Lucene search
K
MalwarebytesMost viewed

4707 matches found

Malwarebytes
Malwarebytes
added 2023/05/12 3:0 p.m.50 views

Sponsored Twitter post uses fake BBC News site to boost slippery oil trading app

A sponsored post on Twitter promises to offer the benefits of obtaining citizenship, but really just wants to lure you into some form of Forex trading AI scheme. This tangled web also includes faked BBC web pages and suspicious-looking website reviews to round the whole thing off. Shall we take a...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/17 4:0 a.m.50 views

Update Chrome now! Google patches actively exploited flaw

In a recent security advisory, Google says it patched a high-severity zero-day security flaw in its Chrome browser--the first in 2023--currently being exploited in the wild by threat actors. The company urges all its Windows, Mac, and Linux users to update to version 112.0.5615.121 immediately, a...

8.8AI score0.40798EPSS
Exploits1
Malwarebytes
Malwarebytes
added 2023/02/15 2:0 a.m.50 views

Update now! Apple patches vulnerabilities in MacOS and iOS

Apple has released information about the new security content of macOS Ventura 13.2.1 and of iOS 16.3.1 and iPadOS 16.3.1. Most prominent is a vulnerability in WebKit that may have been actively exploited. In December, 2022, we warned our readers about another actively exploited vulnerability in...

0.1AI score0.09426EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/26 1:30 p.m.50 views

5 facts about Vice Society, the ransomware group wreaking havoc on the education sector

Move over Lockbit, there's a new ransomware-as-a-service RaaS player in town attacking the education sector--and its name is Vice Society. Vice Society is believed to be a Russian-based intrusion, exfiltration, and extortion group. And their ideal prey? You guessed it: universities, colleges, and...

0.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/12/22 3:0 a.m.50 views

Sharing Netflix, Disney+, other passwords is illegal, according to new guidance

The Intellectual Property Office IPO, the UK government body overseeing intellectual property rights in the UK, has quietly released new guidance on piracy and online counterfeit goods. This campaign is a joint effort between IPO and Meta, Facebooks parent company. The general issue on piracy is...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/05/06 8:59 a.m.50 views

Ransomware: April 2022 review

The Malwarebytes Threat Intelligence team monitors the threat landscape continuously and produces monthly ransomware reports based on a mixture of proprietary and open-source intelligence. April 2022 was most notable for the emergence of three new ransomware-as-a-service RaaS groups—Onyx, Mindwar...

Exploits0
Malwarebytes
Malwarebytes
added 2021/10/20 2:12 p.m.50 views

How to delete your Snapchat account

Snapchat is an instant messaging app popular with youngsters that allows users to send pictures and videos that are only viewable for short periods. But while hundreds of millions of daily active users consume and create content with Snapchat, not everyone is pleased with the mobile app. One of t...

0.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/10/18 1:37 p.m.50 views

Multiple vulnerabilities in popular WordPress plugin WP Fastest Cache

Multiple vulnerabilities have been found in the popular WordPress plugin WP Fastest Cache during an internal audit by the Jetpack Scan team. Jetpack reports that it found an Authenticated SQL Injection vulnerability and a Stored XSS Cross-Site Scripting via Cross-Site Request Forgery CSRF issue. ...

9.8AI score0.01178EPSS
Exploits1
Malwarebytes
Malwarebytes
added 2021/10/08 9:54 p.m.50 views

Firefox reveals sponsored ad “suggestions” in search and address bar

Mozilla is trying a novel experiment into striking a balance between ad revenue generation and privacy protection by implementing a new way to deliver ads in its Firefox web browser—presenting them as “suggestions” whenever users type into the dual-use search and URL address bar. The advertising...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/08/17 2:12 p.m.50 views

Analysts “strongly believe” the Russian state colludes with ransomware gangs

"We have the smoke, the smell of gunpowder and a bullet casing. But we do not have the gun to link the activity to the Kremlin." This is what Jon DiMaggio, Chief Security Stretegist for Analyst1, said in an interview with CBS News following the release of its latest whitepaper, entitled "Nation...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/07/19 1:41 p.m.50 views

Beware, crypto-scammer seeks foreigner with BLOCK CHAIN ACCOUNT

We’ve observed a 419-style scam also known as an advance fee scam which combines the promise of cryptocurrency riches with WhatsApp conversation. The mail, which arrived with the subject "Urgent respond", begins as follows: Greetings to you my friend, My name is Haifa Kalfan, I am the Store manag...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/06/04 2:1 p.m.50 views

