Lucene search
K
MalwarebytesMost viewed

4706 matches found

Malwarebytes
Malwarebytes
added 2018/05/09 5:0 p.m.55 views

Netflix phish claims your membership is on hold

The days of ugly-looking phish pages hosted on something akin to a Geocities page are slowly receding into the distance. For quite some time now, phish attacks have made attempts to look fairly sophisticated and stand a decent chance of fooling anyone not keeping their guard up. Today, we have a...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/04/20 4:0 p.m.55 views

Cloudflare’s new DNS service

Are you looking for a free way to speed up your internet and gain some extra privacy in the process? Keep reading, because Cloudflare the Web Performance & Security Company is offering a free new DNS service. And it helped me improve the speed of my DNS lookups. What is DNS? DNS is short for Doma...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/10/17 4:44 p.m.55 views

Release the KRACKen: flaw in Wi-Fi security leaves users vulnerable

A serious flaw in the wireless protocol that secures all modern protected Wi-Fi networks has been discovered. How serious? If your device supports Wi-Fi, it is most likely affected. This feasible attack, dubbed KRACK, could abuse design or implementation flaws in the Wi-Fi standard, not some...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/09/26 6:11 p.m.55 views

Keychain vulnerability in macOS

On Monday, Patrick Wardle, a respected security researcher at Synack and owner of Objective-See, sent a tweet about a keychain vulnerability he had found in macOS High Sierra. As his tweet showed, it is possible for a malicious app to extract, and then exfiltrate, keychain data from High Sierra,...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/09/13 3:0 p.m.55 views

Remediation vs. prevention: How to place your bets

Building a security environment for businesses these days is a gamble: layer on too much and your programs may be canceling each other out or causing redundancy and your leaders may be wondering why you're spending so much. Invest too little and get breached: it's snake eyes for you. Whether you...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/07/21 6:4 p.m.55 views

Play Protect: Android’s new security system is now available

Play Protect, a security suite for Android devices, was originally introduced in mid-May of this year during the Google I/O conference. And in just a couple of months, the tech giant has made it available for all their mobile users. Play Protect is the amalgamation of Google’s Android security...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/05/08 1:17 p.m.54 views

Passwords in the age of AI: We need to find alternatives

For decades, passwords have been our default method for keeping online accounts safe. But in the age of artificial intelligence, this traditional security method is facing challenges it was never built to withstand. A team at Cybernews conducted a study of over 19 billion newly exposed passwords...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/03/22 6:43 p.m.54 views

Canada revisits decision to ban Flipper Zero

In February 2024 the Canadian government announced plans to ban the sale of the Flipper Zero, mainly because of its reported use to steal cars. The Flipper Zero is a portable device that can be used in penetration testing with a focus on wireless devices and access control systems. If that doesnt...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/10/05 12:0 p.m.54 views

2023 MITRE ATT&CK® Evaluation results: Malwarebytes earns high marks for detection, blocks initial malware executions

MITRE Engenuity released its 2023 ATT&CK Evaluation results, with Malwarebytes blocking initial malware executions and earning high marks for detection. The evaluation tested 30 vendor solutions against Turla, a sophisticated Russia-based advanced persistent threat APT group with victims in over ...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/20 3:0 a.m.54 views

Google fixes "Bad.Build" Cloud Build flaw, researchers say it's not enough

Researchers at Orca Security have found a design flaw in the Google Cloud Build service. Attackers would have been able to gain Privilege Escalation resulting in unauthorized access to code repositories in Googles Artifact Registry. The researchers dubbed the vulnerability Bad.Build and say it...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/23 11:45 a.m.54 views

Update now! Apple issues patches for three actively used zero-days

Apple has rolled out security updates for Safari 16.5, watchOS 9.5, tvOS 16.5, iOS 16.5, iPadOS 16.5, iOS 15.7.6, iPadOS 15.7.6, macOS Big Sur 11.7.7, macOS Ventura 13.4, and macOS Monterey 12.6.6. Among the security updates were patches for three actively exploited zero-day vulnerabilities. All...

7.3AI score0.1653EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/04 6:0 p.m.54 views

Update VPN Plus Server now! Synology patches vulnerability with a CVSS of 10

Synology has issued an advisory about a vulnerability that allows remote attackers to execute arbitrary commands through a susceptible version of Synology VPN Plus Server. VPN Plus Server VPN Plus Server allows users to turn their Synology Router into a Virtual Rrivate Network VPN server. A VPN...

