Lucene search
K
MalwarebytesMost viewed

4707 matches found

Malwarebytes
Malwarebytes
added 2019/07/15 2:27 p.m.59 views

A week in security (July 8 – 14)

Last week on Malwarebytes Labs, we looked at ways to send your sensitive information in a secure fashion, examined some tactics in incident response land, and explored federal data privacy law. We also looked at how security tools can turn against you, and took a deep dive into the rather fiendis...

Exploits0
Malwarebytes
Malwarebytes
added 2019/04/29 3:54 p.m.59 views

Wall Street Market reported to have exit scammed

Around April 20, many users reported that Wall Street Market, a broadly known dark net market, had executed an exit scam, and that any pending orders were unlikely to be completed. Scamming with enterprises involving Bitcoin is not unheard of, and dark net markets with centralized escrow are...

0.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/07/10 3:0 p.m.59 views

So you’ve been asked to start a threat intel program

Ever since the Mandiant APT1 report landed like a bomb in private sector security reporting, threat intelligence has been a hot buzzword many companies have been chasing over. But what is threat intelligence? What do you need to execute it well? And how many new tools do you need to buy? The...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/06/20 7:0 p.m.59 views

Fake Fortnite for Android links found on YouTube

The extremely popular video game Fortnite is coming to Android sometime this summer, and the fanbase is going wild. Not surprisingly, mobile malware developers are taking advantage. Already, there are several videos on YouTube with links claiming to be versions of Fortnite for Android, despite th...

Exploits0
Malwarebytes
Malwarebytes
added 2018/06/05 5:0 p.m.59 views

Social media: A treasure trove of spam and scams

There are two kinds of spam associated with social media. There are spam ads that actually live on social media, and there is spam that comes in your inbox, courtesy of social media. Both thrive by using data from your social media accounts. But how do spammers know how to target you and send you...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/04/09 3:16 p.m.59 views

A week in security (April 02 – April 08)

Last week, we took a look at fake Whatsapp antics, dubious gaming extensions, and a huge Panera bread breach. There was also LockCrypt ransomware to contend with, we had a poke around Linkedin, and we published another Physician, protect thyself blog. Other news Compromised cash register systems...

1.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/03/08 5:0 p.m.59 views

International Women’s Day: Women in tech share their stories

From the metoo movement to Oprah's Time's Up speech to the women's marches on cities throughout the world—it's been a banner year for women's rights. And on this International Women's Day, we wanted to do more than pay lip service to the changes in feminist dialogue. After all, tech is an industr...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/01/27 7:53 p.m.59 views

IMPORTANT: Web blocking / RAM usage announcement

On January 27, we published a protection update that caused connection issues for many of our customers. As a side effect of the web protection blocks, the product also spiked memory usage and possibly caused a crash. We have triaged this issue and pushed a protection update that resolves it. For...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/12/15 11:30 p.m.59 views

Exosrv.com, an ad server for adult sites, tops Malwarebytes detections

Update 12/18/2017: Upon review, we have decided to lift the block on those two ad servers. You can read ExoClick's comments below: At Exoclick we use large resources to ensure that the ads that we serve are clear, clean and issue free. Where malwares and other forms of malvertising are detected...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/10/25 11:12 p.m.59 views

Our computers, ourselves: digital vs. biological security

Though by night I fight malware alongside the rest of the Malwarebytes research team, by day I work as a doctoral student in Immunobiology at Yale University, where I study the development of the immune system in your bone marrow. This grants me a unique perspective, as I’ve studied both the...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/03/08 2:16 p.m.58 views

Patch now! VMWare escape flaws are so serious even end-of-life software gets a fix

VMWare has issued secuity fixes for its VMware ESXi, Workstation, Fusion, and Cloud Foundation products. It has even taken the unusual step of issuing updates for versions of the affected software that have reached thier end-of-life, meaning they would normally no longer be supported. This flaws...

4.6CVSS8.1AI score0.03542EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2023/12/13 4:39 p.m.58 views

Microsoft patches 34 vulnerabilities, including one zero-day

December’s Patch Tuesday is a relatively quiet one on the Microsoft front. Redmond has patched 34 vulnerabilities with only four rated as critical. One vulnerability, a previously disclosed unpatched vulnerability in AMD central processing units CPUs, was shifted by AMD to software developers. Th...

