Lucene search
K
MalwarebytesMost viewed

4706 matches found

Malwarebytes
Malwarebytes
added 2021/07/07 2:17 p.m.267 views

UPDATED: Patch now! Emergency fix for PrintNightmare released by Microsoft

Last week we wrote about PrintNightmare, a vulnerability that was supposed to be patched but wasnt. After Junes Patch Tuesday, researchers found that the patch did not work in every case, most notably on modern domain controllers. Yesterday, Microsoft issued a set of out-of-band patches that sets...

9.3CVSS9.3AI score0.99759EPSS
Exploits75
Malwarebytes
Malwarebytes
added 2021/04/01 7:47 p.m.266 views

Android “System Update” malware steals photos, videos, GPS location

A newly discovered piece of Android malware shares the same capabilities found within many modern stalkerware-type apps—it can swipe images and video, rifle through online searches, record phone calls and video, and peer into GPS location data—but the infrastructure behind the malware obscures it...

Exploits0
Malwarebytes
Malwarebytes
added 2021/03/10 6:6 p.m.265 views

OVH cloud datacenter destroyed by fire

A fire in one of the OVH datacenters has destroyed one datacenter and knocked two others offline. It took 100 firefighters and 43 fire trucks to fight the fire in the five-story building. Even though the fire department was quick to respond, and the fire was brought under control relatively...

Exploits0
Malwarebytes
Malwarebytes
added 2019/06/21 4:51 p.m.262 views

Fresh “video games” site welcomes new users with Steam phish

Over the weekend, I received this unsolicited message from an acquaintance on Steam: 1 free game for new users! Take the game you want https://t.co/redacted Fortunately, other friends on Steam were quick to publicly warn others about potentially hacked accounts spamming dubious messages to anyone...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/06 8:32 p.m.260 views

Pre-installed auto installer threat found on Android mobile devices in Germany

Users primarily located in Germany are experiencing malware that downloads and installs on their Gigaset mobile devices—right out of the box! The culprit installing these malware apps is the Update app, package name com.redstone.ota.ui, which is a pre-installed system app. This app is not only th...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/10/08 3:30 p.m.260 views

Healthcare security update: death by ransomware, what’s next?

A recent ransomware attack which played a significant role in the death of a German woman has put into focus both the dangers and the importance of cybersecurity today. But it has also led some to point fingers as to who was responsible. As usual, playing the blame game helps no one, but it does...

7.5CVSS0.99999EPSS
Exploits48
Malwarebytes
Malwarebytes
added 2023/11/28 10:20 a.m.257 views

ownCloud vulnerability can be used to extract admin passwords

ownCloud has warned users about three critical security flaws in its file-sharing software which, if exploited, could reveal sensitive information and modify files. An especially and potentially impactful one is a vulnerability that could lead to disclosure of sensitive credentials and...

7.5CVSS7.9AI score0.78428EPSS
Exploits5
Malwarebytes
Malwarebytes
added 2019/05/24 6:5 p.m.257 views

Medical industry struggles with PACS data leaks

In the medical world, sharing patient data between organizations and specialists has always been an issue. X-Rays, notes, CT scans, and any other data or related files have always existed and been shared in their physical forms slides, paperwork. When a patient needed to take results of a test to...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/07/15 2:30 p.m.256 views

SonicWall warns users of “imminent ransomware campaign”

This post has been updated with a statement from SonicWall below SonicWall has issued an urgent security notice warning users of unpatched End-Of-Life EOL SRA & SMA 8.X remote access devices that they have been made aware of an imminent ransomware campaign using stolen credentials. The exploitati...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/01/04 6:15 p.m.255 views

Vidar and GandCrab: stealer and ransomware combo observed in the wild

We have been tracking a prolific malvertising campaign for several weeks and captured a variety of payloads, including several stealers. One that we initially identified as Arkei turned out to be Vidar, a new piece of malware recently analyzed in detail by Fumik0 in his post: Let’s dig into Vidar...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/07/26 4:45 p.m.253 views

Good Twitter Samaritans accidentally prevent shoeshine scam

A few days ago, Indian news portals were buzzing with tales of a well-worn shoeshine scam making its way into social media. It’s a great example of how good-natured gestures can unwittingly aid scammers when we combine high-visibility accounts with potential lack of fact checking. Thankfully, it...

