Lucene search
K
MalwarebytesMost viewed

4709 matches found

Malwarebytes
Malwarebytes
added 2024/01/03 4:29 p.m.31 views

Investment fraud a serious money maker for criminals

Europols’s spotlight report ‘Online fraud schemes: a web of deceit’, looks into online fraud schemes—a major crime threat in the EU and beyond—and one of the reports primary themes is investment fraud. But first I want to share some more remarkable conclusions from the report: Charity scams that...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/11/06 11:27 a.m.31 views

Medical research data Advarra stolen after SIM swap

Clinical research company Advarra has reportedly been compromised after a SIM swap on one of their executives. SIM swapping, also known as SIM jacking, is the act of illegally taking over a target’s cell phone number. This can be done in a number of ways, but one of the most common methods involv...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/10/30 10:51 p.m.31 views

OneView updates: Dive into Report 2.0 & the new Global Site Filter

Were rolling out two new features to enhance usability in OneView, our multi-tenant platform for Managed Service Providers: Report 2.0 and the Global Site Filter. Heres what you need to know: Report 2.0: Improved Reporting in OneView Report 2.0 offers a more streamlined approach to reporting with...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/09/12 2:45 p.m.31 views

Ransomware review: September 2023

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim did not pay a ransom. This provides the best overall picture of...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/19 1:0 a.m.31 views

Microsoft validation error allowed state actor to access user email of government agencies and others

Microsoft is getting criticized for the way in which it handled a serious security incident that allowed a suspected Chinese espionage group to access user email from approximately 25 organizations, including government agencies and related consumer accounts in the public cloud. The attacks were...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/09/28 9:15 p.m.31 views

APT28 attack uses old PowerPoint trick to download malware

Researchers at Cluster25 have published research about exploit code that's triggered when a user moves their mouse over a link in a booby-trapped PowerPoint presentation. The code starts a PowerShell script that downloads and executes a dropper for Graphite malware. Graphite is named after...

1.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/09/27 11:0 a.m.31 views

Exchange servers abused for spam through malicious OAuth applications

Microsoft has published a security blog about an investigation into an attack in which threat actors used malicious OAuth applications to abuse Exchange servers for their spam campaign. The threat actor behind this attack has been active for many years, and has been running spam campaigns using...

0.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/07/25 8:44 a.m.31 views

A week in security (July 18 – July 24)

Last week on Malwarebytes Labs: Extortionists target restaurants, demand money to take down bad reviews The FTC will go after companies misusing location, health, and other sensitive data Roblox breached: Internal documents posted online by unknown attackers Warning for WordPress admins: Uninstal...

1.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/05/17 8:16 p.m.31 views

Car owners warned of another theft-enabling relay attack

Tesla owners are no strangers to seeing reports of cars being tampered with outside of their control. Back in 2021, a zero-click exploit aided a drone in taking over the cars entertainment system. In 2016, we had a brakes and doors issue. 2020 saw people rewriting key-fob firmware via Bluetooth...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/04/12 10:48 a.m.31 views

Apps removed from Google Play for harvesting user data

Dozens of apps were removed from the Google Play Store after they were found to be harvesting the data of device owners. The code in question—a software development kit SDK—was used inside apps which were downloaded over 10 million times. What happened? A wide range of Android apps were found to...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/04/01 9:44 p.m.31 views

New UAC-0056 activity: There’s a Go Elephant in the room

This blog post was authored by Ankur Saini, Roberto Santos and Hossein Jazi. UAC-0056 also known as SaintBear, UNC2589 and TA471 is a cyber espionage actor that has been active since early 2021 and has mainly targeted Ukraine and Georgia. The group is known to have performed a wiper attack in...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/03/11 8:50 p.m.31 views

HBO sued for sharing subscriber data with Facebook

HBO Max subscribers Angel McDaniel and Constance Simon filed a class-action lawsuit against HBO on Tuesday, alleging that the company has violated their privacy by sharing subscriber viewing data with Facebook. Bursor & Fisher filed the case on behalf of McDaniel and Simon. According to case...

0.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/02/04 4:7 p.m.31 views

Threat actor steals email with Zimbra zero-day

Researchers have discovered a threat actor attempting to exploit a cross-site scripting XSS zero-day vulnerability in the Zimbra email platform. Zimbra is open source webmail application used for messaging and collaboration. Cross-site scripting is a type of injection attack wherein a vulnerabili...

