Lucene search
+L
MalwarebytesMost viewed

4709 matches found

Malwarebytes
Malwarebytes
added 2023/11/22 12:41 p.m.32 views

Malwarebytes consumer product roundup: The latest

At Malwarebytes, we’re constantly evolving to protect our customers. These days, our products don’t just protect you from malware, we protect your identity, defend you from ads, safeguard your social media, and keep your mobile safe too. Here are the innovations we’ve made in our products recentl...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/09/18 10:30 a.m.32 views

Malwarebytes named leader across six endpoint security categories, marking its ease of use, in G2 Fall 2023 results

The peer-to-peer review source G2 has released their Fall 2023 reports, ranking Malwarebytes as a leader across a number of endpoint protection categories. In the most recent results, Malwarebytes is the only vendor to earn the "Easiest to Use" and "Easiest Admin" recognition for its Endpoint...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/08/09 2:0 a.m.32 views

Cloudflare Tunnel increasingly abused by cybercriminals

Cloudflare Tunnel provides you with a secure way to connect your resources to Cloudflare without a publicly routable IP address. Cybercriminals are increasingly using this service to keep their activities from being detected. Cloudflare Tunnel, also known by its executable name, Cloudflared,...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/27 1:0 a.m.32 views

ChatGPT writes insecure code

Research by computer scientists associated with the Universite du Quebec in Canada has found that ChatGPT, OpenAI's popular chatbot, is prone to generating insecure code. "How Secure is Code Generated by ChatGPT?" is the work of Raphael Khoury, Anderson Avila, Jacob Brunelle, and Baba Mamadou...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/03/08 1:0 a.m.32 views

DeepStreamer: Illegal movie streaming platforms hide lucrative ad fraud operation

This investigation was a joint effort between Malwarebytes Threat Intelligence's Jerome Segura, DeepSee's Rocky Moss and Antonio Torres. Key findings Over a dozen unique domains were found selling ad inventory through Google Ad Manager, even though the pages were embedded invisibly under the...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/15 1:0 a.m.32 views

TrickBot gang members sanctioned after pandemic ransomware attacks

In a collaborative partnership, officials in the United States and the United Kingdom unmasked and imposed financial sanctions against seven members of the notorious Russian gang TrickBot alias "TrickLoader", a mainstream banking Trojan turned malware-as-a-service MaaS platform for other criminal...

1.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/24 11:0 a.m.32 views

ChromeOS vulnerability found by Microsoft

Microsoft recently released a report about a ChromeOS remote memory corruption vulnerability. The issue has already been fixed. In fact, it was reported to Google in April. The fix was applied shortly after, and released on June 15. The resulting deep-dive from Microsoft is a fascinating look at...

10AI score0.0069EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2022/07/26 3:57 p.m.32 views

SonicWall urges customers to patch critical SQL injection bug ASAP

Cybersecurity hardware company, SonicWall, recently released a public security notice about a critical SQL injection flaw affecting its GMS Global Management System and Analytics On-Prem products. The flaw, which is tracked as CVE-2022-22280, is given a 9.4 critical rating. With the high capabili...

9.9AI score0.09261EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2022/07/06 3:9 p.m.32 views

Discord Shame channel goes phishing

A variant of a popular piece of social media fraud has made its way onto Discord servers. Multiple people are reporting messages of an "Is this you" nature, tied to a specific Discord channel. is this a new discord scam or something? someone I haven’t spoken to in years randomly sent me this and...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/06/23 3:15 p.m.32 views

Rogue cryptocurrency billboards go phishing for wallets

Billboards and digital real world advertising has raised many questions of privacy and anonymity in recent years. Until now, the primary concern has been mostly legal, yet potentially objectionable geolocation and user profiling. Bluetooth beacons work in tandem with geofenced billboards to send...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/06/21 3:49 p.m.32 views

DFSCoerce, a new NTLM relay attack, can take control over a Windows domain

A researcher has published a Proof-of-Concept PoC for an NTLM relay attack dubbed DFSCoerce. The method leverages the Distributed File System: Namespace Management Protocol MS-DFSNM to seize control of a Windows domain. Active Directory A directory service is a hierarchical arrangement of objects...

1.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/06/16 4:28 p.m.32 views

Hertzbleed exposes computers’ secret whispers

Hertzbleed is the name for a vulnerability that can be used to obtain cryptographic keys and other secret data from Intel and AMD CPUs, remotely. It works by monitoring changes in power consumption, which can be deduced by the careful timing of known workloads, thanks to a processor power saving...

