Lucene search
K
MalwarebytesMost viewed

4706 matches found

Malwarebytes
Malwarebytes
added 2018/05/14 5:18 p.m.57 views

A week in security (May 7 – May 13)

Last week on Labs, we looked at the case of a fake Android AV, an annoying adware that goes by the name of Kuik, the return of threat actors behind the Shopper Stop tech scam, a new Netflix phishing scam, the recent zero-day vulnerability in Internet Explorer, and the insufficiency of merely...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/04/06 6:33 p.m.57 views

Physician, protect thyself: An ounce of prevention is worth a pound of cure

In part one of our Physician, protect thyself series, we recognized significant security problems within the healthcare industry that need addressing. Health organizations moving from the paper to the 'puter—a shift meant to improve care and overall patient experience—inadvertently introduced...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/03/19 4:53 p.m.57 views

A week in security (March 12 – March 18)

Last week on Malwarebytes Labs, we took a look at the inner workings of a fileless attack, explored what happened in a zero day ransomware attack aimed at South Koreans, gave you hints and tips for avoiding cold calls, and took a deep dive into the secretive world of GrayKey. Other news The Equif...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/02/27 5:30 p.m.57 views

How to protect your computer from malicious cryptomining

Noticing that your computer is running slow? While sometimes a telltale sign of infection, these days that seems doubly true. And the reason is: malicious cryptomining. So, what, exactly, is it? We'll tell you how bad this latest malware phenomenon is for you and your computer, plus what you can ...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/11/16 5:30 p.m.57 views

When you shouldn’t trust a trusted root certificate

Root certificates are the cornerstone of authentication and security in software and on the Internet. They're issued by a certified authority CA and, essentially, verify that the software/website owner is who they say they are. We have talked about certificates in general before, but a recent eve...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/10/25 8:29 p.m.57 views

When cybersecurity isn’t all cyber: What does it really take to work in cybersecurity?

With the multitude of breaches and outbreaks already witnessed in 2017, it's become clear that industries across all verticals are challenged by cybersecurity. This is a serious business problem that needs to be addressed ASAP. As much talk as there is about organizations getting hacked, scores o...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/08/29 5:10 p.m.57 views

419 spam: 10 million US dollars, courtesy of “Rev. Goodluck Ebola”

I'm not saying an email claiming to be from the "Central Bank of Nigeria" with a contact handler named "Rev. Goodluck Ebola" will raise too many red flags, but… Click to Enlarge CENTRAL BANK OF NIGERIA OFFICE OF THE GOVERNOR Zaria Street, Off Samuel Akintola Street,Garki 11, Garki-Abuja. Our Ref:...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/09/19 3:0 a.m.56 views

The mystery of the CVEs that are not vulnerabilities

A researcher specializing in Software Supply Chain security named Dan Lorenc recently raised an interesting topic on LinkedIn. 138 new vulnerabilities in open-source projects were all entered the same day to the CVE database. To understand what the problem is there are a few things youll need to...

1.7CVSS7.1AI score0.00359EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2023/03/07 4:0 a.m.56 views

DoppelPaymer ransomware group disrupted

Europol has announced it has arrested two suspected core members of the DoppelPaymer ransomware group. On 28 February, the German Regional Police and the Ukrainian National Police, with support from Europol, the Dutch Police, and the United States Federal Bureau of Investigations FBI, apprehended...

1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/07/20 8:10 p.m.56 views

Google ads lead to major malvertising campaign

Fraudsters have long been leveraging the shady corners of the internet to place malicious adverts, leading users to various scams. However, every now and again we see a campaign that goes mainstream and targets some of the worlds top brands. Case in point, we recently uncovered a malvertising cha...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/03/31 7:0 p.m.56 views

Tech support scam campaign targets Japanese visitors to PornHub

The Malwarebytes Threat Intelligence team has identified a malvertising campaign targeting Japanese users. The campaign they discovered was found to be using a cloaking technique to lure visitors of popular adult site PornHub to a decoy site at the domain mixhd.club. Cloaking Cloaking is a method...

0.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/06/24 10:9 a.m.56 views

Brave takes aim at Google with privacy-first search engine

The privacy-forward web browser Brave launched its new search engine in beta on Wednesday, promising a more private experience that does not track user searches, build user profiles, or require the use of an external, pre-existing search index to deliver results. Clear from the company’s early...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/15 5:17 p.m.56 views

“Huge upsurge” in DDoS attacks during pandemic

Researchers at Netscout have released a report analyzing the malicious internet traffic of 2020 and comparing it to the years before. Some of the results were as expected: Brute-forcing credentials and more targeting towards internet-connected devices were foreseeable and have been discussed at...