1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/12/02 4:0 p.m.31 views

SideCopy APT: Connecting lures to victims, payloads to infrastructure

This blog post was authored by Hossein Jazi and the Threat Intelligence Team. Last week, Facebook announced that back in August it had taken action against a Pakistani APT group known as SideCopy. Facebook describes how the threat actors used romantic lures to compromise targets in Afghanistan. I...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/11/25 2:26 p.m.31 views

New law will issue bans, fines for using default passwords on smart devices

The idea of connecting your entire home to the internet was once a mind-blowing concept. Thanks to smart devices, that concept is now a reality. However, this technological advancement aimed at making our lives more convenient—not to mention very cool and futuristic!—has also opened a wide door f...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/11/17 7:54 p.m.31 views

Bogus JS libraries become sustained ransomware threat for Roblox gamers

If your kids play Roblox, you may wish to warn them of ransomware perils snapping at their heels. A very smart, and determined attack has been taking place for a little while now. Although initially dismissed as a form of prank, the developers under fire now disagree. Whether prank or malicious...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/11/01 4:58 p.m.31 views

Lessons from a real-life ransomware attack

Ransomware attacks, despite dramatically increasing in frequency this summer, remain opaque for many potential victims. It isn’t anyone’s fault, necessarily, since news articles about ransomware attacks often focus on the attack, the suspected threat actors, the ransomware type, and, well, not mu...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/10/22 2:0 p.m.31 views

We dig into the Game Players Code

Gaming security is getting a lot of attention at the moment. Rightly so; it’s a huge target for scammers and malware authors. Malicious ads, fake games, survey scams, phishing attacks…whatever you can think of, it’s in use. Some target kids and steal their accounts, selling them on. Others go aft...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/10/04 11:4 a.m.31 views

Does Cybersecurity Awareness Month actually improve security?

October is Cybersecurity Awareness Month, formerly known as National Cybersecurity Awareness Month. The idea is to raise awareness about cybersecurity, and provide resources for people to feel safer and more secure online. The month is a collaboration between the Cybersecurity and Infrastructure...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/06/29 3:28 p.m.31 views

Fired by algorithm: The future’s here and it’s a robot wearing a white collar

Black Mirror meets 1984. Imagine that your employer uses a bot to keep track of your “production level.” And when this bot finds that you are an under-performer it fires off a contract-termination mail. Does this sound like the world you live in? Unfortunately, for some people it is. The case...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/05/24 7:15 a.m.31 views

Shining a light on dark patterns with Carey Parker: Lock and Code S02E09

This week on Lock and Code, we speak to cybersecurity advocate and author Carey Parker about "dark patterns," which are subtle tricks online to get you to make choices that might actually harm you. Dark patterns have been around for years, and the tricks theyre based on are even older. Ever bough...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/12/15 1:23 p.m.31 views

NCSC: Be Cyber Aware, especially during the Christmas season

In early December, the National Cyber Security Centre, a UK-based cybersecurity body and a part of GCHQ, kicked off the next chapter of its Cyber Aware campaign initiative, focusing on online shopping threats during the Christmas season. Cyber Aware is the UK government’s "national campaign on...

7.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/12/03 4:30 p.m.31 views

VideoBytes: Is it goodbye forever to Maze ransomware?

Hello Folks! In this Videobyte we’re talking about Maze ransomware and whether or not its shutting down, and what that means for the cybercrime world. The notorious Maze ransomware group, known for its corporate targeting and data leaking extortion schemes is, apparently, shutting down operations...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/10/01 4:56 p.m.31 views

Chaos in a cup: When ransomware creeps into your smart coffee maker

When the fledgling concept of the Internet of Things IoT was beginning to excite the world almost a decade ago, perhaps no coffee lover at that time wouldve imagined including the coffee machine in the roster of internet-connected devices—even in jest. True, the simple, utilitarian coffee machine...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/09/21 4:16 p.m.31 views

A week in security (September 14 – 20)

Last week on Malwarebytes Labs, we looked at Fintech industry developments, specifically the differences between Europe and the US, and we analyzed how some charities and the advertising industry are tied together. We also told readers about what companies can do to counter domain name abuse. In...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/07/08 3:30 p.m.31 views

We found yet another phone with pre-installed malware via the Lifeline Assistance program

We have discovered, yet again, another phone model with pre-installed malware provided from the Lifeline Assistance program via Assurance Wireless by Virgin Mobile. This time, an ANS American Network Solutions UL40 running Android OS 7.1.1. After our writing back in January—"United States...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/05/26 3:27 p.m.31 views