6.3AI score0.12124EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2022/06/07 9:47 p.m.32 views

Ransomware Task Force priorities see progress in first year

This blog is part of our live coverage from RSA Conference 2022: US President Joseph R. Biden Jr., The White House, and law enforcement agencies across the world paid close attention last year when a group of more than 60 cybersecurity experts launched the Ransomware Task Force, heeding the group...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/03/24 11:53 a.m.32 views

Elden Ring exploit traps players in infinite death loop

Back in January, we wrote about how the Dark Souls games had their online components switched off for PC gamers. This is because someone figured out how to execute code remotely on the target’s PC. Given that the multiplayer angle of Souls games is rather important, this was quite a body blow for...

8.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/02/04 1:9 p.m.32 views

FBI warns of bogus job postings on recruitment sites

Before Christmas was a busy time down at the fake job factory, with all manner of dubious antics out to ruin someone’s day. We’re now info February and the bogus job offers show no sign of abating. In fact, the FBI considers it to be such a problem that its issued an alert. This isn’t your typica...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/12/23 10:12 a.m.32 views

Logistics giant warns of scams following ransomware attack

German logistics giant Hellmann Worldwide Logistics has issued a warning that data was stolen from the company when it was hit with a ransomware attack on December 9, 2021. It is not entirely clear what type of data was extracted, but the company says it is warning partners and customers to doubl...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/11/25 4:20 p.m.32 views

Improving security for mobile devices: CISA issues guides

The Cybersecurity and Infrastructure Security Agency CISA has released two actionable Capacity Enhancement Guides CEGs to help users and organizations improve mobile device cybersecurity. Consumers One of the guides is intended for consumers. There are an estimated 294 million smart phone users i...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/10/14 9:40 p.m.32 views

Adblocker promises to blocks ads, injects them instead

Researchers at Imperva uncovered a new ad injection campaign based on an adblocker named AllBlock. The AllBlock extension was available at the time of writing for Chrome and Opera in the respective web stores. While disguising your adware as an adblocker may seem counterintuitive, it is actually ...

6.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/10/11 11:53 a.m.32 views

Google warns some users that FancyBear’s been prowling around

APT28, also known as FancyBear, is at the heart of another targeted campaign. This time, it’s sniffing around users of Google services. Some 14,000 people have been notified about a spear phish attempt looking to compromise accounts and access their files. When did this happen? Sometime late...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/10/07 11:9 a.m.32 views

Stop. Do you really need another security tool?

The last few years have seen a mushrooming of the number and type of security tools that organizations can use to protect themselves. You can have tools, tools to integrate the tools, tools to monitor the tools, APIs, dashboards so many dashboards, and machine learning with everything. And yet,...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/10/04 9:15 a.m.32 views

A week in security (Sept 27 – Oct 3)

Last week on Malwarebytes Labs Teaching cybersecurity skills to special needs children with Alana Robinson: Lock and Code S02E18 Phone screenshots accidentally leaked online by stalkerware-type company FoggyWeb, analysis of a Nobelium backdoor Instagram Kids put on hold Microsoft, CISA and NSA...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/09/30 4:1 p.m.32 views

Android Trojan GriftHorse, the gift horse you definitely should look in the mouth

Researchers at Zimperium have discovered an aggressive mobile premium services campaign with over 10 million victims all over the world. The stolen amount could amass hundreds of millions of Euros. The scam was hidden behind malicious Android apps, and the researchers have named the Trojan...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/09/23 12:55 p.m.32 views

How to clear your cache

The term “cache” refers to a storage container. If you’re familiar with the outdoor recreational activity geocaching, you may be familiar with the term outside of computing. But in website and computer terms, a cache is temporary storage that is used to speed up future requests and load things mo...