Exploits0
Malwarebytes
Malwarebytes
added 2021/08/11 12:16 p.m.252 views

PrintNightmare and RDP RCE among major issues tackled by Patch Tuesday

The sheer number of patches 44 security vulnerabilities should be enough to scare us, but unfortunately we have gotten used to those numbers. In fact, 44 is a low number compared to what we have seen on recent Patch Tuesdays. So what are the most notable vulnerabilities that were patched. One...

9CVSS1.4AI score0.99759EPSS
Exploits42
Malwarebytes
Malwarebytes
added 2021/07/02 9:46 p.m.249 views

UPDATED: Kaseya hijacked, thousands attacked by REvil, fix delayed again

Malwarebytes does not use Kaseya products. Malwarebytes detects the REvil ransomware used in this attack as Sodinokibi. Latest updates July 7, 8:30 am, Kaseya VSA SaaS platform still offline, not updated as planned July 6, 3:40 pm, malspam using fake Kaseya security update July 6, 3:15 am,...

7.5CVSS9.4AI score0.85619EPSS
Exploits1
Malwarebytes
Malwarebytes
added 2020/06/10 3:53 a.m.249 views

Honda and Enel impacted by cyber attack suspected to be ransomware

Car manufacturer Honda has been hit by a cyber attack, according to a report published by the BBC, and later confirmed by the company in a tweet. Another similar attack, also disclosed on Twitter, hit Edesur S.A., one of the companies belonging to Enel Argentina which operates in the business of...

5CVSS8.6AI score0.0954EPSS
Exploits8
Malwarebytes
Malwarebytes
added 2021/03/09 7:59 p.m.248 views

Microsoft Exchange attacks cause panic as criminals go shell collecting

Only last week we posted a blog about multiple zero-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. Seeing how this disclosure came with a patch being available, under normal circumstances you would see some companies update...

7.5CVSS10AI score0.99999EPSS
Exploits63
Malwarebytes
Malwarebytes
added 2022/03/14 11:18 a.m.247 views

CISA list of 95 new known exploited vulnerabilities raises questions

On Friday March 3, the Cybersecurity and Infrastructure Security Agency CISA added a whopping number of 95 new known exploited vulnerabilities to its Known Exploited Vulnerabilities Catalog. This catalog provides Federal Civilian Executive Branch FCEB agencies with a list of vulnerabilities that...

10CVSS1.8AI score0.94354EPSS
Exploits29
Malwarebytes
Malwarebytes
added 2021/04/30 12:5 p.m.247 views

IoT riddled with BadAlloc vulnerabilities

The Cybersecurity and Infrastructure Security Agency CISA has published advisory ICSA-21-119-04 about vulnerabilities found in multiple real-time operating systems RTOS and supporting libraries. Those operating systems and libraries are widely used in smart, Internet-connected "things". The numbe...

0.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/09 1:8 p.m.247 views

Millions of Chrome users quietly added to Google’s FLoC pilot

Last month, Google began a test pilot of its Federated Learning of Cohorts—or FLoC—program, which the company has advertised as the newest, privacy-preserving alternative in Google Chrome to the infamous third-party cookie. Sounds promising, right? Well, about that. Despite Google’s rhetoric abou...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/03 6:39 p.m.245 views

21 million free VPN users’ data exposed

Detailed credentials for more than 21 million mobile VPN app users were swiped and advertised for sale online last week, offered by a cyber thief who allegedly stole user data collected by the VPN apps themselves. The data includes email addresses, randomly generated password strings, payment...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/01/21 4:48 p.m.244 views

A week in security (January 14 – 20)

Last week on the Malwarebytes Labs blog, we took a look at how the government shutdown is influencing cybersecurity jobs, Advanced Persistent Threats group APT10, the comeback of Fallout EK, the hosting of malicious sites on legitimate servers, and the Collection 1 data breach. Other cybersecurit...