Ransomware to be investigated like terrorism

The impact of recent ransomware attacks on vital infrastructure in the US has triggered a reaction from the US Attorney’s office. In an internal guidance it says that all ransomware investigations in the field should be centrally coordinated with a recently created task force in Washington...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/05/14 8:26 a.m.50 views

WhatsApp calls and messages will break unless you share data with Facebook

WhatsApp told users last week that there was no need for alarm regarding an upcoming privacy policy deadline, as users who refuse to accept the privacy policy will not have their accounts deleted—they will just have their apps rendered useless, eventually incapable of receiving calls and messages...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/25 6:37 p.m.50 views

Slack hurries to fix direct message flaw that allowed harassment

The enormous work messaging platform Slack quickly reversed course yesterday, promising to revise a brand-new direct message feature that could have been misused for harassment. Added to the company’s “Slack Connect” product—which lets enterprise users share messages with contract workers and...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/18 12:1 p.m.50 views

HelloKitty: When Cyberpunk met cy-purr-crime

On February 9, after discovering a compromise, CD Projekt Red CDPR announced to its 1+ million followers on Twitter that it was the victim of a ransomware attack against its systems and made it clear they would not yield to the demands of the threat actors, nor negotiate. Cyberpunk 2077, the late...

Exploits0
Malwarebytes
Malwarebytes
added 2021/02/17 4:26 p.m.50 views

Clubhouse under scrutiny for sending data to Chinese servers

The audio-chat app Clubhouse is the latest rage in the social media landscape. What makes it so popular and, now its part of the social media landscape, can we trust it? The Clubhouse app Clubhouse was launched about a year ago and was initially only used by Silicon Valley’s rich and famous. It i...

0.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/09/14 2:49 p.m.50 views

Lock and Code S1Ep15: Safely using Google Chrome Extensions with Pieter Arntz

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Pieter Arntz, malware intelligence researcher for Malwarebytes, about Google Chrome extensions. These sometimes helpful online tools that work directly...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/04/29 3:15 p.m.50 views

VPNs are mainstream, which is good news

Virtual private networks VPNs have been growing in popularity for the last three years, a notable trend revealed in a collaborative report PDF by Top10VPN and GlobalWebIndex. This year is no different. When a majority of the world’s internet users are in isolation due to the COVID-19 global...

Exploits0
Malwarebytes
Malwarebytes
added 2019/12/11 5:51 p.m.50 views

The little-known ways mobile device sensors can be exploited by cybercriminals

The bevy of mobile device sensors in modern smartphones and tablets make them more akin to pocket-sized laboratories and media studios than mere communication devices. Cameras, microphones, accelerometers, and gyroscopes give incredible flexibility to app developers and utility to mobile device...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/08/20 4:42 p.m.50 views

DEF CON 27 retrospective: badge life redux

Kickstarter or DEF CON attendee? Be forewarned, this light overview contains some mild spoilers. If you want the purest “Da Bomb” experience with no web-based OSINT hints, read no further. I’m not revealing any earth-shattering secrets here, but figured it was worth mentioning. Also DEF CON is ov...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/03/27 4:0 p.m.50 views

Location data leaks from family tracking app database

An app called Family Locator, which allows family members to keep track of one another recently experienced an exposed database issue of the worst kind. Specifically: the MongoDB database was left exposed with no password, like so many other recent infosec tales of woe. The end result is the...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/11/02 7:53 p.m.50 views

IRISSCON security conference comes to Dublin in November

It's that time of the year when IRISSCON—the biggest security conference in Ireland, in my humble opinion—springs into life with a great collection of talks and Capture the Flag events. Held on November 23 in Dublin, there will be a strong focus on working in Infosec this year, alongside some of...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/09/21 8:24 p.m.50 views

Don’t let these gaming threats give you a Game Over

With EGX, the biggest gaming event in the UK opening its doors today, we thought it'd be timely to remind you of some of the threats currently facing gamers. No matter what type of game, client, or system you use, there's always something waiting to try and give you a bad day where the safety of...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/08/21 4:2 p.m.50 views

A week in security (August 14 – August 20)

Last week, we gave some security tips for parents and kids aimed at the new school term. We also took a peek at the inside of the Kronos malware, focusing on how it works and protects itself. And, once again, we spotted a return of Locky ransomware with two new flavors at once, diablo6 and Lukitu...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/07/21 3:0 p.m.50 views

7 tips to stay cyber safe this summer

You’ve probably already seen the back-to-school ads on TV and rolled your eyes a little bit. We’re with you: There’s still plenty of summer left. That’s why we want to remind you about some of the cybersecurity pitfalls you might encounter during the remainder of the summer season. Whether you’re...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/03/05 11:7 a.m.49 views

Windows File Shredder: When deleting a file isn’t enough

Most of us think deleting a file means it’s gone for good. But “delete” on a Windows device often just means “out of sight,” not necessarily “out of reach.” That’s where File Shredder, a new feature within Malwarebytes Tools for Windows, comes in. File Shredder lets you securely delete files from...