Exploits0
Malwarebytes
Malwarebytes
added 2021/08/20 3:15 p.m.32 views

Largest DDoS attack ever reported gets hoovered up by Cloudflare

On the Cloudflare blog, the American web infrastructure behemoth that provides content delivery network CDN and DDoS mitigation services reports that it detected and mitigated a 17.2 million request-per-second rps DDoS attack. To put that number in perspective. The company reports that this is...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/06/08 6:7 p.m.32 views

TrickBot indictment reveals the scale and complexity of organized cybercrime

Back in 2016, we saw the emergence of a botnet mainstay called TrickBot. Initially observed by our Labs team spreading via malvertising campaigns, it quickly became a major problem for businesses everywhere. Whether spread by malvertising or email spam, the end result was the same. Data...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/14 11:54 a.m.32 views

Ransomware disrupts food supply chain, Exchange exploitation suspected

When malware found its way into the network of Bakker Logistiek, a company specializing in the transport and warehousing of food and other products, on the night of 4 to 5 April, its IT systems ground to a halt. And, along with them, the reception of orders from clients, and the delivery of goods...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/02/05 8:6 p.m.32 views

Barcode Scanner app on Google Play infects 10 million users with one update

UPDATE: February 12, 2021 It has come to our attention that there is another bad actor in this story. Apparently, the original publisher, LAVABIRD LTD, is not the bad actor. It is instead an account under the name "The space team." Nevertheless, there is evidence that updates of Barcode Scanner b...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/11/16 5:35 p.m.32 views

A week in security (November 9 – November 15)

Last week on Malwarebytes Labs, we reported on multiple patch releases: from Mozillas Firefox and Thunderbird to Googles Chrome. We also had a chat with our resident experts, Adam Kujawa and John Donovan, about the future of IoT cybersecurity in our latest Lock and Code podcast episode. Lastly, w...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/10/12 3:0 p.m.32 views

Lock and Code S1Ep17: Journalism’s role in cybersecurity with Alfred Ng and Seth Rosenblatt

Most everything about cybersecurity—the threats, the vulnerabilities, the breaches and the blunders—doesnt happen in a vacuum. And the public doesn’t learn about those things because threat actors advertise their exploits, or because companies trumpet their lackluster data security practices. No,...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/06/01 2:30 p.m.32 views

A week in security (May 25 – 31)

Last week on Malwarebytes Labs, we published our most recent episode of our podcast Lock and Code, providing an in-depth discussion on web browser privacy, looked at the membership bump for the Coalition against Stalkerware, and dug into EDR solutions. We also looked at twists added to the threat...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/05/26 3:27 p.m.32 views

Lock and Code S1Ep7: Sounding the trumpet on web browser privacy with Pieter Arntz

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Pieter Arntz, malware intelligence researcher at Malwarebytes, about web browser privacy—an often neglected subcategory of data privacy. Without the prop...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/03/18 3:36 p.m.32 views

Cybercriminals impersonate World Health Organization to distribute fake coronavirus e-book

The number of scams, threats, and malware campaigns taking advantage of public concern over the coronavirus is increasing each day. As a result, we've been actively monitoring emails within our spam honeypot to flag such threats and make sure our users are protected. Yesterday, we observed a...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/02/28 5:54 p.m.32 views

Domen toolkit gets back to work with new malvertising campaign

Last year, we documented a new social engineering toolkit we called "Domen" being used in the wild. Threat actors were using this kit to trick visitors into visiting compromised websites and installing malware under the guise of a browser update or missing font. Despite being a robust toolkit, we...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/02/24 4:0 p.m.32 views

Why managed service providers (MSP) are critical for business continuity

With the threat landscape becoming more hostile to businesses, small- and medium-sized businesses SMBs are often finding it difficult to cope. Hence, they turn to managed service providers MSPs for help, not only to keep their businesses going—the concept known as business continuity—but also to...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/02/18 4:40 p.m.32 views

A week in security (February 10 – 16)

Last week on Malwarebytes Labs, we explained how to battle online coronavirus scams with facts, discussed the persistent re-infection techniques of Android/Trojan.xHelper and how to remove it, provided cyber tips for safe online dating, and showed how Hollywood teaches us misleading cybersecurity...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/09/09 3:36 p.m.32 views

When corporate communications look like a phish

Many organizations will spend significant sums of money on phishing training for employees. Taking the form of regular awareness training, or even simulated phishes to test employee awareness, this is a common practice at larger companies. However, even after training, a consistent baseline of...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/04/29 3:31 p.m.32 views

A week in security (April 22 – 28)

Last week on Labs, we looked at security threats to headphones, privacy options in the world of law, and wandered through the FBI’s 2018 IC3 online crime report. We also explored another MageCart attack, and we released our 2019 Q1 Crime Tactics and Techniques report. Other cybersecurity news...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/04/22 6:15 p.m.32 views

Of hoodies and headphones: a spotlight on risks surrounding audio output devices

More than a decade ago, cardiologists from the Beth Israel Medical Center in Boston presented their findings at the American Heart Association AHA Scientific Sessions 2008 about MP3 headphones causing disruptions with heart devices—such as the pacemaker and the implantable cardioverter...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/03/21 3:0 p.m.32 views

Are hackers gonna hack anymore? Not if we keep reusing passwords

Enterprises have a password problem, and it’s one that is making the work of hackers a lot easier. From credential stuffing to brute force and password spraying attacks, modern hackers don’t have to do much hacking in order to compromise internal corporate networks. Instead, they log in using wea...

