Lucene search
K
MalwarebytesMost viewed

4709 matches found

Malwarebytes
Malwarebytes
added 2024/02/28 11:41 a.m.33 views

Change Healthcare outages reportedly caused by ransomware

On Wednesday February 21, 2024, Change Healthcare—a subsidiary of UnitedHealth Group—experienced serious system outages due to a cyberattack. In a Form 8-K filing the company said it: “identified a suspected nation-state associated cyber security threat actor had gained access to some of the Chan...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/01/10 6:30 p.m.33 views

Atomic Stealer rings in the new year with updated version

Last year, we documented malware distribution campaigns both via malvertising and compromised sites delivering Atomic Stealer AMOS onto Mac users. This stealer has proven to be quite popular in the criminal underground and its developers have been adding new features to justify its hefty...

7.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/11/24 7:36 p.m.33 views

Windows Hello fingerprint authentication can be bypassed on popular laptops

Researchers have found several weaknesses in Windows Hello fingerprint authentication on Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X laptops. Microsoft’s Offensive Research and Security Engineering MORSE asked the researchers to evaluate the security of the top three...

7.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/11/02 9:21 p.m.33 views

Should you allow your browser to remember your passwords?

At Malwarebytes weve been telling people for years not to reuse passwords, and that a password manager is a secure way of remembering all the passwords you need for your online accounts. But we also know that a password manager can be overwhelming, especially when youre just getting started. Once...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/24 5:0 a.m.33 views

CISA updates ransomware guidance

The Cybersecurity and Infrastructure Security Agency CISA has updated its StopRansomware guide to account for the fact that ransomware actors have accelerated their tactics and techniques since the original guide was released in September of 2020. The StopRansomware guide is set up as a one-stop...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/09 2:0 p.m.33 views

Introducing Malwarebytes Application Block: How to block unauthorized software from executing on Windows endpoints

Malwarebytes is excited to announce Application Block, a new module for Nebula and OneView for MSPs which helps organizations easily thwart unwanted applications from launching on Windows endpoints. For as many applications out there that help you keep business running as usual, there are just as...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/30 9:30 p.m.33 views

Analyzing and remediating a malware infested T95 TV box from Amazon

A couple of weeks ago, security news outlets made their rounds reporting on an Android TV box available on Amazon that came pre-installed with malware. The findings came from a Canadian developer, Daniel Milisic, who posted on his GitHub. What Daniel found was an Android T95 TV box infected with...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/23 2:0 p.m.33 views

Key takeaways from Malwarebytes 2023 State of Mobile Cybersecurity

The results of our latest survey on mobile cybersecurity in K-12 and hospitals are in--and its not all peaches and roses. When we talk about endpoint protection, its only natural to only think about the most commonly compromised endpoints like work laptops and servers--but your smartphone isnt of...

0.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/12/08 11:0 a.m.33 views

Update now! NetGear routers’ default configuration allows remote attacks

NetGear has made a hotfix available for its Nighthawk routers after researchers found a network misconfiguration in the firmware allowed unrestricted communication with the internet facing ports of the device listening through IPv6. No auto-update The hotfix is available for the model RAX30, also...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/12/04 10:30 p.m.33 views

Android is slowly mastering memory management vulnerabilities

Recently we wrote about why the NSA wants you to shift to memory safe programming languages. The short version is: If you ever read our posts describing security vulnerabilities, you will see a lot of phrases like "buffer overflow", "failure to release memory", "use after free", "memory...

Exploits0
Malwarebytes
Malwarebytes
added 2022/09/29 4:0 p.m.33 views

Optus data breach "attacker" says sorry, it was a mistake

Since Australian telecoms company Optus disclosed a security breach on September 22, 2022, a lot has been happening. Much of it reads like a movie script. Prologue A hacker acting under the pseudonym "optusdata" claims to have stolen the data of 10 million Optus customers. The information include...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/07/11 8:40 a.m.33 views

Tech support scammers caught by their own cameras

A Youtuber has hacked into the CCTV cameras of an office used by tech support scammers and reported them to the police. The video feed of what is going on in that office ends with the arrest of the scammers. CCTV The Youtuber, acting under the handle Scambaiter, turned his attention to Punjab in...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/06/13 12:25 p.m.33 views

Serious vulnerabilities found in ITarian software, patches available for SaaS products

Dutch research group DIVD has identified multiple vulnerabilities in ITarian products. In cooperation with DIVD, ITarian has made patches available to deal with these vulnerabilities for its SaaS platform. Software as a service SaaS is a software distribution model in which a cloud provider hosts...

