Lucene search
K
MalwarebytesMost viewed

4706 matches found

Malwarebytes
Malwarebytes
added 2022/06/07 3:50 p.m.66 views

Hackers can take over accounts you haven’t even created yet

Account hijacking has sadly become a regular, everyday occurrence. But when it comes to hijacking accounts before they are even created? Thats something youd never think possible—but it is. Two security researchers, Avinash Sudhodanan and Andrew Paverd, call this new class of attack a...

0.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/03/07 8:25 p.m.66 views

Update now! Mozilla patches two actively exploited vulnerabilities

Mozilla has announced it has fixed security vulnerabilities in Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, and Focus 97.3.0. Users should install the out-of-band security update as soon as possible, since it is designed to apply a fix for two vulnerabilities that are known to ...

9.6AI score0.14261EPSS
Exploits2
Malwarebytes
Malwarebytes
added 2021/10/19 8:59 p.m.66 views

q-logger skimmer keeps Magecart attacks going

This blog post was authored by Jérôme Segura Although global e-commerce is continuing to grow rapidly, it seems as though Magecart attacks via digital skimmers have not followed the same trend. This is certainly true if we only look at recent newsworthy attacks; indeed when a victim is a large...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/09/02 4:24 p.m.66 views

BrakTooth Bluetooth vulnerabilities, crash all the devices!

Security researchers have revealed details about a set of 16 vulnerabilities that impact the Bluetooth software stack that ships with System-on-Chip SoC boards from several popular vendors. The same group of researchers disclosed the SweynTooth vulnerabilities in February 2020. They decided to du...

8.3CVSS9.2AI score0.0139EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2021/02/03 7:22 p.m.66 views

Would real identities make social media safer?

“Use real identities to reduce abuse online” is a talking point youve almost certainly seen down the years. It also seems to come around like clockwork every other month, and is currently a hot topic in the UK after prominent journalists / media personalities raised the issue. It’s an interesting...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/07/15 3:0 p.m.66 views

Website misconfigurations and other errors to avoid

Website owners, listen up: There are lots of things you shouldn’t do with your site, and many more you should avoid with the domains you’re responsible for. Insider malice, bad luck, and the stars aligning in impossible ways can all give your online portfolio a bad hair day. However, if you want ...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/04/09 5:5 p.m.66 views

APTs and COVID-19: How advanced persistent threats use the coronavirus as a lure

The coronavirus COVID-19 has become a global pandemic, and this is a golden time for attackers to take advantage of our collective fear to increase the likelihood of successful attack. True to form, they've been doing just that: performing spam and spear phishing campaigns using coronavirus as a...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/02/14 5:32 p.m.66 views

Misleading cybersecurity lessons from pop culture: how Hollywood teaches to hack

In pop culture, cybercrimes are often portrayed as mysterious and unrealistic. Hackers are enigmatic and have extraordinary tech abilities. They can discover top secrets in a short time and type at breakneck speed to hack into a database. In real life, though, hacking is not that straightforward...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/04/25 7:1 a.m.66 views

Labs Cybercrime Tactics and Techniques report finds businesses hit with 235 percent more threats in Q1

The Malwarebytes Labs Cybercrime Tactics and Techniques Q1 2019 report found businesses at the butt end of a bad joke. In just one year, threats aimed at corporate targets have increased by 235 percent, with Trojans, such as Emotet, and ransomware in particular revving up in the first quarter...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/08/27 8:29 p.m.66 views

Mobile Menace Monday: FakeGift is the gift that keeps on frustrating

Last spring, we found yet another piece of riskware on Google Play we call Android/PUP.Riskware.FakeGift. Based on Hindi characters found in the code, we can assume it originates from India. With over 50,000 installs before being removed from Google Play, FakeGift apparently kept on...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/08/24 3:0 p.m.66 views

Green card scams: preying on the desperate

Thanks to @nullcookies for providing leads. Most online scams depend on two things for success: a broken or otherwise onerous process to deal with a legitimate entity, and a desperate target population. With immigration, there are many, many burdensome processes to navigate, and most applicants...