Lock and Code S1Ep7: Sounding the trumpet on web browser privacy with Pieter Arntz

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Pieter Arntz, malware intelligence researcher at Malwarebytes, about web browser privacy—an often neglected subcategory of data privacy. Without the prop...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/03/23 7:35 p.m.31 views

Fake “Corona Antivirus” distributes BlackNET remote administration tool

Scammers and malware authors are taking advantage of the coronavirus crisis in full swing. We have seen a number of spam campaigns using COVID-19 as a lure to trick people into installing a variety of malware, but especially data stealers. As more of us work from home, the need to secure your...

0.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/02/19 5:21 p.m.31 views

Rudy Giuliani’s Twitter mishaps invite typosquatters and scammers

Former cybersecurity czar Rudy Giuliani has been targeted by typosquatters on Twitter, thanks to copious misspellings and other keyboarding errors made in a number of his public tweets. In a tweet sent out on Sunday, Giuliani meant to send his 650,000-plus followers to his new website,...

Exploits0
Malwarebytes
Malwarebytes
added 2020/01/13 4:29 p.m.31 views

A week in security (January 6 – 12)

Last week on Malwarebytes Labs, we told readers how to check the safety of websites and their related files, explored the shady behavior taking place within the billion-dollar search industry, broke down the top six ways that hackers target retail businesses, and put a spotlight on the ransomware...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/04/24 3:57 p.m.31 views

A look inside the FBI’s 2018 IC3 online crime report

The FBI’s Internet Crime Complaint Center have released their annual Crime Report, with the most recent release focusing on 2018. While the contents may not surprise, it definitely cements some of the bigger threats to consumers and businesses—and not all of them are particularly high tech...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/04/22 3:47 p.m.31 views

A week in security (April 15 – 21)

Last week, Malwarebytes Labs revealed multiple giveaway online scam campaigns banking on the popularity and generosity of Ellen DeGeneres, weighed in on the hack that compromised legacy Microsoft email service accounts like Hotmail and MSN, explained what “like-farming” means and how to spot it o...

Exploits0
Malwarebytes
Malwarebytes
added 2019/04/08 3:52 p.m.31 views

A week in security (April 1 – 7)

Last week, Malwarebytes Labs took readers on a brief tour of some of the world's most notable data privacy laws, explored how gamers can protect themselves against cyberthreats, and offered thoughts about the reports that a 23-year-old Chinese woman gained access to President Donald Trump’s...

Exploits0
Malwarebytes
Malwarebytes
added 2017/12/08 5:0 p.m.31 views

Napoleon: a new version of Blind ransomware

The ransomware previously known as Blind has been spotted recently with a .napoleon extension and some additional changes. In this post, we'll analyze the sample for its structure, behavior, and distribution method. Analyzed samples 31126f48c7e8700a5d60c5222c8fd0c7 - Blind ransomware the first...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/06/16 1:0 p.m.30 views

“Free World Cup stream” sites are serving scams, not football

With the World Cup on, you'll find no shortage of websites promising every match, live, in HD, for free. They look convincing, usually with a video player, a "Live Stream Available" indicator, a row of server buttons, maybe a match schedule, and a "Watch Live" button. There's no signup, no paywal...

5.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/05/06 1:9 p.m.30 views

Android fixes 47 vulnerabilities, including one zero-day. Update as soon as you can!

Google has patched 47 vulnerabilities in Android, including one actively exploited zero-day vulnerability in its May 2025 Android Security Bulletin. Zero-days are vulnerabilities that are exploited before vendors have a chance to patch them—often before they even know about them. The May updates...

8.1CVSS8.7AI score0.26049EPSS
Exploits1
Malwarebytes
Malwarebytes
added 2025/04/09 3:45 p.m.30 views

WhatsApp for Windows vulnerable to attacks. Update now!

In a security advisory, Meta has disclosed a vulnerability that allowed an attacker to run arbitrary code on a user’s system that existed in all WhatsApp versions before 2.2450.6. WhatsApp offers a desktop application for Windows and macOS, which users can synchronize with their mobile devices...