5.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/03/20 6:4 p.m.49 views

Semrush impersonation scam hits Google Ads

This blog post was co-authored with Elie Berreby, Senior SEO Strategist Criminals are highly interested in online marketing and advertising tools that they can leverage as part of their ongoing malware campaigns. In particular, we have previously detailed how Google advertiser accounts can be...

6.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/01/19 1:2 p.m.49 views

CISA urges urgent patching of two actively exploited Citrix NetScaler vulnerabilities

The Cybersecurity and Infrastructure Security Agency CISA has added two Citrix NetScaler vulnerabilities to its Known Exploited Vulnerabilities catalog, and it has set the “due date” a week after they were added. Federal Civilian Executive Branch FCEB agencies are handed specific deadlines for wh...

6.5CVSS8.6AI score0.57633EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2023/08/23 4:30 p.m.49 views

[updated] Ivanti Sentry critical vulnerability—don't play dice, patch

Ivanti has published a security blog post about a vulnerability in Ivanti Sentry, formerly MobileIron Sentry. Successful exploitation of the vulnerability would enable an unauthenticated attacker to access some sensitive APIs that are used to configure Ivanti Sentry on the administrator portal...

7.5CVSS10.1AI score0.99999EPSS
Exploits20
Malwarebytes
Malwarebytes
added 2023/07/24 2:0 a.m.49 views

A week in security (July 17 - 23)

Last week on Malwarebytes Labs: CISA: You've got two weeks to patch Citrix NetScaler vulnerability CVE-2023-3519 Estee Lauder targeted by Cl0p and BlackCat ransomware groups Google fixes "Bad.Build" Cloud Build flaw, researchers say it's not enough Accidental VirusTotal upload is a valuable...

7.5CVSS7AI score0.99445EPSS
Exploits16
Malwarebytes
Malwarebytes
added 2023/04/11 3:0 a.m.49 views

Apple releases emergency updates for two known-to-be-exploited vulnerabilities

On Friday April 7, 2023, Apple released iOS 16.4.1, iPadOS 16.4.1, and macOS 13.3.1 for the iPhone, iPad, and Mac, respectively, and our advice is to install them as soon as possible because all three updates include important security fixes. The Cybersecurity and Infrastructure Security Agency...

9.2AI score0.27076EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/15 4:0 p.m.49 views

JSSLoader: the shellcode edition

The Malwarebytes Threat Intelligence team observed a malspam campaign in late June that we attribute to the FIN7 APT group. One of the samples was also reported on Twitter by Josh Trombley; during execution, it was observed to drop a secondary payload, written in .NET. Details about FIN7 campaign...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/03/04 5:18 p.m.49 views

HermeticWiper: A detailed analysis of the destructive malware that targeted Ukraine

This blog post was authored by Hasherezade, Ankur Saini and Roberto Santos Disk wipers are one particular type of malware often used against Ukraine. The implementation and quality of those wipers vary, and may suggest different hired developers. The day before the invasion on Ukraine by Russian...

Exploits0
Malwarebytes
Malwarebytes
added 2022/02/11 11:27 a.m.49 views

Update now! Apple fixes actively exploited zero-day

Apple has released a security fix for a zero-day vulnerability CVE-2022-22620 that it says "may have been actively exploited." According to the security update information provided by Apple the vulnerability exists in WebKit—the HTML rendering engine component of its Safari browser—and can be use...

9.4AI score0.16342EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2021/08/16 3:7 p.m.49 views

Katie Moussouris hacked Clubhouse. Her emails went unanswered for weeks: Lock and Code S02E15

Nearly one year after the exclusive app Clubhouse launched on the iOS store, its popularity skyrocketed. The app, which is now out of beta, lets users drop into spontaneous audio conversations that, once they are over, are over. With COVID lockdown procedures separating many people around the wor...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/07/01 6:27 p.m.49 views

Microsoft exec reveals “routine” secrecy orders from government investigators

Microsoft executive Tom Burt told Congressional lawmakers Wednesday that Federal law enforcement agencies send “routine” secret orders for customer information from the Seattle-based company, numbering anywhere from 2,400 to 3,500 such requests a year. “While the recent news about secret...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/06/28 9:32 a.m.49 views

A week in security (June 21 – June 27)

Last week on Malwarebytes Labs: Want to stop ransomware attacks? Send the cybercriminals to jail, says Brian Honan: Lock and Code S02E11 Atomic research institute breached via VPN vulnerability Hotel staff bust Hermes SMS scammer with suspiciously large number of cables City of Liège hit by...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/06/21 10:2 a.m.49 views

A week in security (June 14 – June 20)

Last week on Malwarebytes Labs: How to delete your Instagram account. Working from home? You’re probably being spied on. Another one bites the dust: Avaddon ransomware group shuts down operation. Patch now! Apple fixes in-the-wild iPhone vulnerabilities. Windows 10 to retire in four years or 52...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/06/07 12:22 p.m.49 views

White hat, black hat, grey hat hackers: What’s the difference?