Exploits0
Malwarebytes
Malwarebytes
added 2018/02/20 9:53 p.m.66 views

Encryption 101: a malware analyst’s primer

While most in the security industry know what encryption is, many lack a basic understanding of how it is used in malware—especially ransomware. Because of this, we thought it would be beneficial to do an introductory primer on encryption mechanisms and how they are exploited for malicious...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/09/29 3:0 p.m.66 views

BlueBorne – Bluetooth’s airborne influenza

Armis Labs has discovered a new attack vector that targets any device that has Bluetooth capability. This includes mobile, desktop, and IoT — roughly accounting for 8.2 billion devices. All operating systems are susceptible — Android, iOS, Windows, and Linux. Dubbed BlueBorne, it exposes several...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/08/24 1:0 p.m.66 views

Solution Corner: Malwarebytes for Mac

Mac users have been told for years: Macs don't get viruses. Even Apple said so, in their famous Get a Mac ads that aired a decade ago. Wow, that's so cool! It's good to know we're all safe. Now, on a different topic, can you tell me why Safari is going to a Russian search engine instead of Google...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/07/20 5:53 p.m.66 views

Hansa Market on Dark Web seized by Dutch police

In a simultaneous press conference issued by the Dutch police and US Attorney General Jeff Sessions we learned that the Dark Web market places Alphabay and Hansa market have been seized and shut down by international cooperating authorities. As it turned out Hansa Market was already under control...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/28 11:30 a.m.65 views

Zimbra issues awaited patch for actively exploited vulnerability

Two weeks ago, we urged readers to apply a workaround for an actively exploited vulnerability in Zimbra Collaboration Suite ZCS email servers. Zimbra has released ZCS 10.0.2 that fixes two security issues, including the known bug that could lead to exposure of internal JSP and XML files. Zimbra i...

5CVSS8.8AI score0.03658EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/25 4:0 a.m.65 views

Update vRealize now! VMware patches critical RCE vulnerabilities

VMware has issued a security advisory for vRealize Log Insight that covers four vulnerabilities reported privately by the Zero Day Initiative ZDI. Two of these vulnerabilities are rated as critical. The issues have been fixed on vRealize Log Insight 8.10.2, so users should upgrade to the latest...

10AI score0.87077EPSS
Exploits3
Malwarebytes
Malwarebytes
added 2022/03/02 2:57 p.m.65 views

Google launches Chrome 99, fixes 28 vulnerabilities

The Chrome team announced the promotion of Chrome 99 to the stable channel for Windows, Mac and Linux on March 1, 2022. This will roll out over the coming days/weeks. In the desktop version, a total of 28 vulnerabilities were closed. Of these, 11 were classified as high, 15 as medium and two as...

8.8AI score0.01677EPSS
Exploits2
Malwarebytes
Malwarebytes
added 2022/03/01 8:49 p.m.65 views

The Conti ransomware leaks

On February 27, an individual with insights into the Conti ransomware group started leaking a treasure trove of data beginning with internal chat messages. Conti is responsible for a number of high profile attacks, including one against the Irish Healthcare system which has cost more than $48...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/01/25 1:12 p.m.65 views

A week in security (January 18 – January 24)

Last week on Malwarebytes Labs, we looked at changes to WhatsApp’s privacy policy, we provided information about Malwarebytes being targeted by the same threat actor that was implicated in the SolarWinds breach, we told the story of ZeroLogon, looked at the pros and cons of Zoom watermarking,...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/05/06 3:15 p.m.65 views

Credit card skimmer masquerades as favicon

Malware authors are notorious for their deceptive attempts at staying one step ahead of defenders. As their schemes get exposed, they always need to go back to their bag of tricks to pull out a new one. When it comes to online credit card skimmers, we have already seen a number of evasion...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/01/10 6:4 p.m.65 views

Threat spotlight: Phobos ransomware lives up to its name

Ransomware has struck dead on organizations since it became a mainstream tool in cybercriminals' belts years ago. From massive WannaCry outbreaks in 2017 to industry-focused attacks by Ryuk in 2019, ransomware's got its hooks in global businesses and shows no signs of stopping. That includes a...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/12/03 6:6 p.m.65 views

New version of IcedID Trojan uses steganographic payloads

This blog post was authored by @hasherezade, with contributions from @siriurz and Jérôme Segura. Security firm Proofpoint recently published a report about a series of malspam campaigns they attribute to a threat actor called TA2101. Originally targeting German and Italian users with Cobalt Strik...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/11/20 4:51 p.m.65 views

Web skimmers compete in Umbro Brasil hack

Umbro, the popular sportswear brand has had their Umbro Brasil website hacked and injected with not one but two web skimmers part of the Magecart group. Magecart has become a household name in recent months due to high profile attacks on various merchant websites. Criminals can seamlessly steal...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/08/08 2:0 p.m.65 views

White hat, black hat, and the emergence of the gray hat: the true costs of cybercrime

This post was written by Michael Osterman of Osterman Research. Osterman Research recently completed a major survey on behalf of Malwarebytes to determine the actual cost of cybercrime to businesses. Many studies have focused on the cost of lost reputation, lost future business, and other...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/07/09 5:0 p.m.65 views

A week in security (July 2 – July 8)

Last week, we tracked back a large mining operation from their Coinhive shortlink, we took a look at online project management tools, we described a new macro-less technique to distribute malware, and talked about a Mac malware that targets crypto-mining users. Other news: Huawei enterprise comms...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/06/25 5:0 p.m.65 views

Did my comment on your blog get lost?