9CVSS8.6AI score0.01656EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2022/05/17 2:12 p.m.33 views

AirTag stalking: What is it, and how can I avoid it?

More voices are being raised against the use of everyday technology repurposed to attack and stalk people. Most recently, its reported that Ohio has proposed a new bill in relation to electronic tagging devices. The bill, aimed at making short work of a loophole allowing people with no stalking o...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/04/05 8:56 a.m.33 views

GitLab issues security updates; watch out for hard coded passwords

GitLab has issued several critical security updates, with users of the version control software urged to upgrade their installations as soon as possible. One of the fixes is for a hard coded password issue. What is distributed version control? Distributed version control is a way for an...

7.5CVSS9.7AI score0.76177EPSS
Exploits3
Malwarebytes
Malwarebytes
added 2022/03/23 4:42 p.m.33 views

Okta admits 366 customers may have been impacted by LAPSUS$ breach

Through its usual means of communication, its Telegram channel, the LAPSUS$ group has posted screenshots of what appears to be superuser access to the Okta management console. As such, the group claims to have acquired "superuser/admin" access to Okta.com and gained access to Oktas customer data,...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/11/17 3:43 p.m.33 views

Fake ransomware warnings hit WordPress sites: How to stay safe

A ransomware warning has appeared out of nowhere and started taking over WordPress sites. The warning, with its black background and red writing, says: “SITE ENCRYPTED Countdown FOR RESTORE SEND 0.1 BITCOIN: address redacted create file on site /unlock.txt with transaction key inside” But theres...

7.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/11/16 8:5 p.m.33 views

TrickBot helps Emotet come back from the dead

Probably one of the best known threats for the past several years, Emotet has always been under intense scrutiny from the infosec community. On several occasions, it appeared to take an early retirement, but then again it came back. However, when multiple law enforcement agencies seized control o...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/11/12 11:14 p.m.33 views

A multi-stage PowerShell based attack targets Kazakhstan

This blog post was authored by Hossein Jazi. On November 10 we identified a multi-stage PowerShell attack using a document lure impersonating the Kazakh Ministry of Health Care, leading us to believe it targets Kazakhstan. A threat actor under the user name of DangerSklif perhaps in reference to...

7.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/10/04 6:11 p.m.33 views

Police take a piece out of a ransomware gang, but won’t say which one

One of the worlds ransomware groups appears to be a couple of members short today—and about two million dollars less rich—but nobody is sure which one. Police are staying tight-lipped about whos short-handed following the arrest of two individuals in Kyiv, Ukraine. The arrests are part of a joint...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/06/16 3:31 p.m.33 views

Jail for consultant who scraped colossal trove of Alibaba customer data

A billion data points, including the usernames and mobile phone numbers of customers have been siphoned off Alibaba websites by a web crawler. The information has reached us about a week after a court ruling in the case. The court ruling A central Chinese court has ruled that an employee of a...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/05/25 8:7 p.m.33 views

Colonial Pipeline attack spurs new rules for critical infrastructure

Following a devastating cyberattack on the Colonial Pipeline, the Transportation Security Administration—which sits within the government’s Department of Homeland Security—will issue its first-ever cybersecurity directive for pipeline companies in the United States, according to exclusive reporti...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/14 4:36 p.m.33 views

FBI shuts down malware on hundreds of Exchange servers, opens Pandora’s box

A rather remarkable story has emerged, setting the scene for lively debates about permissible system access. A press release from the US Department of Justice Judge has revealed that the FBI were granted permission to perform some tech support backdoor removal. Bizarrely, they did this without...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/22 9:33 p.m.33 views

How to enable Facebook’s hardware key authentication for iOS and Android

Since 2017 desktop users have had the opportunity to use physical security keys to log in to their Facebook accounts. Now iOS and Android users have the same option too. Physical security keys are a more secure option for two-factor authentication 2FA than SMS which is vulnerable to SIM swap...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/02/24 4:6 p.m.33 views

LazyScripter: From Empire to double RAT

Malwarebytes’ Threat Intelligence analysts are continually researching and monitoring active malware campaigns and actor groups as the prevalence and sophistication of targeted attacks rapidly evolves. In this paper, we introduce a new APT group we have named LazyScripter, presenting in-depth...