4.6CVSS8.2AI score0.04679EPSS
Exploits2
Malwarebytes
Malwarebytes
added 2022/06/15 1:17 p.m.243 views

Update now!  Microsoft patches Follina, and many other security updates

The June 2022 Patch Tuesday may go down in history as the day that Follina got patched, but there was a host of other important updates. And not just from Microsoft. Many other software vendors follow the pattern of monthly updates set by the people in Redmond. Microsoft Microsoft released update...

9.3CVSS9.5AI score0.99374EPSS
Exploits67
Malwarebytes
Malwarebytes
added 2021/04/01 3:43 p.m.242 views

Relax. Internet password books are OK

Passwords are a hot topic on social media at the moment, due to the re-emergence of a discussion about good password management practices. There’s a wealth of password management options available, some more desirable than others. The primary recommendation online is usually a software-based...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/07/23 5:57 p.m.241 views

Busted! Fraud-as-a-Service gang that sold 2FA-proof phishing arrested

The Dutch police announced that they arrested two Dutch citizens, aged 24 and 15, for developing and selling phishing panels. The police also searched the house of another suspect, an 18 year old who was not arrested. The people behind this illegal business called themselves the Fraud Family and...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/16 5:42 p.m.241 views

Shady scam bots trick Omegle users into nonconsensual video sex recordings

14-year old Michael not his real name from Scandinavia first visited Omegle, the video online chat that has become hugely popular since the start of the pandemic, after hearing about "unpredictable and weird encounters" one may experience on the site from other students in school. He was intrigue...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/11/03 6:30 p.m.239 views

Update your Chrome again as Google patches second zero-day in two weeks

Before you start to Google for election news, wed like you to check whether your browser is at the latest and safest version. “Again?”, Chrome users may say. Yes, because Google has found another zero-day vulnerability - that means its a hole that is actively being exploited right now. Its the...

6.8CVSS8.1AI score0.5063EPSS
Exploits5
Malwarebytes
Malwarebytes
added 2021/08/13 11:34 a.m.238 views

VPN Test: How to check if your VPN is working or not

The primary function of a Virtual Private Network VPN is to enhance your online privacy and security. It should do this without slowing your Internet too noticeably. Performing a VPN test or two can help you ensure that its up to the mark. VPN privacy test Your Internet Service Provider ISP assig...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/07/09 3:41 p.m.238 views

How one word can disable an iPhone’s WiFi functionality

A researcher has found a way to disable the WiFi functionality on iPhones by getting them to join a WiFi hotspot with a weird name. This shouldnt be happening. The first thing you learn in coding school when it comes to input which is literally any data a device has to do something with is to...

9.3CVSS6.9AI score0.04838EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2019/01/18 4:0 p.m.238 views

Hosting malicious sites on legitimate servers: How do threat actors get away with it?

How do threat actors manage to get their sites and files hosted on legitimate providers’ servers? I have asked myself this question many times, and many times thought, “The threat actors pay for it, and for some companies, money is all that matters.” But is it really that simple? I decided to fin...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/06 7:24 p.m.235 views

Aurora campaign: Attacking Azerbaijan using multiple RATs

This post was authored by Hossein Jazi As tensions between Azerbaijan and Armenia continue, we are still seeing a number of cyber attacks taking advantage of this situation. On March 5th 2021, we reported an actor that used steganography to drop a new .Net Remote Administration Trojan. Since that...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/13 11:2 a.m.233 views

Sorry, Joe Biden isn’t offering you a work visa, it’s a scam

A US diplomatic mission in Nigeria warns of a visa scam affecting Nigerian citizens looking to move to the United States. It’s an old scam message, dressed up with a fresh coat of paint. Shall we take a look? Fraud Alert! Scammers and fraudsters are circulating a fake “press release” claiming to...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/06/21 3:0 p.m.233 views