Exploits0
Malwarebytes
Malwarebytes
added 2020/01/22 4:0 p.m.56 views

WOOF locker: Unmasking the browser locker behind a stealthy tech support scam operation

Update 01-27-2020: Shortly after this blog was published we noticed that a large part of the infrastructure behind this browlock was taken down. The malicious server responsible for redirections is no longer responding and we have not observed any new live browlock from this 2 year old campaign. ...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/01/09 4:0 p.m.56 views

United States government-funded phones come pre-installed with unremovable malware

UPDATE: January 10, 2020 At time of original publication, we were not yet able to replicate the malware Android./Trojan.HiddenAds being dropped on our test device, though multiple users had reported that a variant of HiddenAds suddenly installed on their UMX mobile phone. As of today, we are now...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/10/17 5:30 p.m.56 views

Why all organizations must better protect sensitive data

About two weeks ago, National Cybersecurity Awareness Month NCSAM kicked off with a new message stressing personal responsibility for users keeping themselves safe online: “Own IT. Secure IT. Protect IT.” NCSAM asked users to consider best practices for both securing their own devices and...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/09/18 4:49 p.m.56 views

International students in UK targeted by visa scammers

A new visa scam has come to light targeting international students from China studying in the UK. At least, it’s being presented as new. In truth, it comes around every so often and has been on the radar for a few years. The scam works by presenting a threat to students’ immigration status and us...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/08/09 4:10 p.m.56 views

Backdoors are a security vulnerability

Last month, US Attorney General William Barr resurrected a government appeal to technology companies: Provide law enforcement with an infallible, “secure” method to access, unscramble, and read encrypted data stored on devices and sent across secure messaging services. Barr asked, in more accurat...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/08/05 3:44 p.m.56 views

A week in security (July 29 – August 4)

Last week on Malwarebytes Labs we discussed the security and privacy changes in Android Q, how to get your Equifax money and stay safe doing it, and we looked at the strategy of getting a board of directors to invest in government cybersecurity. We also reviewed how a Capital One breach exposed...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/03/28 3:0 p.m.56 views

US Congress proposes comprehensive federal data privacy legislation—finally

The United States might be the only country of its size—both in economy and population—to lack a comprehensive data privacy law protecting its citizens’ online lives. That could change this year. Never-ending cybersecurity breaches, recently-enacted international privacy laws, public outrage, and...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/03/20 3:0 p.m.56 views

Facebook’s history betrays its privacy pivot

Facebook CEO Mark Zuckerberg proposed a radical pivot for his company this month: it would start caring—really—about privacy, building out a new version of the platform that turns Facebook less into a public, open “town square” and more into a private, intimate “living room.” Zuckerberg promised...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/12/11 4:56 p.m.56 views

Data scraping treasure trove found in the wild

We bring word of yet more data exposure, in the form of “nonsensitive” data scraping to the tune of 66m records across 3 large databases. The information was apparently scraped from various sources and left to gather dust, for anyone lucky enough to stumble upon it. What is data scraping? The...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/10/22 4:23 p.m.57 views

A week in security (October 15 – 21)

Last week on Malwarebytes Labs, we went over how to build your own motion-activated security camera, wondered whether FIDO is the future instrument to replace passwords and usernames, informed you about information operations on Twitter, and released our Q3 Malwarebytes Labs Cybercrime Tactics an...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/08/03 3:0 p.m.56 views

Explained: What is big data?

If the pile of manure is big enough, you will find a gold coin in it eventually. This saying is used often to explain why anyone would use big data. Needless to say, in this day and age, the piles of data are so big, you might end up finding a pirate’s treasure. How big is the pile? But when is t...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/06/11 4:2 p.m.56 views

A week in security (June 4 – June 10)

Last week on Labs, we took a look at hidden mobile ads, the perils of social media spam, and how to shore up your landline defenses. We also took a deep dive into Emotet malware analysis, and gave you some summertime safety tips. Other news Update your Adobe Flash player if you haven't already...

