Lucene search
K
MalwarebytesMost viewed

4709 matches found

Malwarebytes
Malwarebytes
added 2018/05/31 3:0 p.m.48 views

Instagram story spam claims free Apple Watch

I have to admit, I'm not 100 percent sure who Elton Castee is. "Who's that?" you ask? Digging around revealed that he's big on YouTube, has done some films, and raises money for dogs, which is very cool. He's also popular on Instagram, with 400k+ followers. With that in mind, we've seen a few...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/04/18 3:0 p.m.48 views

PBot: a Python-based adware

Recently, we came across a Python-based sample dropped by an exploit kit. Although it arrives under the disguise of a MinerBlocker, it has nothing in common with miners. In fact, it seems to be PBot/PythonBot: a Python-based adware. Apart from a couple of posts on forums in Russian language and...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/03/22 3:49 p.m.48 views

DDoS attacks are growing: What can businesses do?

Depending on the type and size of your organization, a DDoS Distributed Denial of Service attack can be anything from a small nuisance to something that can break your revenue stream and damage it permanently. A DDoS attack can cripple some online businesses for a period of time long enough to se...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/02/15 4:0 p.m.48 views

Physician, protect thyself: healthcare cybersecurity circling the drain

No one knows you better than you do. But thanks to technology advances and the continued digitization of healthcare data accumulation and sharing processes, we can also honestly say the same about your healthcare provider. Indeed, every time we get in touch with a health professional, data is...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/10/18 6:46 p.m.48 views

419 scammer offers USD $60 million—and a free child

Scammers often come crawling out of the woodwork in all sorts of places you wouldn't necessarily expect. This is to their advantage when trying to keep suspicion in check; after all, we're pretty much pre-programmed to think 419 scams will only wander into our inboxes. Twitter, though? That's a...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/05/20 12:39 p.m.47 views

What is real-time protection and why do you need it?

The constant barrage of cyber threats can be overwhelming for all of us. And, as those threats evolve and attackers find new ways to compromise us, we need a way to keep on top of everything nasty that’s thrown our way. Malwarebytes’ free version tackles and reactively resolves threats already on...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/02/02 2:18 p.m.47 views

CISA: Disconnect vulnerable Ivanti products TODAY

In an emergency directive, the Cybersecurity and Infrastructure Security Agency CISA has ordered all federal agencies to disconnect all instances of Ivanti Connect Secure and Policy Secure solution products from agency networks no later than 11:59PM on Friday February 2, 2024. Besides the Ivanti...

6.5CVSS7.3AI score0.99999EPSS
Exploits26
Malwarebytes
Malwarebytes
added 2023/10/11 3:15 p.m.47 views

Ransomware review: October 2023

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim did not pay a ransom. This provides the best overall picture of...

6.4CVSS6.8AI score0.21583EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2023/09/12 5:0 a.m.47 views

Update Chrome now! Google patches critical vulnerability being exploited in the wild

Google has released an update for Chrome Desktop which includes one critical security fix. There is an active exploit for the patched vulnerability, according to Google, which means cybercriminals are aware of the vulnerability and are using it. If youre a Chrome user on Windows, Mac, or Linux, y...

6.8CVSS10AI score0.99735EPSS
Exploits10
Malwarebytes
Malwarebytes
added 2023/08/15 8:0 a.m.47 views

PCMag ranks Malwarebytes #1 cybersecurity vendor

PCMag, one of the most trusted publications by IT professionals, named Malwarebytes the 1 most-recommended security software vendor on its list of Best Tech Brands for 2023. The ranking is based on a Net Promoter Score NPS, a composite rating based on customer reviews from PCMag's Readers Choice...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/06/22 3:0 a.m.47 views

Update now! Apple fixes three actively exploited vulnerabilities

Apple has released security updates for several products to address a set of flaws that it says are being actively exploited. Updates are available for these products: Safari 16.5.1 | macOS Big Sur and macOS Monterey ---|--- iOS 16.5.1 and iPadOS 16.5.1 | iPhone 8 and later, iPad Pro all models,...

8.2AI score0.51517EPSS
Exploits3
Malwarebytes
Malwarebytes
added 2023/06/16 4:30 p.m.47 views

MOVEit discloses THIRD critical vulnerability

In chess, the threefold repetition rule states that a player may claim a draw if the same position occurs three times during the game. Whether this means that customers of the popular file transfer utility MOVEit Transfer can ask for their money back remains to be seen, but we do hope it signals...

7.5CVSS7.2AI score0.99934EPSS
Exploits15
Malwarebytes
Malwarebytes
added 2023/06/09 11:30 a.m.47 views

Ransomware review: June 2023

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim didn't pay a ransom. This provides the best overall picture of...