6.7CVSS7.8AI score0.21096EPSS
Exploits1
Malwarebytes
Malwarebytes
added 2024/07/12 4:35 p.m.30 views

Fake Microsoft Teams for Mac delivers Atomic Stealer

Competition between stealers for macOS is heating up, with a new malvertising campaign luring Mac users via a fraudulent advert for Microsoft Teams. This attack comes on the heels of the new Poseidon OSX.RodStealer project, another threat using a similar code base and delivery techniques. Based o...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/06/18 1:0 p.m.30 views

43% of couples experience pressure to share logins and locations, Malwarebytes finds

All isn’t fair in love and romance today, as 43% of people in a committed relationship said they have felt pressured by their own partners to share logins, passcodes, and/or locations. A worrying 7% admitted that this type of pressure has included the threat of breaking up or the threat of physic...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/06/04 11:58 a.m.30 views

Debt collection agency FBCS leaks information of 3 million US citizens

The US debt collection agency Financial Business and Consumer Solutions FBCS has filed a data breach notification, listing the the total number of people affected as 3,226,631. FBCS is a nationally licensed, third-party collection agency that collects commercial and consumer debts, with most of i...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/04/10 9:35 a.m.30 views

New ransomware group demands Change Healthcare ransom

The Change Healthcare ransomware attack has taken a third cruel twist. A new ransomware group, RansomHub, has listed the organisation as a victim on its dark web leak site, saying it has 4 TB of "highly selective data," which relates to "all Change Health clients that have sensitive data being...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/02/13 4:38 p.m.30 views

Remote Monitoring & Management software used in phishing attacks

Remote Monitoring & Management RMM software, including popular tools like AnyDesk, Atera, and Splashtop, are invaluable for IT administrators today, streamlining tasks and ensuring network integrity from afar. However, these same tools have caught the eye of cybercriminals, who exploit them to...

7.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/02/06 2:44 p.m.30 views

State of Malware 2024: What consumers need to know

Released today, the Malwarebytes State of Malware 2024 report takes a deep dive into the latest developments in the world of cybercrime. As home users, many of the threats we cover will only affect you second hand, such as disruptions after a company suffers a ransomware attack, or when your...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/01/29 7:36 a.m.30 views

A week in security (January 22 – January 28)

Last week on Malwarebytes Labs: 10 things to do to improve your online privacy Ring curtails law enforcement’s access to footage Malicious ads for restricted messaging applications target Chinese users Malwarebytes wins every MRG Effitas award for 2 years in a row AI likely to boost ransomware,...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/12/29 9:0 a.m.30 views

The top 4 ransomware gang failures of 2023

Ransomware gangs care about one thing: Stealing money. Over time, their craven, cybercriminal efforts have toppled businesses, destabilized hospitals, and ruined lives. Worst of all, they show no sign of slowing down, and their extortion attempts—which no longer focus on ransomware delivery...

7.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/11/29 11:0 p.m.30 views

Update now! Chrome fixes actively exploited zero-day vulnerability

Google has released an update to Chrome which includes seven security fixes including one for a vulnerability which is known to have already been exploited. If you’re a Chrome user on Windows, Mac, or Linux, you should update as soon as possible. The easiest way to update Chrome is to set it to...

6.8CVSS7.2AI score0.1963EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2023/09/21 1:0 a.m.30 views

Steer clear of cryptocurrency recovery phrase scams

The dangers of cryptocurrency phishing are back in the news, after tech investor Mark Cuban was reported to have lost around $870k via a phishing link. Cuban lost a combination of coin types as asset movement flagged up after months of inactivity from his wallet. Cuban discovered some of the...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/08/11 10:45 a.m.30 views

Zoom clarifies user consent requirement when training its AI

Changes in the terms of service TOS of the Zoom video-conferencing software have caused some turmoil. Since the pandemic, Zoom Video Conferencing has become a household name. Zoom came up as the big winner in the video conferencing struggle that enabled us to work from home. Now that things are...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/12 1:0 a.m.30 views

Criminals target businesses with malicious extension for Meta's Ads Manager and accidentally leak stolen accounts

Like all social media platforms, Facebook constantly has to deal with fake accounts, scams and malware. We have written about scams targeting consumers that redirect to fake Microsoft alert pages, but there are also threats targeting businesses that use Facebook to promote their products and...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/08 2:0 a.m.30 views

A week in security (May 1 - 7)

Last week on Malwarebytes Labs: How to protect your small business from social engineering Microsoft: You're already using the last version of Windows 10 Is it OK to train an AI on your images, without permission? Upcoming webinar: Is EDR or MDR better for your business? Google Authenticator WILL...

6.9AI score
Exploits0
Total number of security vulnerabilities4709