4709 matches found
Instagram story spam claims free Apple Watch
I have to admit, I'm not 100 percent sure who Elton Castee is. "Who's that?" you ask? Digging around revealed that he's big on YouTube, has done some films, and raises money for dogs, which is very cool. He's also popular on Instagram, with 400k+ followers. With that in mind, we've seen a few...
PBot: a Python-based adware
Recently, we came across a Python-based sample dropped by an exploit kit. Although it arrives under the disguise of a MinerBlocker, it has nothing in common with miners. In fact, it seems to be PBot/PythonBot: a Python-based adware. Apart from a couple of posts on forums in Russian language and...
DDoS attacks are growing: What can businesses do?
Depending on the type and size of your organization, a DDoS Distributed Denial of Service attack can be anything from a small nuisance to something that can break your revenue stream and damage it permanently. A DDoS attack can cripple some online businesses for a period of time long enough to se...
Physician, protect thyself: healthcare cybersecurity circling the drain
No one knows you better than you do. But thanks to technology advances and the continued digitization of healthcare data accumulation and sharing processes, we can also honestly say the same about your healthcare provider. Indeed, every time we get in touch with a health professional, data is...
419 scammer offers USD $60 million—and a free child
Scammers often come crawling out of the woodwork in all sorts of places you wouldn't necessarily expect. This is to their advantage when trying to keep suspicion in check; after all, we're pretty much pre-programmed to think 419 scams will only wander into our inboxes. Twitter, though? That's a...
What is real-time protection and why do you need it?
The constant barrage of cyber threats can be overwhelming for all of us. And, as those threats evolve and attackers find new ways to compromise us, we need a way to keep on top of everything nasty that’s thrown our way. Malwarebytes’ free version tackles and reactively resolves threats already on...
CISA: Disconnect vulnerable Ivanti products TODAY
In an emergency directive, the Cybersecurity and Infrastructure Security Agency CISA has ordered all federal agencies to disconnect all instances of Ivanti Connect Secure and Policy Secure solution products from agency networks no later than 11:59PM on Friday February 2, 2024. Besides the Ivanti...
Ransomware review: October 2023
This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim did not pay a ransom. This provides the best overall picture of...
Update Chrome now! Google patches critical vulnerability being exploited in the wild
Google has released an update for Chrome Desktop which includes one critical security fix. There is an active exploit for the patched vulnerability, according to Google, which means cybercriminals are aware of the vulnerability and are using it. If youre a Chrome user on Windows, Mac, or Linux, y...
PCMag ranks Malwarebytes #1 cybersecurity vendor
PCMag, one of the most trusted publications by IT professionals, named Malwarebytes the 1 most-recommended security software vendor on its list of Best Tech Brands for 2023. The ranking is based on a Net Promoter Score NPS, a composite rating based on customer reviews from PCMag's Readers Choice...
Update now! Apple fixes three actively exploited vulnerabilities
Apple has released security updates for several products to address a set of flaws that it says are being actively exploited. Updates are available for these products: Safari 16.5.1 | macOS Big Sur and macOS Monterey ---|--- iOS 16.5.1 and iPadOS 16.5.1 | iPhone 8 and later, iPad Pro all models,...
MOVEit discloses THIRD critical vulnerability
In chess, the threefold repetition rule states that a player may claim a draw if the same position occurs three times during the game. Whether this means that customers of the popular file transfer utility MOVEit Transfer can ask for their money back remains to be seen, but we do hope it signals...
Ransomware review: June 2023
This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim didn't pay a ransom. This provides the best overall picture of...
Smart home assistants at risk from "NUIT" ultrasound attack
A new form of attack named "Near Ultrasound Inaudible Trojan" NUIT has been unveiled by researchers from the University of Texas. NUIT is designed to attack voice assistants with malicious commands remotely via the internet. Impacted assistants include Siri, Alexa, Cortana, and Google Assistant...
Fake DDoS services set up to trap cybercriminals
The "online criminal marketplace" has been disrupted via several fake Distributed Denial of Service DDoS tools, according to an announcement from The British National Crime Agency NCA. Not everyone on an underground forum is up to no good. Some folks register on hacking sites and services out of...
iPhone users targeted in phone AND data theft campaign
When is an iPhone theft not just an iPhone theft? When the user's Apple ID and more, goes with it. That's what the Wall Street Journal reports has been happening over recent months. The paper interviewed a handful of people who fell victim to old-school phone theft while out in a bar. But it wasn...
Medibank customers' personal data compromised by cyber attack
Australian health care insurance company Medibank confirmed that the threat actor behind a cyberattack on the company had access to the data of at least 4 million customers. Although Medibank at first said that there was "no evidence that customer data has been accessed," a week later their...
Update now! Critical patches for Chrome and Edge
Google has released an update for its Chrome browser that includes 30 security fixes. The latest version of the stable channel is now Chrome 101.0.4951.41 for Windows, Mac and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system...