4.3CVSS7.8AI score0.3106EPSS
Exploits2
Malwarebytes
Malwarebytes
added 2023/03/30 1:0 a.m.47 views

Smart home assistants at risk from "NUIT" ultrasound attack

A new form of attack named "Near Ultrasound Inaudible Trojan" NUIT has been unveiled by researchers from the University of Texas. NUIT is designed to attack voice assistants with malicious commands remotely via the internet. Impacted assistants include Siri, Alexa, Cortana, and Google Assistant...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/03/28 2:0 a.m.47 views

Fake DDoS services set up to trap cybercriminals

The "online criminal marketplace" has been disrupted via several fake Distributed Denial of Service DDoS tools, according to an announcement from The British National Crime Agency NCA. Not everyone on an underground forum is up to no good. Some folks register on hacking sites and services out of...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/28 2:0 a.m.47 views

iPhone users targeted in phone AND data theft campaign

When is an iPhone theft not just an iPhone theft? When the user's Apple ID and more, goes with it. That's what the Wall Street Journal reports has been happening over recent months. The paper interviewed a handful of people who fell victim to old-school phone theft while out in a bar. But it wasn...

Exploits0
Malwarebytes
Malwarebytes
added 2022/10/27 5:15 p.m.47 views

Medibank customers' personal data compromised by cyber attack

Australian health care insurance company Medibank confirmed that the threat actor behind a cyberattack on the company had access to the data of at least 4 million customers. Although Medibank at first said that there was "no evidence that customer data has been accessed," a week later their...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/04/30 1:44 p.m.47 views

Update now! Critical patches for Chrome and Edge

Google has released an update for its Chrome browser that includes 30 security fixes. The latest version of the stable channel is now Chrome 101.0.4951.41 for Windows, Mac and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system...

9AI score0.0105EPSS
Exploits6
Malwarebytes
Malwarebytes
added 2021/12/06 7:14 p.m.47 views

Why Macs are the best, according to Mac expert Thomas Reed: Lock and Code S02E23

In the year 2021, the war for computer superiority has a clear winner, and it is the Macintosh, by Apple. The companys Pro model laptops are finally, belatedly equipped with ports that have been standard in other computers for years. The companys beleaguered "butterfly" keyboard has seemingly bee...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/08/13 2:16 p.m.47 views

Phishing campaign goes old school, dusts off Morse code

In an extensive report about a phishing campaign, the Microsoft 365 Defender Threat Intelligence Team describes a number of encoding techniques that were deployed by the phishers. And one of them was Morse code. While Morse code may seem like ancient communication technology to some, it does have...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/08/04 10:39 a.m.47 views

COVID-19 vaccine appointment system attacked in Italy

In another cyberattack on a healthcare system, threat-actors have tried to throw a wrench into the ongoing COVID-19 vaccine roll-out in the region of Lazio, Italy. The large and densely populated region is the countrys second most populous and includes the countrys capital, Rome. On Sunday the...

0.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/06/24 2:32 p.m.47 views

Complicated Active Directory setups are undermining security

Security researchers and technical architects from SpecterOps have found that almost every Active Directory installation they have looked at over the last decade has had some kind of misconfiguration issue. And misconfigurations can lead to security issues, such as privilege escalation methods. T...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/06/22 2:36 p.m.47 views

Hotel staff bust Hermes SMS scammer with suspiciously large number of cables

If you’re in the UK, you’ve likely received a fake delivery SMS at this point. The original big driver for this over the pandemic was a non-stop wave of Royal Mail phishing scams. As that article mentions, most if not all of our interactions with organisations is done by mobile. I receive medical...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/05/13 5:19 p.m.47 views

Using iPhones and AirTags to sneak data out of air-gapped networks

Someone has found an extraordinary way to exfiltrate data by piggybacking data on the backs of unsuspecting iPhones. Say what? A researcher has found out that it is possible to upload arbitrary data from non-internet-connected devices by sending Bluetooth Low Energy BLE broadcasts to nearby Apple...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/05/13 2:25 p.m.47 views

Why MITRE ATT&CK matters—Choosing alert quality over quantity

Round 3 Carbanak/FIN7 results evaluation Last month, the researchers at MITRE Engenuity released the results of their most recent ATT&CK Evaluation, offering businesses an opportunity to make informed choices about their own security needs. This year, by modeling the ATT&CK testing after attack...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/12/19 12:10 a.m.47 views