When you think of the world of ethical hackers white hat, malicious hackers black hat, and hackers that flirt with both sides grey hat, you may envision people in shiny trench coats and dark glasses, whose computer skills are only matched by their prowess in martial arts. The truth is that hacker...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/27 9:36 a.m.49 views

Password manager hijacked to deliver malware in supply chain attack

In the latest example of a supply chain attack, cybercriminals delivered malware to customers of the business password manager Passwordstate by breaching its developer’s networks and then deploying a fraudulent update last week, said Passwordstate’s maker, Click Studios. Though the number of...

1.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/17 3:26 p.m.49 views

Apple shines and buffs Mac security—Is it enough to stop today’s malware?

There’s a lot going on in the Mac security world lately. Over the last few months, Apple has ramped up security efforts across its platforms. From an endpoint security framework overhaul of macOS Catalina to phasing out kernel extensions, the tech giant has been battening down the...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/01/14 8:29 p.m.49 views

Cybercriminals want your cloud services accounts, CISA warns

On January 13 the Cybersecurity and Infrastructure Security Agency CISA issued a warning about several recent successful cyberattacks on various organizations’ cloud services. What methods did the attackers use? In the initial phase, the victims were targeted by phishing emails trying to capture...

1.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/12/30 4:0 p.m.49 views

The most enticing cyberattacks of 2020

This is part one of a two-part series. To read about the strangest cybersecurity events of 2020, read our second story here. In 2020, we experienced a major shift. Much of the world pitched in to limit the spread of the coronavirus, with people changing their daily routines to include a mixture o...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/08/27 3:0 p.m.49 views

Missing person scams: what to watch out for

Social media has a long history of people asking for help or giving advice to other users. One common feature is the ubiquitous “missing person” post. You’ve almost certainly seen one, and may well have amplified such a Facebook post, or Tweet, or even blog. The sheer reach and virality of social...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/05/06 3:59 p.m.49 views

New Mac variant of Lazarus Dacls RAT distributed via Trojanized 2FA app

This blog post was authored by Hossein Jazi, Thomas Reed and Jérôme Segura. We recently identified what we believe is a new variant of the Dacls Remote Access Trojan RAT associated with North Korea's Lazarus group, designed specifically for the Mac operating system. Dacls is a RAT that was...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/03/09 3:0 p.m.49 views

International Women’s Day: awareness of stalkerware, monitoring, and spyware apps on the rise

Nine months ago, Malwarbytes recommitted itself to detecting invasive monitoring apps that can lead to the excessive harm of women—most commonly known as stalkerware. We pledged to raise public awareness, reach out to advocacy groups, and share samples and intelligence with other security vendors...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/02/27 6:34 p.m.49 views

Mac adware is more sophisticated and dangerous than traditional Mac malware

As the data revealed in our State of Malware report showed, Mac threats are on the rise, but they are not the same type of threats experienced by Windows users. Most notably, more traditional forms of malware, such as ransomware, spyware, and backdoors account for over 27 percent of all Windows...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/01/29 6:50 p.m.49 views

Spear phishing 101: what you need to know

Phishing, a cyberattack method as old as viruses and Nigerian Princes, continues to be one of the most popular means of initiating a breach against individuals and organizations, even in 2020. The tactic is so effective, it has spawned a multitude of sub-methods, including smishing phishing via...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/09/11 7:29 p.m.49 views

Vital infrastructure: emergency services

Organizations in the emergency services sector are there for the public to provide help when situations get out of hand or are too much to handle. This can be because the problem requires special tools and skills to use them, and the organizations are set up to provide assistance at short notice...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/09/10 4:41 p.m.49 views

300 shades of gray: a look into free mobile VPN apps

The times, they are a changin'. When users once felt free to browse the Internet anonymously, post about their innermost lives on social media, and download apps with frivolity, folks are playing things a little closer to the vest these days. Nowadays, users are paying more attention to privacy a...

6.7AI score
Exploits0
Total number of security vulnerabilities4707