9.8AI score0.16841EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/25 10:0 a.m.54 views

Update now! GitLab issues critical security release for RCE vulnerability

GitLab has released versions 15.3.1, 15.2.3, 15.1.5 for GitLab Community Edition CE and Enterprise Edition EE. These versions contain important security fixes, and its recommended that all GitLab installations be upgraded to one of these versions immediately. GitLab.com is already running the...

10AI score0.75718EPSS
Exploits4
Malwarebytes
Malwarebytes
added 2022/07/29 4:33 p.m.54 views

The ransomware landscape changes as fewer victims decide to pay

Fewer victims are choosing to pay their ransomware extorters, especially among large enterprises, according to a recent investigation from Coveware. As a result of this, and other circumstances, we can see some shifts in the way that ransomware groups and their affiliates work. Large organization...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/12/29 5:12 p.m.54 views

The three most significant cyberattacks of 2021

People that predict tomorrow’s weather by looking at today’s are often right. Cloudy today? Itll probably be cloudy tomorrow. The same is often true for cybersecurity threats. Looking back at 2021 it looks a lot like 2020: A lot of ransomware attacks. So, when I was asked to write about the three...

8.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/10/28 11:6 a.m.54 views

What is fileless malware?

Unlike traditional malware, which relies on a file being written to a disk, fileless malware is intended to be memory resident only, ideally leaving no trace after its execution. The malicious payload exists in the computer’s memory, which means nothing is ever written directly to the hard drive...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/07/12 1:50 p.m.54 views

Nope, that isn’t Elon Musk, and he isn’t offering a free Topmist Dust watch either

Elon Musk is an incredibly popular target for scammers and spammers on social media. Attach his name to something he has no involvement in and watch it fly. Verified accounts on Twitter continue to be favourites for account compromise / fake Elon scams. Those often turn out to be Bitcoin related...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/06/01 7:9 p.m.54 views

Cobalt Strike, a penetration testing tool abused by criminals

If you were to compose a list of tools and software developed by security and privacy defenders that ended up being abused by the bad guys, then Cobalt Strike would unfortunately be near the top of the list. Maybe only Metasploit could give it a run for the first place ranking. Metasploit—probabl...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/05 4:8 p.m.54 views

A week in security (March 29 – April 4)

Last week on Malwarebytes Labs, our podcast featured Malwarebytes senior security researcher JP Taggart, who talked to us about why you need to trust your VPN. You’ve likely heard the benefits of using a VPN: You can watch TV shows restricted to certain countries, you can encrypt your web traffic...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/17 10:0 a.m.54 views

Teen behind 2020 Twitter hack pleads guilty

The so-called “mastermind” behind the 2020 Twitter hack that compromised the accounts of several celebrities and public figures—including President Barack Obama, Bill Gates, and Elon Musk—pleaded guilty to several charges on Tuesday in a Florida court. As part of an agreed-upon plea deal with...

Exploits0
Malwarebytes
Malwarebytes
added 2021/02/11 12:37 a.m.54 views

What Google learned from 1 billion evil email scams

Google and researchers at Stanford University have released an in-depth study analysing 5 months of phishing / malware mails sent globally. "Who is targeted by email-based phishing and malware? Measuring factors that differentiate risk" looked at more than a billion mails. The results were then f...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/04/30 3:11 p.m.54 views

Cybersecurity and the economy: when recession strikes

Cybercrime and the economy have always been intertwined, but with COVID-19 on the road to causing a seemingly inevitable global recession, many are asking what, exactly, will the impact be on cybercrime. Will criminals step up and increase malware production, ramp up phishing attacks, do whatever...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/04/07 6:27 p.m.54 views

Copycat criminals abuse Malwarebytes brand in malvertising campaign

While exploit kit activity has been fairly quiet for some time now, we recently discovered a threat actor creating a copycat—fake—Malwarebytes website that was used as a gate to the Fallout EK, which distributes the Raccoon stealer. The few malvertising campaigns that remain are often found on...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/03/12 6:2 p.m.54 views

Coronavirus impacts security conferences and events: check your schedule

With coronavirus starting to take hold globally, international travel restrictions are kicking in and more workplaces are advising to work from home whenever possible. When self-isolation is a potential solution, public gatherings are increasingly looking like a terrible idea. Events are becoming...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/02/10 4:46 p.m.54 views

A week in security (February 3 – 9)