The many ways you can be scammed on Facebook, part II

In part 1 of this article series, we looked at data mining schemes, scam ad campaigns, concert tickets scams, and PayPal fund transfer scams. Today, we continue to list down the other scams you might encounter on Facebook. Bitcoin trading scam Who would have thought that a "simple" phishing schem...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/07/17 6:17 p.m.47 views

It’s baaaack: Public cyber enemy Emotet has returned

It was never a question of "if" but "when". After five months of absence, the dreaded Emotet has returned. Following several false alarms over the last few weeks, a spam campaign was first spotted on July 13 showing signs of a likely comeback. The Emotet botnets started pushing malspam actively o...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/12/13 4:0 p.m.47 views

5 tips for building an effective security operations center (SOC)

Security is more than just tools and processes. It is also the people that develop and operate security systems. Creating systems in which security professionals can work efficiently and effectively with current technologies is key to keeping your data and networks secure. Many enterprise...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/11/20 6:11 p.m.47 views

Disney+ security and service issues: Here’s what we know so far

The long wait is over. Disney+, the new video-streaming service to rival Netflix and Amazon Prime, debuted last week to much fanfare, racking up 10 million subscribers within a single day of launch. Unfortunately, it wasn’t the kind of splash the majority of users predicted, as they were met with...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/06/18 5:0 p.m.47 views

A week in security (June 11 – June 17)

Last week on Malwarebytes Labs, we discussed how to protect the online privacy of children, we gave you a spring 2018 overview of exploit kits, rounded up the ongoing discussions about the VPNFilter malware, and discussed the struggles of UK law enforcement with modern-day cybercrime. Other news...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/03/28 4:0 p.m.47 views

An in-depth malware analysis of QuantLoader

This guest post is written by Vishal Thakur, CSIRT/Salesforce. For more on Vishal, read his bio at the end of the blog. QuantLoader is a Trojan downloader that has been available for sale on underground forums for quite some time now. It has been used in campaigns serving a range of malware,...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/03/21 5:42 p.m.47 views

CyberByte steals Malwarebytes’ intellectual property

At Malwarebytes, we frequently examine apps for detection as Potentially Unwanted Programs PUPs. These are programs that exhibit a wide variety of bad behaviors, but aren't actually outright malware. Unfortunately, there are many supposed antivirus programs that fit this category. Following user...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/09/11 7:53 p.m.47 views

A week in security (September 4 – September 10)

Last week, we looked into expired domain names being used for malvertising, delved into dubious Facebook apps, and checked out Chinese seminar scams. We also explained the whys and wherefores of false positives, explained what Google is doing with HTTPs, warned you away from a fake DHS email, and...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/09/08 3:0 p.m.47 views

Fake DHS email – “Give us $350 in the next 24 hours”

Who likes threats? Nobody, as it turns out. That hasn't stopped scammers from jumping on the menacing email train - next stop, your inbox. Every now and then, we see the 419 "Hitman deployed to kill you" missive doing the rounds. On a similar threatening note, we have a fake DHS notification...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/07/06 12:51 p.m.46 views

Choose your WhatsApp username carefully

Dutch consumer organization Consumentenbond has warned users to be careful when choosing their optional WhatsApp username. Meta announced the introduction of usernames on June 29, 2026, and encouraged users to reserve their username now. Meta offers this feature as: “a major privacy feature...

5.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/06/08 10:53 a.m.46 views

Pirated PC games are delivering password-stealing malware

A new Windows malware campaign hides inside pirated PC games and modified installers for franchises like Far Cry, Need for Speed, FIFA, and Assassin’s Creed. Researchers estimate that more than 400,000 devices worldwide have been infected, with around 30,000 users in the US. The infection method ...

5.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/10/29 1:7 p.m.46 views

Update your iPhone, Mac, Watch: Apple issues patches for several vulnerabilities

Apple has released security patches for most of its operating systems, including iOS, Mac, iPadOS and watchOS. Especially important are the updates for iOS and iPadOS which tackle vulnerabilities which could potentially leak sensitive user information. You should make sure you update as soon as y...

9.6CVSS6.2AI score0.00818EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2024/03/13 3:13 p.m.46 views

Microsoft Patch Tuesday March 2024 includes critical Hyper-V flaws

The March 2024 Patch Tuesday update includes patches for 61 Microsoft vulnerabilities. Only two of the vulnerabilities are rated critical and both of these are found in Windows Hyper-V. Hyper-V is a hardware virtualization product that allows you to run multiple operating systems as virtual...