If you ever feel bad about your job because of mindless tasks you must perform day after day, or if you're bothered by the fact that your chosen work pays crap, produces nothing useful, and helps no one: have a look at blog comment spammers and breathe a sigh of relief. They make almost any job...

Exploits0
Malwarebytes
Malwarebytes
added 2018/03/27 3:0 p.m.65 views

Encryption 101: Decryptor’s thought process

In the previous parts 1, 2 and 3 of this series, we covered the basics of encryption, walked through a live example of a ransomware in detail, and talked about encryption weaknesses. In this part of the encryption 101 series, we will begin wrapping it up by going into detail on a ransomware with...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/10/20 4:55 p.m.65 views

Mac malware OSX.Proton strikes again

The hackers responsible for the Mac malware OSX.Proton have struck again, this time infecting a copy of the Elmedia Player app that was being distributed from the official Eltima website. At this time, it is still unknown how long their website was providing the hijacked app. Proton was silently...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/10/05 1:0 a.m.64 views

Exim finally fixes 3 out of 6 vulnerabilities

Exim is a message transfer agent MTA originally developed at the University of Cambridge for use on Unix systems connected to the internet, and is freely available under the terms of the GNU General Public Licence. Even though the name may be new to you, a Shodan search revealed 3.5 million serve...

7.4AI score0.51474EPSS
Exploits5
Malwarebytes
Malwarebytes
added 2023/09/27 1:45 p.m.64 views

Pegasus spyware and how it exploited a WebP vulnerability

Recent events have demonstrated very clearly just how persistent and wide-spread the Pegasus spyware is. For those that have missed the subtle clues, we have tried to construct a clear picture. We attempted to follow the timeline of events, but have made some adjustments to keep the flow of the...

6.8CVSS7.5AI score0.99735EPSS
Exploits10
Malwarebytes
Malwarebytes
added 2023/07/21 2:0 p.m.64 views

CISA: You've got two weeks to patch Citrix NetScaler vulnerability CVE-2023-3519

The Cybersecurity and Infrastructure Security Agency CISA has added a critical unauthenticated remote code execution RCE vulnerability in Citrix NetScaler ADC and Citrix NetScaler Gateway to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This means that...

7.5CVSS9AI score0.99445EPSS
Exploits16
Malwarebytes
Malwarebytes
added 2023/01/16 4:0 a.m.64 views

Law enforcement app SweepWizard leaks data on crime suspects

SweepWizard, an obscure app apparently created by ODIN Intelligence and used by more than 60 law enforcement departments, has a flaw: According to an ethical hacker, a misconfiguration in the app's API application programming interface caused it to unintentionally leak to the open internet a trov...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/12/19 1:0 a.m.64 views

4 over-hyped security vulnerabilities of 2022

A critical vulnerability can send countless organizations into chaos, as security teams read up on the vulnerability, try to figure out whether it applies to their systems, download any potential patches, and deploy those fixes to affected machines. But a lot can go wrong when a vulnerability is...

7.5CVSS9.7AI score0.99939EPSS
Exploits136
Malwarebytes
Malwarebytes
added 2022/03/15 5:20 p.m.64 views

Stolen Nvidia certificates used to sign malware—here’s what to do

As we wrote on March 3, 2022 Nvidia, was recently attacked by the LAPSUS$ ransomware group. The ensuing data leak included two of NVIDIA’s code signing certificates. Those certificates are now being used to sign malware. Leaked signing certificates from major vendors like Nvidia come with huge...

1.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/08/03 3:25 p.m.64 views

The 3 biggest threats reaching for your antivirus software’s off switch

Having antivirus AV software on your computer is a staple. Modern antivirus offers layered protection—a cybersecurity approach that uses multiple techniques in one package to keep you safe if you download a malicious file from the Internet, find yourself worrying after clicking a link on a direct...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/07/19 7:45 a.m.64 views

“Seven or eight” zero-days: The failed race to fix Kaseya VSA, with Victor Gevers, Lock and Code S02E13

Kaseya VSA included at least “seven or eight” privately known zero-day vulnerabilities before it suffered a widespread ransomware attack that impacted hundreds of businesses, said Victor Gevers, chair of the Dutch Institute for Vulnerability Disclosure, or DIVD, a volunteer-run organization that...