Last week on Malwarebytes Labs, we looked at Washington state’s latest efforts in providing better data privacy rights for their residents, and we dove into some of the many questions regarding fintech: What is it? How secure is it? And what are some of the problems in the space? We also detailed...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/08/19 5:55 p.m.54 views

A week in security (August 12 – 18)

Last week on Malwarebytes Labs, we took a look at the potential pitfalls of facial recognition technology, looked at ways domestic abuse survivors can secure their data, and explored the education threat landscape. We also kicked off a series looking at the Hidden Bee infection chain, and put...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/08/08 2:0 p.m.54 views

Labs quarterly report finds ransomware’s gone rampant against businesses

Ransomware's back—so much so that we created an entire report on it. For 10 quarters, we've covered cybercrime tactics and techniques, covering a wide range of threats we saw lodged against consumers and businesses through our product telemetry, honeypots, and threat intelligence. We've looked at...

0.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/06/11 4:57 p.m.54 views

Maine governor signs ISP privacy bill

Less than one week after Maine Governor Janet Mills received one of the nation’s most privacy-protective state bills on her desk, she signed it into law. The move makes Maine the latest US state to implement its own online privacy protections. The law, which will go into effect July 1, 2020, bloc...

Exploits0
Malwarebytes
Malwarebytes
added 2019/04/15 2:42 p.m.54 views

A week in security (April 8 – 14)

Last week on Labs, we said hello to Baldr, a new stealer on the market, we wondered who is managing the security of medical management apps, discussed the different perceptions of personal information, and we looked at fake Instagram assistance apps found on Google Play that are stealing password...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/10/29 5:0 p.m.54 views

A week in security (October 22 – 28)

Last week on Malwarebytes Labs, we took a look at some new Mac malware, gave you a roundup of 2018 exploit kits, and dispensed some advice on sextortion scams. We also looked at the Cathay Pacific breach, groaned at the revival of an old browser trick, and explained how voting machines and...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/10/04 3:0 p.m.54 views

LoJack for computers used to attack European government bodies

Security researchers have detected the first known instance of a UEFI bootkit being used in targeted campaigns against government entities across Central and Eastern Europe. The attack focuses on UFEI-enabled computers and relies on a persistence mechanism that has been stolen from a legitimate,...

1.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/09/26 3:0 p.m.54 views

Holes found in Mojave’s privacy protection

macOS Mojave was released on Monday, September 24, with much promise of increased privacy protections. In particular, apps are now required to get permission from users before they can access data in certain locations, such as Mail data, contacts, calendar events, Safari user data, and more...

0.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/09/24 5:3 p.m.54 views

A week in security (September 17 – 23)

Last week, we took a look at a low level spam campaign on Twitter, explored the signs of falling victim to phishing, and examined a massive WordPress compromise. We also explained some SASL vulnerabilities and covered a breaking Emotet spam campaign. Other cybersecurity news: NewEgg attacked by...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/08/09 3:0 p.m.54 views

8 everyday technologies that can make you vulnerable to cyberattacks

The technological advances of the modern world make for an exciting and convenient lifestyle. With each new development, from artificial intelligence to the Internet of Things, we make the mundane and tedious more manageable. The security vulnerabilities of the latest tech have been well...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/07/17 3:0 p.m.54 views

5 ways to find and fix open source vulnerabilities

Guest post by Limor Wainstein A recent discovery of surreptitious execution of cryptomining code by a sandboxed app, riding piggyback on the open source software OSS ecosystem, raises pertinent questions about the security of open source code and its dependencies. Programmers often use OSS as a...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/05/29 7:12 p.m.54 views

SEO poisoning: Is it worth it?

Search Engine Optimization SEO poisoning basically comes down to getting your web page high in the rankings for relevant search results without buying advertisements or using legitimate, but tedious, SEO best practices. Instead, threat actors use illegal means to push their page to the top...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/04/11 3:0 p.m.54 views

Keeping your business and personal instant messages secure

Most people want to know their instant messages are securely wrapped up—whether that's for personal privacy or making sure online scammers can't grab the message content. If you're sending text on a sensitive topic, or perhaps some photo attachments intended for one person only, you definitely...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/03/29 4:0 p.m.54 views

The data breach epidemic: no info is safe

By now it’s obvious that data security technology and protocols haven’t kept pace with the needs of consumers. Even as more people trust their most sensitive personal information to online apps and services, databases are routinely exposed. In 2017 alone, we learned about massive data breaches fr...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/11/10 3:0 a.m.54 views