7.5CVSS8.3AI score0.20157EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2024/01/31 8:56 p.m.46 views

Decline in robocalls is encouraging, efforts seem to be working

The Federal Communications Commission FCC has announced that its recent actions with the Federal Trade Commission FTC against international robocalls appear to have had an effect. Robocalls are automated phone calls, often associated with scams and unwanted solicitations, which can be a nuisance ...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/01/11 2:36 p.m.46 views

Info-stealers can steal cookies for permanent access to your Google account

Hackers have found a way to gain unauthorized access to Google accounts, bypassing any multi-factor authentication MFA the user may have set up. To do this they steal authentication cookies and then extend their lifespan. It doesn’t even help if the owner of the account changes their password...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/11 1:0 a.m.46 views

Threatening rogue finance apps removed from the Apple Store

Multiple apps have been removed from the App Store in India after a large helping of unethical behaviour was aimed at their users. TechCrunch reports that "Pocket Kash, White Kash, Golden Kash, and OK Rupee" among others were taken down after getting close to the top 20 finance app listing spots...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/10 3:0 a.m.46 views

Malwarebytes Browser Guard introduces three new features

Malwarebytes Browser Guard is our free browser extension for Chrome, Edge, Firefox, and Safari that blocks unwanted and unsafe content, giving users a safer and faster browsing experience. It's the worlds first browser extension to do this while also identifying and stopping tech support scams. A...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/06 7:30 p.m.46 views

Solar monitoring systems exposed: Secure your devices

Researchers who go looking for devices exposed to the Internet report "tens of thousands" of solar photovoltaic PV monitoring and diagnostic systems can be found on the web. The systems are used for everything from system optimization to performance monitoring and troubleshooting. No fewer than...

10CVSS7.3AI score0.97961EPSS
Exploits6
Malwarebytes
Malwarebytes
added 2023/05/30 1:0 a.m.46 views

[updated] Barracuda Networks patches zero-day vulnerability in Email Security Gateway

On May 20, Barracuda Networks issued a patch for a zero day vulnerability in its Email Security Gateway ESG appliance. The vulnerability existed in a module which initially screens the attachments of incoming emails, and was discovered on May 19. Barracuda's investigation showed that the...

7.5CVSS7.9AI score0.86956EPSS
Exploits3
Malwarebytes
Malwarebytes
added 2023/05/01 4:15 p.m.46 views

Microsoft: You're already using the last version of Windows 10

Microsoft issued a client roadmap update on Thursday to remind us once again that Windows 10 support is slowly coming to an end. In less than three years, all Windows 10 users will need to have moved to Windows 11. While moving to Windows 11 should be a win for security, some Windows 10 fans may ...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/16 11:0 a.m.46 views

TikTok dances to the tune of $5.4m cookie fine

The big social media fines just keep coming. Hot on the heels of Meta experiencing a $277m fine from the Irish Data Protection Commission, its now TikToks turn in the spotlight thanks to a cookie crumble. Can you walk into a huge fine in 2023 for making it difficult to refuse a cookie as easily a...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/12/16 10:0 a.m.46 views

Update now! Apple patches active exploit vulnerability for iPhones

Apple has released new security content for iOS 16.1.2 and Safari 16.2. Normally we would say that Apple pushed out updates, but in this mysterious case the advisory is about an iPhone software update Apple released two weeks ago. As it turns out, to fix a zero-day security vulnerability that was...

9.2AI score0.08523EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2022/12/14 3:0 p.m.46 views

Update now! Two zero-days fixed in 2022's last patch Tuesday

In numbers, the patch Tuesday of December 2022 is a relatively light one for Windows users. Microsoft patched 48 vulnerabilities with only six considered critical. But numbers are only half the story. Two of the updates are zero-days with one of them known to be actively exploited. Windows...

8.7AI score0.76106EPSS
Exploits4
Malwarebytes
Malwarebytes
added 2022/03/31 3:40 p.m.46 views

URI spoofing flaw could phish WhatsApp, Signal, Instagram, and iMessage users

Update: We were informed by Sick Codes that, although Signal already has a fix for this URI flaw here, it hasnt been pushed out to market yet. Well further update this post once there is new development. Theres a flaw in the way many of the worlds most popular messaging and email platforms—such a...

4.3CVSS6AI score0.02314EPSS
Exploits5
Malwarebytes
Malwarebytes
added 2022/03/21 12:7 p.m.46 views

Facebook phish claims “Someone tried to log into your account”

Watch out for bogus Facebook phishing messages winging their way to your mailbox. The ruse is quite simple: The mail senders are relying on the recipient’s sense of panic to respond without thinking about it. The mail looks professional enough, and seeks to imitate what would be a fairly typical...

7.1AI score
Exploits0
Total number of security vulnerabilities4709