7.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/05/13 6:10 p.m.64 views

What does WiFi stand for?

We use WiFi to connect to the Internet, but what is it, and what does it stand for? How does it have such a catchy name, and why do we sometimes have a weak Internet connection with a strong WiFi signal and vice versa? Read on to answer these questions and more. What does WiFi mean? Many people...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/26 2:51 p.m.64 views

Breaking free from the VirusTotal silo: Lock and Code S02E07

This week on Lock and Code, we speak to Malwarebytes Chief Information Security Officer John Donovan about the flaws in using VirusTotal as the one source of truth when evaluating whether or not a cybersecurity tool actually works. Its a practice that is surprisingly common. Weeks ago, Malwarebyt...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/31 12:28 p.m.64 views

The npm netmask vulnerability explained so you can actually understand it

The popular npm netmask library recently encountered a serious problem, explained as follows: The npm netmask package incorrectly evaluates individual ipv4 octets that contain octal strings as left-stripped integers, leading to an inordinate attack surface on hundreds of thousands of projects tha...

6.4CVSS7.5AI score0.16356EPSS
Exploits1
Malwarebytes
Malwarebytes
added 2021/02/23 3:17 p.m.64 views

Clop targets execs, ransomware tactics get another new twist

Ransomware peddlers have come up with yet another devious twist on the recent trend for data exfiltration. After interviewing several victims of the Clop ransomware, ZDNet discovered that its operators appear to be systematically targeting the workstations of executives. After all, the top manage...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/02/18 4:30 p.m.64 views

A week in security (February 11 – 17)

Last week on Malwarebytes Labs we discussed the return of the Sextortion Bitcoin scams, we gave you an early overview of the exploit kits in the winter of 2019, we talked about the destruction of VFEmail service, for consumers we discussed whether you should remove yourself from social media, for...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/01/29 7:0 p.m.64 views

Apple’s FaceTime privacy bug allowed possible spying

Social media caught fire yesterday as the news of a new Apple bug spread. It seemed that there was a flaw in FaceTime that allowed you to place a call to someone, but listen in on their microphone if they didn't pick up. Worse, as the news spread, it turned out that there was also a way to captur...

6.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/08/31 3:0 p.m.64 views

Explained: regular expression (regex)

Regular expression, or "regex" for short, is a mathematical term for the theory used to describe regular languages. But in computing, regexes are used to search for patterns in files and databases, and their functionality is incorporated into many modern programming languages. Regex search patter...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/04/19 4:42 p.m.64 views

Perspectives on Russian hacking

Russia is an endlessly fascinating subject both in and around infosec. Recent years have shifted attention away from pure malware capabilities, to psyops, social engineering, and an endless slew of mind games designed to destabilize and keep nations ever-so-slightly off balance. Security firms in...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/03/30 3:0 p.m.64 views

TLS 1.3 is nearly here

TLS stands for "Transport Layer Security" and it's rather important. Why's that? Oh, I'm glad you asked. Here's me, yelling my password across the office to you: "PASSWORD!!!" You heard me loud and clear, right? But so did basically anyone else nearby. Now let's work in a little TLS love and...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/01/30 11:43 p.m.64 views

GandCrab ransomware distributed by RIG and GrandSoft exploit kits (updated)

This post was authored by Vasilios Hioueras and Jérôme Segura Update 2018-02-02: GandCrab is delivered via Necurs malicious spam 1. Update 2018-02-01: GandCrab is now also spread via the EITest campaign 2 3. - - Late last week saw the appearance of a new ransomware called GandCrab. Surprisingly, ...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/11/20 6:29 p.m.64 views

OSX.Proton spreading through fake Symantec blog

Sunday night, a series of tweets from security researcher @noarfromspace revealed a new variant of the OSX.Proton malware, spreading in a concerning new method—spoofing security company Symantec's blog. Method of infection The malware is being promoted via a fake Symantec blog site at...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/11/03 2:0 a.m.64 views

Why emerging APAC markets are prime targets for the malware of the future

In many ways, Asia has led the way in technological development. Robotics, video games, dizzyingly fast Internet speeds. But when it comes to cybersecurity, several APAC countries, especially those in emerging markets, are severely lacking. And while, according to the 2017 State of Malware Report...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/12/28 9:0 a.m.63 views

4 sneaky scams from 2023

In 2023, the public primarily confronted two varieties of online scams: the technical and the topical. Technical scams abuse legitimate aspects of modern internet infrastructure to lead users to illegitimate or compromised sites. A team of hackers can, say, boost their own info-stealing websites...

7.1AI score
Exploits0
Total number of security vulnerabilities4706