7.5CVSS7.9AI score0.92817EPSS
Exploits15
Malwarebytes
Malwarebytes
added 2022/07/18 12:51 p.m.58 views

Extortionists target restaurants, demand money to take down bad reviews

Restaurants and other eating establishments are being targeted by extortionists who post fake reviews online and then offer to remove them in exchange for a gift card. The possibility has always existed to leave poor reviews on Google Maps and elsewhere. However, seeing fraudsters get organised a...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/06/14 11:14 a.m.58 views

How to delete your Instagram account

Although sharing your day’s highlights in snapshots and videos on Instagram can be entertaining, some people claim to feel happier after deleting their accounts. Consuming media tailor-made to make other peoples lifestyles appear alluring can be addictive for some and induce anxiety in others. No...

0.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/23 11:13 a.m.58 views

How to choose the best VPN for you

If you’ve been shopping for a VPN service in 2021, you’ve probably noticed how many providers are available. Using a personal VPN has grown in popularity in recent years, and for good reason. You may no longer be asking, “Should I use one,” but rather, “Which one should I choose?” The answer migh...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/02/02 4:46 p.m.58 views

Credit card skimmer piggybacks on Magento 1 hacking spree

Back in the fall of 2020 threat actors started to massively exploit a vulnerability in the no-longer maintained Magento 1 software branch. As a result, thousands of e-commerce shops were compromised and many of them injected with credit card skimming code. While monitoring activities tied to this...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/05/20 3:15 p.m.58 views

10 best practices for MSPs to secure their clients and themselves from ransomware

Lock-downs and social distancing may be on, but when it comes to addressing the need for IT support—whether by current of potential clients—it’s business as usual for MSPs. And, boy, is it a struggle. On the one hand, they keep an eye on their remote workers to ensure they’re still doing their jo...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/12/04 4:0 p.m.58 views

There’s an app for that: web skimmers found on PaaS Heroku

Criminals love to abuse legitimate services—especially platform-as-a-service Paas cloud providers—as they are a popular and reliable hosting commodity used to support both business and consumer ventures. Case in point, in April 2019 we documented a web skimmer served on code repository GitHub...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/06/11 3:0 p.m.58 views

Cybersecurity pros think the enemy is winning

There is a saying in security that the bad guys are always one step ahead of defense. Two new sets of research reveal that the constant cat-and-mouse game is wearing on security professionals, and many feel they are losing in the war against cybercriminals. The first figures are from the...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/03/06 4:0 p.m.58 views

Spotlight on Troldesh ransomware, aka ‘Shade’

Despite the decline in the number of ransomware infections over the last year, there are several ransomware families that are still active. Ransom.Troldesh, aka Shade, is one of them. According to our product telemetry, Shade has experienced a sharp increase in detections from Q4 2018 to Q1 2019...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/10/30 4:0 p.m.58 views

Removing the jam in your printer security

Printers are an important, invisible—albeit sometimes loud—component of the office. But all too often they’re filled with mystery meat icons, peculiar blinking lights, or error messages with no instruction manual to hand. No problem, you can just print at the next station! Wrong. Printers also...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/10/18 3:0 p.m.58 views

Information operations on Twitter: new data released on election tampering

Back in April, we talked about the wealth of options available to Russian hackers and others launching social engineering campaigns, whether on social networks or through clever attacks launched via Advanced Persistent Threats. Some of that was information published by Twitter at the time in...

0.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/08/13 4:37 p.m.58 views

A week in security (August 6 – August 12)

Last week, we published a review of exploit kits, talked about everyday tech that can give you a headache, and showed how to protect RDP access from ransomware. We also published a study on the true cost of cybercrime. Other news: Discovered at Black Hat: WhatsApp "message manipulation" Source: T...

Exploits0
Malwarebytes
Malwarebytes
added 2018/07/23 5:30 p.m.58 views

A week in security (July 16 – July 22)

Last week on Labs, we looked at a Magniber expansion, explored open source vulnerabilities, and checked out the boons and drawbacks of smart assistants. We also continued our ad blocking article extravaganza, gave a whistlestop tour of third-party problems, and published our Q2 Cybercrime tactics...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/07/11 3:0 p.m.58 views

IoT domestic abuse: What can we do to stop it?

Some 40 years ago, the sci-fi/horror film Demon Seed told the tale of a woman slowly imprisoned by a sentient AI, which invaded the smart home system her husband had designed to manage it. The AI locked doors, windows, turned off communications, and even put a synthesised version of her onscreen ...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/06/08 3:0 p.m.58 views

Tips for safe summer travels: your cybersecurity checklist

Summer is just around the corner in the Northern Hemisphere, and with it comes vacation plans for many. Those looking to take some time away from work and home are likely making plans to secure their home, have their pets taken care of, and tie up loose ends at work. But how about securing your...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/05/07 8:46 p.m.58 views

Mobile Menace Monday: re-emergence of a fake Android AV

Back in early 2013, a new mobile antivirus AV company called Armor for Android emerged into the mobile security software industry that had everyone perplexed. It seemed eerily like malware known as a Fake AV, and some even gave it that label. As a younger mobile researcher, I was one of those who...