Why Macs are the best, according to Mac expert Thomas Reed: Lock and Code S02E23
In the year 2021, the war for computer superiority has a clear winner, and it is the Macintosh, by Apple. The companys Pro model laptops are finally, belatedly equipped with ports that have been standard in other computers for years. The companys beleaguered "butterfly" keyboard has seemingly bee...
Phishing campaign goes old school, dusts off Morse code
In an extensive report about a phishing campaign, the Microsoft 365 Defender Threat Intelligence Team describes a number of encoding techniques that were deployed by the phishers. And one of them was Morse code. While Morse code may seem like ancient communication technology to some, it does have...
COVID-19 vaccine appointment system attacked in Italy
In another cyberattack on a healthcare system, threat-actors have tried to throw a wrench into the ongoing COVID-19 vaccine roll-out in the region of Lazio, Italy. The large and densely populated region is the countrys second most populous and includes the countrys capital, Rome. On Sunday the...
Complicated Active Directory setups are undermining security
Security researchers and technical architects from SpecterOps have found that almost every Active Directory installation they have looked at over the last decade has had some kind of misconfiguration issue. And misconfigurations can lead to security issues, such as privilege escalation methods. T...
Hotel staff bust Hermes SMS scammer with suspiciously large number of cables
If you’re in the UK, you’ve likely received a fake delivery SMS at this point. The original big driver for this over the pandemic was a non-stop wave of Royal Mail phishing scams. As that article mentions, most if not all of our interactions with organisations is done by mobile. I receive medical...
Using iPhones and AirTags to sneak data out of air-gapped networks
Someone has found an extraordinary way to exfiltrate data by piggybacking data on the backs of unsuspecting iPhones. Say what? A researcher has found out that it is possible to upload arbitrary data from non-internet-connected devices by sending Bluetooth Low Energy BLE broadcasts to nearby Apple...
Why MITRE ATT&CK matters—Choosing alert quality over quantity
Round 3 Carbanak/FIN7 results evaluation Last month, the researchers at MITRE Engenuity released the results of their most recent ATT&CK Evaluation, offering businesses an opportunity to make informed choices about their own security needs. This year, by modeling the ATT&CK testing after attack...
The many ways you can be scammed on Facebook, part II
In part 1 of this article series, we looked at data mining schemes, scam ad campaigns, concert tickets scams, and PayPal fund transfer scams. Today, we continue to list down the other scams you might encounter on Facebook. Bitcoin trading scam Who would have thought that a "simple" phishing schem...
It’s baaaack: Public cyber enemy Emotet has returned
It was never a question of "if" but "when". After five months of absence, the dreaded Emotet has returned. Following several false alarms over the last few weeks, a spam campaign was first spotted on July 13 showing signs of a likely comeback. The Emotet botnets started pushing malspam actively o...
5 tips for building an effective security operations center (SOC)
Security is more than just tools and processes. It is also the people that develop and operate security systems. Creating systems in which security professionals can work efficiently and effectively with current technologies is key to keeping your data and networks secure. Many enterprise...
Disney+ security and service issues: Here’s what we know so far
The long wait is over. Disney+, the new video-streaming service to rival Netflix and Amazon Prime, debuted last week to much fanfare, racking up 10 million subscribers within a single day of launch. Unfortunately, it wasn’t the kind of splash the majority of users predicted, as they were met with...
A week in security (June 11 – June 17)
Last week on Malwarebytes Labs, we discussed how to protect the online privacy of children, we gave you a spring 2018 overview of exploit kits, rounded up the ongoing discussions about the VPNFilter malware, and discussed the struggles of UK law enforcement with modern-day cybercrime. Other news...
An in-depth malware analysis of QuantLoader
This guest post is written by Vishal Thakur, CSIRT/Salesforce. For more on Vishal, read his bio at the end of the blog. QuantLoader is a Trojan downloader that has been available for sale on underground forums for quite some time now. It has been used in campaigns serving a range of malware,...
CyberByte steals Malwarebytes’ intellectual property
At Malwarebytes, we frequently examine apps for detection as Potentially Unwanted Programs PUPs. These are programs that exhibit a wide variety of bad behaviors, but aren't actually outright malware. Unfortunately, there are many supposed antivirus programs that fit this category. Following user...
A week in security (September 4 – September 10)
Last week, we looked into expired domain names being used for malvertising, delved into dubious Facebook apps, and checked out Chinese seminar scams. We also explained the whys and wherefores of false positives, explained what Google is doing with HTTPs, warned you away from a fake DHS email, and...
Fake DHS email – “Give us $350 in the next 24 hours”
Who likes threats? Nobody, as it turns out. That hasn't stopped scammers from jumping on the menacing email train - next stop, your inbox. Every now and then, we see the 419 "Hitman deployed to kill you" missive doing the rounds. On a similar threatening note, we have a fake DHS notification...