Exploits0
Malwarebytes
Malwarebytes
added 2018/05/11 3:0 p.m.32 views

Where did the tech support scam blacklist go?

For about five years, we've maintained a blacklist of recognized tech support scammers, along with websites and phone numbers they might use to contact victims. The blacklist was part of our Tech support scams: help and resource page, which tells readers how scams work, what tricks to look out fo...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/11/06 5:45 p.m.32 views

Explained: blockchain technology

Last week, we talked about what cryptocurrency is and why cybercriminals love it. We mentioned that cryptocurrency was founded on a technology called blockchain, which is a tight system that, when applied correctly, is more secure than most other financial transactions. In this post, we'll explai...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/10/24 5:0 p.m.32 views

Digital forensics: How to recover deleted files

Where I personally have a problem remembering names and birthdays, computers have a hard time “forgetting” things. Even when we tell them to do so. If you ever unintentionally deleted a file, you may have been able to retrieve it from the Recycle Bin. Or, if it was past that stage and the file wa...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/07/02 4:5 p.m.31 views

Fake Google and Cloudflare verification pages spread multiple malware families

Updated July 6 to add connections with SyncTDS and TrafficTDS ClickFix attacks, which trick people into running malicious commands themselves, continue to evolve. This latest campaign uses fake Google and Cloudflare verification pages to convince victims to infect their own devices. A single...

6.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/06/16 1:0 p.m.31 views

“Free World Cup stream” sites are serving scams, not football

With the World Cup on, you'll find no shortage of websites promising every match, live, in HD, for free. They look convincing, usually with a video player, a "Live Stream Available" indicator, a row of server buttons, maybe a match schedule, and a "Watch Live" button. There's no signup, no paywal...

5.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/06/01 1:52 a.m.31 views

Payment apps are watching what you say (Lock and Code S07E11)

This week on the Lock and Code podcast … In the United States today, you can have your bank account closed, your credit cards cancelled, and your online payments revoked for any number of crimes, like funding terrorism, engaging in money laundering, or violating sanctions. Sensible, right? Well,...

5.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/04/29 10:42 a.m.31 views

What privacy? Perplexity wants your data, builds browser to track you and serve ads

AI search service Perplexity AI doesn't just want you using its app—it wants to take over your web browsing experience too. The company is planning to launch its own browser, called Comet, next month. But what does this mean for your privacy? Launched in 2022, Perplexity AI is an AI-powered searc...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/01/03 4:37 p.m.31 views

“Can you try a game I made?” Fake game sites lead to information stealers

The background and the IOCs for this blog were gathered by an Expert helper on our forums and Malwarebytes researchers. Our thanks go out to them. A new, malicious campaign is making the rounds online and it starts simple: Unwitting targets receive a direct message DM on a Discord server asking...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/03/19 7:33 p.m.31 views

Upcoming webinar: How a leading architecture firm approaches cybersecurity

How does a company navigate over 80 years of technical debt? Which tools do a security team of 5 rely on everyday? What threats are considered most dangerous? On March 28, 2024, Malwarebytes CEO, Marcin Kleczynski, and Payette Associates Director of Information Technology, Dan Gallivan, will answ...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/02/26 4:23 p.m.31 views

How to make a fake ID online, with Joseph Cox: Lock and Code S05E05

This week on the Lock and Code podcast… For decades, fake IDs had roughly three purposes: Buying booze before legally allowed, getting into age-restricted clubs, and, we can only assume, completing nation-state spycraft for embedded informants and double agents. In 2024, thats changed, as the use...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/02/21 12:58 p.m.31 views

[updated] Vibrator virus steals your personal information

I know that some of you are expecting a post similar to that about a toothbrush botnet, but this is not a hypothetical case. It actually happened. A Malwarebytes Premium customer started a thread on Reddit saying we had blocked malware from trying to infect their computer after they connected a...

7.3AI score
Exploits0
Total number of security vulnerabilities4709