0.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/02/01 7:11 p.m.58 views

Stop telephoning me-eh-eh-eh-eh: robocalls explained

If you've ever answered a call from anyone outside your contact list only to hear a recorded message playing back at you, you have just been robocalled. Unfortunately for American consumers, this happens several times a day, seven days a week. Suffice to say, this is beyond annoying—and it's...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/11/21 4:0 p.m.58 views

Text messages and the Bitcoin Code: follow the money trail

I was a bit surprised to receive lots of messages similar to the one below this past week: I mean, we've all done it—managed a bulk text spam campaign offering free Bitcoins in your spare time, while completely forgetting said business exists. Maybe I did it in my sleep? It's all gone a bit Fight...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/10/30 8:1 p.m.58 views

A week in security (October 23 – October 29)

Welcome back to "A week in security." Last week, we took a look at how deleted files can be recovered, explored the BadRabbit ransomware plague attacking Eastern Europe including a deep dive into the code, and talked about what it takes to work in security. One of our researchers, who is a PhD...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/08/29 5:10 p.m.58 views

419 spam: 10 million US dollars, courtesy of “Rev. Goodluck Ebola”

I'm not saying an email claiming to be from the "Central Bank of Nigeria" with a contact handler named "Rev. Goodluck Ebola" will raise too many red flags, but… Click to Enlarge CENTRAL BANK OF NIGERIA OFFICE OF THE GOVERNOR Zaria Street, Off Samuel Akintola Street,Garki 11, Garki-Abuja. Our Ref:...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/07/06 7:6 p.m.58 views

Report: Second quarter dominated by ransomware outbreaks

The second quarter of 2017 brought ransomware to unprecedented levels with worldwide outbreaks that went almost out of control. In scenarios reminiscent of yesteryears worms, WannaCry created global panic as it used a critical vulnerability in the SMBv1 protocol to propagate like wildfire. Within...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/02/13 4:51 p.m.57 views

TheTruthSpy stalkerware, still insecure, still leaking data

In 2022, we published an article about how photographs of children taken by a stalkerware-type app were found exposed on the internet because of poor cybersecurity practices by the app vendor. The stalkerware-type app involved, TheTruthSpy, has shown once again that the way in which it handles...

5CVSS7.5AI score0.0247EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2024/01/12 4:10 p.m.57 views

Joomla! vulnerability is being actively exploited

The Cybersecurity and Infrastructure Security Agency CISA has added a vulnerability for the Joomla! Content Management System CMS to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This means that Federal Civilian Executive Branch FCEB agencies need to...

5CVSS7.8AI score0.99827EPSS
Exploits43
Malwarebytes
Malwarebytes
added 2023/09/13 2:0 a.m.57 views

Patch now! September Microsoft Patch Tuesday includes two actively exploited zero-days

Microsoft's September 2023 Patch Tuesday is another important one. Not because it's a busy one, but because we have some special cases. Patch Tuesday includes security updates for 59 bugs, two of which are known to be actively exploited. The Cybersecurity & Infrastructure Security Agency CISA has...

7.5CVSS7.5AI score0.261EPSS
Exploits4
Malwarebytes
Malwarebytes
added 2023/08/18 6:45 p.m.57 views

Patch now! Citrix Sharefile joins the list of actively exploited file sharing software

The Cybersecurity and Infrastructure Security Agency CISA has added a vulnerability to its catalog of know exploited vulnerabilities, based on evidence of active exploitation. This means that Federal Civilian Executive Branch FCEB agencies need to remediate this vulnerability by September 6, 2023...

7.5CVSS8.2AI score0.95076EPSS
Exploits2
Malwarebytes
Malwarebytes
added 2023/07/25 3:0 a.m.57 views

Update now! Apple fixes several serious vulnerabilities

Apple has released security updates for several products to address several serious vulnerabilities including some actively exploited zero-days. Updates are available for these products: Safari 16.6 | macOS Big Sur and macOS Monterey ---|--- iOS 16.6 and iPadOS 16.6 | iPhone 8 and later, iPad Pro...

6.8CVSS7.3AI score0.1895EPSS
Exploits1
Malwarebytes
Malwarebytes
added 2023/04/26 4:0 a.m.57 views

Update your PaperCut application servers now: Exploits in the wild

PaperCut, maker of print management solutions, has urged product users to update as soon as possible. A security vulnerability which exploits unpatched servers has been seen in the wild, with serious ramifications for any organisation impacted. Two specific vulnerabilities are at the heart of thi...