0.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/05/21 3:0 p.m.56 views

Vote for Malwarebytes Labs: European Security Blogger Awards 2018

It's nearly time for Infosec Europe 2018, and that means it's also time to consider voting for your favourite security blogs, podcasts, video channels, and more for the upcoming European Security Blogger Awards. Thanks to your generous votes, we've been fortunate enough to pick up the award for...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/05/08 1:25 p.m.56 views

Tech support scam uses fake Shoppers Stop site to lure thousands

Update 2018-05-17: Shoppers Stop is a legitimate company based out of India and their brand was abused by scammers. These days, there are a lot of browser locker campaigns fueled by malvertising or redirection from hacked sites. But the Shoppers Stop tech scam campaign is actually a bit of both,...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/11/21 8:20 p.m.56 views

How the EU intends to battle fake news

Last week the European Union issued a press release to announce their next steps against fake news. These steps will be the launch of a public consultation and the setup of a high-level expert group representing academics, online platforms, news media, and civil society organizations. The first...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/09/18 3:31 p.m.56 views

[Updated] Infected CCleaner downloads from official servers

Update 9/19/2017: Avast posted a clarification explaining what happened and giving a timeline of the events. One point we should take note of is that the breach preceded the take-over of Piriform by Avast. Users that are unsure whether they were affected by this and whether their data may have be...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/10/06 12:45 p.m.55 views

Amazon Prime email scammer snatches defeat from the jaws of victory

More often than not, its our solemn duty on this site to keep you informed about the nature and tactics of dangerous, cunnning, and persistent cybercriminals. This is not one of those days. In fact, this is the oppposite of one of those days. This is about a passable spam email sent by a spammer...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/27 8:15 a.m.55 views

Patch now! Ivanti Endpoint Manager Mobile Authentication vulnerability used in the wild

The Cybersecurity and Infrastructure Security Agency CISA added one new vulnerability to its Known Exploited Vulnerabilities Catalog affecting Ivanti Endpoint Manager Mobile, based on evidence of active exploitation. All Federal Civilian Executive Branch FCEB agencies must remediate this...

7.5CVSS6.7AI score0.99999EPSS
Exploits14
Malwarebytes
Malwarebytes
added 2022/10/26 5:15 p.m.55 views

iPhone zero-day. Update your devices now!

It's time to update your Apple devices to ward off a zero-day threat discovered by an anonymous researcher. As is customary for Apple, the advisory revealing this attack is somewhat threadbare, and doesn't reveal a lot of information with regard to what's happening, but if you own an iPad or iPho...

7.9AI score0.01136EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2022/07/21 5:57 p.m.55 views

The Wren Eleanor story: Why you should keep your kids’ images off social media

TikTok moms have started a movement: Calling out potential creeps who follow child influencer accounts on the platform. The latest account in the spotlight is @wren.eleanor, a TikTok account with a massive 17.3 million followers. Its an impressive number and one that got the attention of armchair...

1.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/07/16 10:49 a.m.55 views

Does using a VPN slow down your Internet?

A Virtual Private Network VPN can stop others from snooping on or tampering with your Internet traffic. It does this by concealing your traffic inside an encrypted tunnel between you and your VPN provider. And because your traffic appears to join the the Internet from your VPN providers computer...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/07/08 4:45 p.m.55 views

Malspam banks on Kaseya ransomware attack

The Malwarebytes Threat Intelligence Team recently found a malicious spam campaign making the rounds and banking on the ransomware attack that forced Kaseya to shut down its VSA service. This is a classic example of an opportunistic attack conducted by potentially another threat actor/group off t...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/15 6:39 p.m.55 views

Chrome users, here’s how to opt out of the Google FLoC trial

Two weeks after Google launched a trial to replace run-of-the-mill online user tracking with new-fangled online user tracking, several companies and organizations have pushed back, criticizing the new technology—called FLoC—which is designed to respect peoples privacy more, as a detriment to user...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/09 12:9 p.m.55 views

Cryptomining containers caught coining cryptocurrency covertly

In traditional software development, programmers code an application in one computing environment before deploying it to a similar, but often slightly different environment. This leads to bugs or errors that only show up when the software is deployed—exactly when you need them least. To solve for...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/01/18 11:30 a.m.55 views

A week in security (January 11 – January 17)

Last week on Malwarebytes Labs, we looked at IoT problems, Microsoft’s Patch Tuesday, and how cybercriminals want access to your cloud services. We also explored how VPNs can protect your privacy, and asked if MSPs have picked the right PSA. Other cybersecurity news Hot phishing targets: Some...