The Roblox Robux generator is too good to be true

Roblox is an enormously popular MMORPG title for kids available on both PC and console, and it suffers no end of scammers trying to fleece its players as a result. While the game tries to block and filter text/URLs and comes with additional security features, potentially dubious sites also bounce...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/01/19 6:37 p.m.232 views

The story of ZeroLogon

This is the story of a vulnerability that was brought about by the incorrect use of an encryption technique. After it was discovered by researchers, the vulnerability was patched and that should have been the end of the story. Unfortunately the patch caused problems of its own, which made it very...

9.3CVSS8.9AI score0.99512EPSS
Exploits75
Malwarebytes
Malwarebytes
added 2021/07/28 1:4 p.m.231 views

UDP Technology IP Camera firmware vulnerabilities allow for attacker to achieve root

Researchers at RandoriSec have found serious vulnerabilities in the firmware provided by UDP Technology to Geutebrück and many other IP camera vendors. According to the researchers the firmware supplier UDP Technology fails to respond to their reports despite numerous mails and LinkedIn messages...

3.9AI score0.95547EPSS
Exploits19
Malwarebytes
Malwarebytes
added 2019/08/21 3:56 p.m.230 views

Bluetooth vulnerability can be exploited in Key Negotiation of Bluetooth (KNOB) attacks

Those who are familiar with Bluetooth BR/EDR technology aka Bluetooth Classic, from 1.0 to 5.1 can attest that it is not perfect. Like any other piece of hardware or software technology already on market, its usefulness comes with flaws. Early last week, academics at Singapore University of...

4.8CVSS9.2AI score0.02691EPSS
Exploits2
Malwarebytes
Malwarebytes
added 2023/04/12 10:0 a.m.229 views

Update now! April’s Patch Tuesday includes a fix for one zero-day

Its Patch Tuesday again. Microsoft and other vendors have released their monthly updates. Among a total of 97 patched vulnerabilities there is one actively exploited zero-day. Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix...

9.2AI score0.95454EPSS
Exploits24
Malwarebytes
Malwarebytes
added 2017/07/14 4:29 p.m.225 views

Keeping up with the Petyas: Demystifying the malware family

Last June 27, there was a huge outbreak of a Petya-esque malware with WannaCry-style infector in the Ukraine. Since there is still confusion about how exactly this malware is linked to the original Petya, we have prepared this small guide on the background of the Petya family. The origin of Petya...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/02/12 10:48 p.m.224 views

Who is to blame for the malicious Barcode Scanner that got on the Google Play store?

In our last blog, Barcode Scanner app on Google Play infects 10 million users with one update, we wrote about a barcode scanner found on the Google Play store that was infected with Android/Trojan.HiddenAds.AdQR. All initial signs led us to believe that LavaBird LTD was the developer of this...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/01/26 10:12 p.m.223 views

New DazzleSpy malware attacks macOS

DazzleSpy, a piece of malware that attacks macOS, was discovered last fall by researchers at ESET, and now those researchers have released more detailed findings. DazzleSpy, according to the researchers at ESET, was being spread via watering hole attacks via pro-democracy websites in China. It...

9.3CVSS0.1AI score0.14542EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2021/05/28 2:24 p.m.223 views

SolarWinds attackers launch new campaign

Nobelium is a synthetic chemical element with the symbol No and atomic number 102. It is named in honor of Alfred Nobel. But it is also the name given to the threat actor that is behind the attacks against SolarWinds, the Sunburst backdoor, TEARDROP malware, GoldMax malware, other related...

4.3CVSS0.4AI score0.07082EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2022/02/01 11:7 a.m.221 views

Apply those updates now: CVE bypass offers up admin privileges for Windows 10

If you’re running Windows 10, it’s time to stop delaying those patches and bring your systems up to date as soon as possible. Bleeping Computer reports that a researcher has come up with a bypass for an older bug, which could serve up some major headaches if left to fester. Those headaches will...