Singles’ Day deal seekers beware

Originally a day set aside for singles in China to be proud of their singlehood, Singles' Day has been transformed into what is arguably the world’s single largest e-commerce festival, thanks to the involvement of The Alibaba Group. In fact, the Alibaba Group alone reported $17.8 billion in sales...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/10/24 9:53 p.m.54 views

BadRabbit ransomware strikes Eastern Europe

A new strain of ransomware called BadRabbit is spreading through Eastern Europe. Likely created by the same authors as the Petya/Not Petya ransomware outbreak in June, BadRabbit ransomware uses a website to drop a fake Flash update and then drops its payload. Click to view slideshow. Countries we...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/10/12 4:0 p.m.54 views

Labs report: summer ushers in unprecedented season of breaches

In this edition of the Malwarebytes Cybercrime Tactics and Techniques report for the third quarter of 2017, we saw a number of high profile breaches targeting the personal information of hundreds of millions of people. While the Equifax breach may have dominated the news cycle, notable attacks...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/10/11 5:15 p.m.54 views

A new kind of Apple phishing scam

In a recent blog post, Felix Krause revealed a method for phishing Apple ID passwords on iOS that would be quite indistinguishable from a real iOS password request. This got us thinking about the ramifications—how else could this tactic be used in the Apple ecosystem, and what kind of damage coul...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/10/10 5:13 p.m.54 views

Make way for the GDPR: Is your business ready?

In Week 2 of National Cyber Security Awareness Month NCSAM, the spotlight is on businesses—particularly, their more profound need to take cybersecurity seriously in this age of breaches. And what better way for them to start this off than to think about how they can improve on handling and storin...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/08/07 3:30 p.m.54 views

Apple phish: Summary report statement

If the following message lands in your mailbox, you may wish to throw on your "This is highly suspicious" cap before proceeding further: The email is titled RE: Summary Report Statement login and update account 08/05/2017 Note the old spammer trick of placing "RE:" at the start to make you think...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/07/17 7:43 p.m.54 views

A week in security (July 10 – July 16)

Last week, we took a look at some of your malware infection stories, took a stroll through the basics of PowerShell, explored a piece of .NET malware, and shone the spotlight on the Petya ransomware family. Elsewhere, the following stories were taking place: Latest updates for Consumers...

6.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/04/10 4:16 p.m.53 views

Fake Claude site installs malware that gives attackers access to your computer

Claude’s rapid growth—nearly 290 million web visits per month—has made it an attractive target for attackers, and this campaign shows how easy it is to fall for a fake site. We discovered a fake website impersonating Anthropic’s Claude to serve a trojanized installer. The domain mimics Claude's...

6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/03/06 12:45 p.m.53 views

Update your iPhones and iPads now: Apple patches security vulnerabilities in iOS and iPadOS

Apple has released a security update for iOS and iPadOS to patch two zero-day vulnerabilities which are reported to already have been exploited. Zero-day vulnerabilities are discovered by attackers before the software company itself - meaning the vendor has zero days to fix them. Both the two...

4.3CVSS7.1AI score0.01481EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2024/01/24 10:37 a.m.53 views

Update now! Apple releases patch for zero-day vulnerability

Apple has released new security updates for several products, including a patch for a zero-day vulnerability that could impact iPhones, iPad, Macs, and Apple TVs. Apple says it’s aware of a report that the bug may have been exploited already. Further details about the nature of the vulnerability...

6.8CVSS7.3AI score0.10593EPSS
Exploits6
Malwarebytes
Malwarebytes
added 2023/07/13 1:0 a.m.53 views

Zero-day deploys remote code execution vulnerability via Word documents

An unpatched zero-day vulnerability is currently being abused in the wild, targeting those with an interest in Ukraine. Microsoft reports that CVE-2023-36884 is tied to reports of: …a series of remote code execution vulnerabilities impacting Windows and Office products. Microsoft is aware of...

6.8CVSS7.5AI score0.98998EPSS
Exploits3
Malwarebytes
Malwarebytes
added 2022/10/28 9:45 p.m.53 views

A Chrome fix for an in-the-wild exploit is out—Check your version

Google has announced an update for Chrome that fixes an in-the-wild exploit. Chrome Stable channel has been updated to 107.0.5304.87 for Mac and Linux, and 107.0.5304.87/.88 for Windows. The vulnerability at hand is described as a type confusion issue in the V8 Javascript engine. Mitigation If...

9AI score0.0675EPSS
Exploits1
Total number of security vulnerabilities4706