Exploits0
Malwarebytes
Malwarebytes
added 2020/07/20 3:30 p.m.55 views

Lock and Code S1Ep11: Locating concerns of Bluetooth and beacon technology with Chris Boyd

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Chris Boyd, lead malware intelligence analyst for Malwarebytes, about Bluetooth and beacon technology. Last month, cybersecurity experts warned the publi...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/06/30 3:0 p.m.55 views

Bluetooth beacons: one free privacy debate with your next order

Apps and their permissions have been in the news recently, particularly in relation to tracking/privacy issues and Bluetooth. Why Bluetooth, though? What is it, and what is it doing to raise concerns in some security quarters? Bluetooth: your cool, then uncool, but mostly cool again cousin...

Exploits0
Malwarebytes
Malwarebytes
added 2020/06/09 3:0 p.m.55 views

ParetoLogic facing complaint of alleged wrongdoing

A short while ago we reported on the FTC ruling against payment provider RevenueWire. Now, another Canadian company is under scrutiny, and the cases are very much related. Not only are these companies hailing from the same city, they also share some founders. The company ParetoLogic is involved i...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/01/14 5:31 p.m.55 views

How to prevent a rootkit attack

If you're ever at the receiving end of a rootkit attack, then you'll understand why they are considered one of the most dangerous cyberthreats today. Rootkits are a type of malware designed to stay undetected on your computer. Cybercriminals use rootkits to remotely access and control your machin...

1.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/11/19 1:0 p.m.55 views

Malwarebytes teams up with security vendors and advocacy groups to launch Coalition Against Stalkerware

Today, Malwarebytes is announcing its participation in a joint effort to stop invasive digital surveillance: the Coalition Against Stalkerware. For years, Malwarebytes has detected and warned users about the potentially dangerous capabilities of stalkerware, an invasive threat that can rob...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/10/21 3:45 p.m.55 views

A week in security (October 14 – 20)

Last week on Malwarebytes Labs, we tried to unlock the future of the password its vulnerabilities, current alternatives, and possible future disappearance, analyzed the lagging response by many businesses in adopting a patch for Pulse VPN vulnerability, looked at Instagram’s bulked-up security...

Exploits0
Malwarebytes
Malwarebytes
added 2019/07/23 9:40 p.m.55 views

Your device, your choice: AdwCleaner now detects preinstalled software

For years, Malwarebytes has held firm to a core belief about you, the user: You should be able to decide for yourself which apps, programs, browsers, and other software end up on your computer, tablet, or mobile phone. Basically, it’s your device, your choice. With the latest update to Malwarebyt...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/12/05 1:1 p.m.55 views

New ‘Under the Radar’ report examines modern threats and future technologies

As if you haven't heard it enough from us, the threat landscape is changing. It's always changing, and usually not for the better. The new malware we see being developed and deployed in the wild have features and techniques that allow them to go beyond what they were originally able to do, either...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/09/17 3:56 p.m.55 views

A week in security (September 10 – 16)

Last week on Malwarebytes Labs, we assessed the security of a portable router, identified ways to waste a scammer's time, named the many faces of omnichannel fraud, questioned the security of 2FAs, profiled a massive tech support scam operation, and exposed a new HMRC phishing campaign. Other...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/08/30 3:41 p.m.55 views

Reversing malware in a custom format: Hidden Bee elements

Malware can be made of many components. Often, we encounter macros and scripts that work as malicious downloaders. Some functionalities can also be achieved by position-independent code—so-called shellcode. But when it comes to more complex elements or core modules, we almost take it for granted...

Exploits0
Malwarebytes
Malwarebytes
added 2018/08/20 5:33 p.m.55 views

A week in security (August 13 – August 19)

Last week on Malwarebytes Labs, we talked about how Process Doppelgänging meets Process Hollowing in the Osiris dropper, provided hints, tips, and links for a safer school year, gave a recap of Black Hat USA 2018, offered some tips for a secure content management system, highlighted a silly...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/07/11 6:15 p.m.55 views

We block shady ad blockers

Some of you have reached out to us concerning Malwarebytes blocking of certain ad blocking extensions, or an influx in web blocking notifications. First things first, this is not a false positive. Recently in their blog, AdGuard has discovered that numerous malicious ad blocking extensions were...

0.8AI score
Exploits0
Total number of security vulnerabilities4706