0.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/02/12 4:23 p.m.33 views

Nude photo theft offers lessons in selfie security

Two former college graduates are in a lot of trouble after breaking into other students accounts and stealing sensitive personal data. They’re facing some serious charges with restitution payments of $35,430, potential jail time, and the threat of very big fines thrown into the mix. What happened...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/09/24 9:45 p.m.33 views

Taurus Project stealer now spreading via malvertising campaign

For the past several months, Taurus Project—a relatively new stealer that appeared in the spring of 2020—has been distributed via malspam campaigns targeting users in the United States. The macro-laced documents spawn a PowerShell script that invokes certutil to run an autoit script ultimately...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/06/25 5:28 p.m.33 views

Web skimmer hides within EXIF metadata, exfiltrates credit cards via image files

They say a picture is worth a thousand words. Threat actors must have remembered that as they devised yet another way to hide their credit card skimmer in order to evade detection. When we first investigated this campaign, we thought it may be another one of those favicon tricks, which we had...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/03/25 4:0 p.m.33 views

Consumerization: a better way to answer cybersecurity challenges

A version of this article originally appeared in Forbes on February 12, 2020. Consumerization: The specific impact that consumer-originated technologies can have on enterprises. Gartner More and more, enterprises are coming to understand that they need to adopt the agile processes and product...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/11/22 4:27 p.m.33 views

IoT bills and guidelines: a global response

You may not have noticed, but Internet of Things IoT rules and regulations are coming whether manufacturers want them or not. From experience, drafting up laws which are hopefully sensible and have some relevance to problems raised by current technology is a time-consuming, frustrating process...

0.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/05/06 3:21 p.m.33 views

A week in security (April 29 – May 5)

Last week on Labs we discussed the possible exit scam of dark net market Wall Street Market, how the Electrum DDoS botnet reaches 152,000 infected hosts, we looked at the sophisticated threats plague ailing healthcare industry, a mysterious database that exposed personal information of 80 million...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/04/19 11:0 p.m.33 views

“Funky malware format” found in Ocean Lotus sample

Recently, at the SAS conference I talked about "Funky malware formats"—atypical executable formats used by malware that are only loaded by proprietary loaders. Malware authors use them in order to make static detection more difficult, because custom formats are not recognized as executable by AV...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/05/23 3:0 p.m.33 views

Why bad coding habits die hard—and 7 ways to kill them

Developers are usually the focus of blame when software vulnerabilities cause organizational breaches. Sometimes, quality assurance engineers are included in the flame. Interestingly, though, hardly anyone looks at why bad coding habits form in the first place. We're talking about the culture, th...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/03/13 4:0 p.m.33 views

Hancitor: fileless attack with a DLL copy trick

This article was authored by David Sánchez, Mickaël Roger, and Jérôme Segura During the past few years, malicious spam campaigns have proven to be one of the most efficient infection vectors, in part due to a combination of social engineering and a regular number of Office vulnerabilities. The...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/01/23 10:0 p.m.33 views

Singapore government gets into the network defense game

There is a common assumption in the infosec community that enormous breaches like those at Equifax, Anthem, and Target are the new norm. That the next mega breach is simply a matter of time. This is because large companies loathe spending money on things that are not directly profitable like secu...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/12/18 6:45 p.m.33 views

A week in security (December 11 – December 17)

Last week we explained what fast flux is and how it's being abused, we showed you all kinds of Bitcoin-related scams, presented a video recording of a tech support scammer trying to sell free software, and pointed out some free software to keep an eye on your Internet traffic. We also informed yo...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/12/14 7:40 p.m.33 views

Free tools: Internet traffic monitoring

Are you an amateur analyst or security enthusiast looking for free tools to do some basic Internet traffic monitoring? You've come to the right place. Not everyone is versed in the use of robust tools like Wireshark even though it is worth the trouble of learning if you have to do network traffic...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/06/05 11:29 a.m.32 views

Ransomware hiding in fake AI, business tools

Artificial intelligence AI and small business tools are being abused as smokescreens to hit unsuspecting victims with ransomware. In the masquerade campaigns discovered by Cisco Talos, cybercriminals hid malware behind software and install packages that mimicked the websites or names of the lead...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/12/09 3:49 p.m.32 views