7.2CVSS0.4AI score0.78376EPSS
Exploits22
Malwarebytes
Malwarebytes
added 2021/07/21 5:15 p.m.220 views

The life and death of the ZeuS Trojan

Whether youve read up on Greek mythology or youre simply a big fan of Marvel comics, the name "Zeus" should be familiar to you. In the context of cybercrime though, ZeuS aka the Zbot Trojan is a once-prolific malware that could easily be described as one of a handful of information stealers ahead...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/10/26 10:58 a.m.220 views

Google patches actively exploited zero-day bug that affects Chrome users

Google has recently released Chrome version 86.0.4240.111 to patch several holes. One is for a zero-day flaw - that means a vulnerability that is being actively exploited in the wild. The flaw, which is officially designated as CVE-2020-15999, occurs in the way FreeType handles PNG images embedde...

4.3CVSS0.5AI score0.5063EPSS
Exploits2
Malwarebytes
Malwarebytes
added 2019/05/31 3:0 p.m.219 views

Ransomware isn’t just a big city problem

This month, one ransomware story has been making a lot of waves: the attack on Baltimore city networks. This attack has been receiving more press than normal, which could be due to the actions taken or not taken by the city government, as well as rumors about the ransomware infection mechanism...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/05/20 5:13 p.m.218 views

Android patches for 4 in-the-wild bugs are out, but when will you get them?

In the Android Security Bulletin of May 2021, published at the beginning of this month, you can find a list of roughly 40 vulnerabilities in several components that might concern Android users. According to info provided by Googles Project Zero team, four of those Android security vulnerabilities...

7.2CVSS0.1AI score0.12084EPSS
Exploits2
Malwarebytes
Malwarebytes
added 2021/07/16 9:44 a.m.217 views

What is scareware?

Scareware is a type of rogue program which has been around for many years, arguably dating back to 1990. It can be installed without permission, or via deception and false promises. Scareware is primarily used to panic or worry someone into performing a task they otherwise wouldn’t have done. The...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/01/25 4:0 p.m.213 views

A user’s right to choose: Why Malwarebytes detects Potentially Unwanted Programs (PUPs)

Potentially Unwanted Programs PUPs: the name says it all. While the programs themselves might have legitimate uses, their vendors often use inappropriate methods to drive downloads or hide within a program bundle. At Malwarebytes, we feel we have an obligation to help protect our customers from...

1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/03/15 4:15 p.m.211 views

Reputation management in the age of cyberattacks against businesses

Avid readers of the Malwarebytes Labs blog would know that we strive to prepare businesses of all sizes for the inevitability of cyberattacks. From effectively training employees about basic cybersecurity hygiene to guiding organizations in formulating an incident response IR program, a...

6.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/03/15 1:0 a.m.211 views

Update now! Microsoft fixes two zero-day bugs

Microsoft, and other vendors, have released their monthly updates. In total Microsoft has fixed a total of 101 vulnerabilities for several titles including Edge, with two of them being actively exploited zero-days. On top of that, Adobe has fixed an actively exploited vulnerability in ColdFusion...

8.9AI score0.97408EPSS
Exploits31
Malwarebytes
Malwarebytes
added 2019/01/18 6:33 p.m.210 views

Collection 1 data breach: what you need to know

Yesterday, news broke that the largest data dump in history had been discovered, with more than 770 million people's Personally Identifiable Information PII decrypted, catalogued, and up for grabs on the Internet. The files, which are being dubbed Collection 1, were originally found on cloud...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/06/14 12:43 p.m.209 views

“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft

Microsoft has warned that "multiple adversaries and nation-state actors" are making use of the recent Atlassian Confluence RCE vulnerability. A fix is now available for CVE-2022-26134. It is essential users of Confluence address the patching issue immediately. Confluence vulnerability: Background...

7.5CVSS10AI score0.99999EPSS
Exploits76
Total number of security vulnerabilities4706