Choose your WhatsApp username carefully
Dutch consumer organization Consumentenbond has warned users to be careful when choosing their optional WhatsApp username. Meta announced the introduction of usernames on June 29, 2026, and encouraged users to reserve their username now. Meta offers this feature as: “a major privacy feature...
Pirated PC games are delivering password-stealing malware
A new Windows malware campaign hides inside pirated PC games and modified installers for franchises like Far Cry, Need for Speed, FIFA, and Assassin’s Creed. Researchers estimate that more than 400,000 devices worldwide have been infected, with around 30,000 users in the US. The infection method ...
Update your iPhone, Mac, Watch: Apple issues patches for several vulnerabilities
Apple has released security patches for most of its operating systems, including iOS, Mac, iPadOS and watchOS. Especially important are the updates for iOS and iPadOS which tackle vulnerabilities which could potentially leak sensitive user information. You should make sure you update as soon as y...
Microsoft Patch Tuesday March 2024 includes critical Hyper-V flaws
The March 2024 Patch Tuesday update includes patches for 61 Microsoft vulnerabilities. Only two of the vulnerabilities are rated critical and both of these are found in Windows Hyper-V. Hyper-V is a hardware virtualization product that allows you to run multiple operating systems as virtual...
Decline in robocalls is encouraging, efforts seem to be working
The Federal Communications Commission FCC has announced that its recent actions with the Federal Trade Commission FTC against international robocalls appear to have had an effect. Robocalls are automated phone calls, often associated with scams and unwanted solicitations, which can be a nuisance ...
Info-stealers can steal cookies for permanent access to your Google account
Hackers have found a way to gain unauthorized access to Google accounts, bypassing any multi-factor authentication MFA the user may have set up. To do this they steal authentication cookies and then extend their lifespan. It doesn’t even help if the owner of the account changes their password...
Threatening rogue finance apps removed from the Apple Store
Multiple apps have been removed from the App Store in India after a large helping of unethical behaviour was aimed at their users. TechCrunch reports that "Pocket Kash, White Kash, Golden Kash, and OK Rupee" among others were taken down after getting close to the top 20 finance app listing spots...
Malwarebytes Browser Guard introduces three new features
Malwarebytes Browser Guard is our free browser extension for Chrome, Edge, Firefox, and Safari that blocks unwanted and unsafe content, giving users a safer and faster browsing experience. It's the worlds first browser extension to do this while also identifying and stopping tech support scams. A...
Solar monitoring systems exposed: Secure your devices
Researchers who go looking for devices exposed to the Internet report "tens of thousands" of solar photovoltaic PV monitoring and diagnostic systems can be found on the web. The systems are used for everything from system optimization to performance monitoring and troubleshooting. No fewer than...
[updated] Barracuda Networks patches zero-day vulnerability in Email Security Gateway
On May 20, Barracuda Networks issued a patch for a zero day vulnerability in its Email Security Gateway ESG appliance. The vulnerability existed in a module which initially screens the attachments of incoming emails, and was discovered on May 19. Barracuda's investigation showed that the...
Microsoft: You're already using the last version of Windows 10
Microsoft issued a client roadmap update on Thursday to remind us once again that Windows 10 support is slowly coming to an end. In less than three years, all Windows 10 users will need to have moved to Windows 11. While moving to Windows 11 should be a win for security, some Windows 10 fans may ...
TikTok dances to the tune of $5.4m cookie fine
The big social media fines just keep coming. Hot on the heels of Meta experiencing a $277m fine from the Irish Data Protection Commission, its now TikToks turn in the spotlight thanks to a cookie crumble. Can you walk into a huge fine in 2023 for making it difficult to refuse a cookie as easily a...
Update now! Apple patches active exploit vulnerability for iPhones
Apple has released new security content for iOS 16.1.2 and Safari 16.2. Normally we would say that Apple pushed out updates, but in this mysterious case the advisory is about an iPhone software update Apple released two weeks ago. As it turns out, to fix a zero-day security vulnerability that was...
Update now! Two zero-days fixed in 2022's last patch Tuesday
In numbers, the patch Tuesday of December 2022 is a relatively light one for Windows users. Microsoft patched 48 vulnerabilities with only six considered critical. But numbers are only half the story. Two of the updates are zero-days with one of them known to be actively exploited. Windows...
URI spoofing flaw could phish WhatsApp, Signal, Instagram, and iMessage users
Update: We were informed by Sick Codes that, although Signal already has a fix for this URI flaw here, it hasnt been pushed out to market yet. Well further update this post once there is new development. Theres a flaw in the way many of the worlds most popular messaging and email platforms—such a...
Facebook phish claims “Someone tried to log into your account”
Watch out for bogus Facebook phishing messages winging their way to your mailbox. The ruse is quite simple: The mail senders are relying on the recipient’s sense of panic to respond without thinking about it. The mail looks professional enough, and seeks to imitate what would be a fairly typical...