chrome bug issues, and took the deepest of deep dives into DNA testing. Other cybersecurity news Adobe Flash bug—get...
A week in security (August 27 – September 2)
Last week, we looked at dubious antics in mobile land, a peculiar case of spam on the official Cardi B website, and we deep dived into fileless malware. We also explored the inner workings of Hidden Bee, and gave an explainer of Regex. Other cybersecurity news: Huge data breach affects Chinese...
VPNFilter malware still making waves
Last month, a piece of malware called VPNFilter caused chaos for owners of MikroTik, Lynksys, TP-Link, and Netgear equipment. Roughly 500,000 devices worldwide fell victim, with the unwanted parasite able to listen to traffic, steal credentials, damage devices, and more. Until patches started to...
Human Factor Podcast: Jenny Radcliffe and Chris Boyd
A little while ago, I was invited to take part in Jenny Radcliffe's Human Factor Podcast. With 44 episodes strong and counting!, Jenny spends an hour or so talking at length with her guests who are professional investigators, security advocates, all-round educators, tireless consultant/conference...
Expired domain names and malvertising
In Q1 and Q2 of 2017, we noticed a sharp decline in drive-by downloads coming from compromised websites. The campaigns of the past are either gone Pseudo Darkleech or have changed focus EITest using social engineering techniques. Malvertising - which has remained steady and is currently the main...
SteelCon: Mahkra ni Orroz
I recently gave a talk at Sheffield's SteelCon, a huge security event spread over a few days with no end of interesting activities taking place. My presentation, called Makhra ni Orroz, is a good 45 minutes of non stop talking and pictures and things. It's also a bit different in terms of what I...
Google Pixel: Cropped or edited images can be recovered
Most of us have a camera on us at all times, and so photo taking and image sharing has become almost ubiquitous. But when sharing an image, you want to have control over what you share. And that might lead you to crop images, or redact parts of them. Maybe you cropped out a person that didn't wan...