9.1AI score0.99999EPSS
Exploits26
Malwarebytes
Malwarebytes
added 2022/08/18 8:0 p.m.57 views

Business Services industry targeted across the country for backdoor access

The presence of so many hacking tools in the detections for the Business Services industry tells a story about these organizations being targeted for not only infection, but to establish backdoors and likely gain access to customers of the organizations through the victims network. Just like...

4.6CVSS8.4AI score0.58132EPSS
Exploits17
Malwarebytes
Malwarebytes
added 2022/04/11 6:14 a.m.57 views

Why data protection and privacy are not the same, and why that matters: Lock and Code S03E09

Theres a mistake commonly made in the United States that a law that was passed to help people move their healthcare information to a new doctor or provider was actually passed to originally implement universal, wide-ranging privacy controls on that same type of information. This is the mixup with...

0.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/03/15 9:54 p.m.57 views

Escobar is the new Android banking Trojan we’ve met before

Aberebot, a known Android banking Trojan, has changed its name and returned loaded with new features. First spotted by @MalwareHunterTeam in early March, this mobile variant was renamed "Escobar"—a homage to the Colombian drug baron—and disguised itself as a McAfee app. It went by the package nam...

0.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/07/05 12:6 p.m.57 views

A week in security (June 28 – July 4)

Last week on Malwarebytes Labs: Is it Game Over for VR Advergaming? Lil’ skimmer, the Magecart impersonator What is the WireGuard VPN protocol? Binance receives the ban hammer from UK’s FCA Fired by algorithm: The future’s here and it’s a robot wearing a white collar Second colossal Linkedin...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/06/24 10:9 a.m.57 views

Brave takes aim at Google with privacy-first search engine

The privacy-forward web browser Brave launched its new search engine in beta on Wednesday, promising a more private experience that does not track user searches, build user profiles, or require the use of an external, pre-existing search index to deliver results. Clear from the company’s early...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/06/10 5:43 p.m.57 views

How a Resident Evil image leaked in a ransomware attack ended up in the middle of $12m copyright claim

Back in November, gaming giant Capcom suffered a ransomware attack. In its press notification, it mentioned the various types of data potentially grabbed by their attackers. Things took an ominous turn when they refused to pay the ransom, and the group behind the attack said that was the wrong...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/02/15 12:44 p.m.57 views

Gang arrested for SIM-swapping celebrities, stealing $100 million

The UKs National Crime Agency NCA—working alongside the US Secret Service, Homeland Security, the FBI, Europol, and the District Attorneys Office of Santa Clara California—spearheaded the arrest of eight British citizens in the UK and Scotland, aged between 18 to 26, for a string of SIM swapping...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/01/16 6:27 p.m.57 views

Explained: data enrichment

How do your favorite brands know to use your first name in the subject line of their emails? Why do you seem to get discounts and special offers on products you've recently purchased? Businesses are able to personalize their marketing messages thanks to data enrichment. Data enrichment applies to...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/11/26 8:30 p.m.57 views

Would ‘Medicare for All’ help secure health data?

DISCLAIMER: This post is not partisan, but rather focuses on risk assessment based on history and what threats we are facing in the future. We do not endorse any healthcare plan style in any way, outside of examining its data security risk. For many folks, the term ‘Healthcare for All’ brings up ...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/04/26 4:6 p.m.57 views

GitHub hosted Magecart skimmer used against hundreds of e-commerce sites

Every day, new e-commerce websites fall into the hands of one of the many Magecart skimmers. Unbeknownst to shoppers, criminals are harvesting their personal information, including payment details in the online equivalent of ATM card skimming. Most often the skimming code—written in JavaScript an...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/01/29 4:0 p.m.57 views

Interview with a malware hunter: Jérôme Segura

In our series "Interview with a malware hunter," our feature role today goes to Jérôme Segura, Malwarebytes’ Head of Threat Intelligence and world-renowned exploit kits researcher. The goal of this series is to introduce our readers to our malware intelligence crew by involving them in these Q&A...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/12/17 5:58 p.m.57 views

A week in security (December 10 – 16)

Last week on Labs, we took a look at some new Mac malware, a collection of various scraped data dumps, the protection of power grids, and how bad actors are using SMB vulnerabilities. Other cybersecurity news Millions affected by Facebook photo API bug: An issue granted third-party apps more acce...

0.1AI score
Exploits0
Total number of security vulnerabilities4707