Encrypted messaging service intercepted, 2.3 million messages read by law enforcement

European law enforcement agencies have taken down yet another encrypted messaging service mainly used by criminals. The Matrix encrypted messaging service was an invite-only service which was also marketed under the names Mactrix, Totalsec, X-quantum, or Q-safe. Dutch and French authorities start...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/08/23 5:33 p.m.32 views

Fake funeral “live stream” scams target grieving users on Facebook

Some scammers have the morals of an alley cat. But some sink even lower. Over the last few months, Malwarebytes Labs has discovered scammers active on Facebook that prey on bereaved people by using stolen images and phony funeral live stream links to steal money and/or credit card details. These...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/08/22 2:12 p.m.32 views

Google patches actively exploited zero-day in Chrome. Update now!

Google has released an update for its Chrome browser which includes a patch for a vulnerability that Google says is already being exploited, known as a zero-day vulnerability. Google has fixed that zero-day with the release of versions 128.0.6613.84/.85 for Windows/macOS and 128.0.6613.84 for Lin...

9.6CVSS8.9AI score0.19272EPSS
Exploits2
Malwarebytes
Malwarebytes
added 2024/06/28 4:15 p.m.32 views

TEMU sued for being “dangerous malware” by Arkansas Attorney General

Chinese online shopping giant Temu is facing a lawsuit filed by State of Arkansas Attorney General Tim Griffin, alleging that the retailers mobile app spies on users. “Temu purports to be an online shopping platform, but it is dangerous malware, surreptitiously granting itself access to virtually...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/05/29 1:6 p.m.32 views

Data leak site BreachForums is back, boasting Live Nation/Ticketmaster user data. But is it a trap?

Notorious data leak site BreachForums appears to be back online after it was seized by law enforcement a few weeks ago. At least one of BreachForums domains and its dark web site are live again. However, questions have been raised over whether it is a genuine attempt to revive the forums once aga...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/04/01 8:54 p.m.32 views

2024 State of Malware in Education report: Top 6 cyberthreats facing K-12 and Higher Ed

Educational institutions may face a range of cyberthreats in 2024, but our 2024 State of Malware in Education report identifies the six most critical ones. Ransomware, for example, stands out as a key threat for schools and universities. The report covers how last year, we witnessed a 92% increas...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/03/01 1:41 p.m.32 views

Pig butchering scams, how they work and how to avoid them

Pig butchering scams are big business. There are hundreds of millions of dollars involved every year. The numbers are not very precise because some see them as a special kind of romance scam, while others classify them as investment fraud. The victims in Pig Butchering schemes are referred to as...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/02/05 9:59 p.m.32 views

Clorox counts the cost of cyberattack

Cleaning products maker Clorox has reported losses of $49 million in connection to a cyberattack it suffered in August of last year. On Monday, August 14, 2023, Clorox disclosed it had identified unauthorized activity on some of its IT systems. Despite a business continuity plan, the incident...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/01/11 4:39 p.m.32 views

Ransomware review: January 2024

This article is based on research by Marcelo Rivero, Malwarebytes ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim did not pay a ransom. This provides the best overall picture of...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/11/22 12:41 p.m.32 views

Malwarebytes consumer product roundup: The latest

At Malwarebytes, we’re constantly evolving to protect our customers. These days, our products don’t just protect you from malware, we protect your identity, defend you from ads, safeguard your social media, and keep your mobile safe too. Here are the innovations we’ve made in our products recentl...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/09/18 10:30 a.m.32 views

Malwarebytes named leader across six endpoint security categories, marking its ease of use, in G2 Fall 2023 results

The peer-to-peer review source G2 has released their Fall 2023 reports, ranking Malwarebytes as a leader across a number of endpoint protection categories. In the most recent results, Malwarebytes is the only vendor to earn the "Easiest to Use" and "Easiest Admin" recognition for its Endpoint...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/08/09 2:0 a.m.32 views

Cloudflare Tunnel increasingly abused by cybercriminals

Cloudflare Tunnel provides you with a secure way to connect your resources to Cloudflare without a publicly routable IP address. Cybercriminals are increasingly using this service to keep their activities from being detected. Cloudflare Tunnel, also known by its executable name, Cloudflared,...

7.3AI score
Exploits0
Total number of security vulnerabilities4709