Lucene search
K
MalwarebytesMost viewed

4709 matches found

Malwarebytes
Malwarebytes
added 2023/03/27 5:0 a.m.30 views

GitHub accidentally exposes RSA SSH key

Late last week, GitHub tweeted that it had replaced its RSA SSH "out of an abundance of caution," after accidentally exposing the key on a publicly accessible repository. How the accidental exposure managed to happen is unknown, but it means that anyone that happened to notice it and was able to...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/21 4:0 a.m.30 views

How to set up two-factor authentication on Twitter using an app

If you use text based authentication as an additional level of security for your Twitter account, you may be aware that this option will be reserved for paying Twitter Blue subscribers come mid-March. This post will explain how to enable app based authentication. We found it easier to do on our...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/08 1:0 a.m.30 views

ION starts bringing customers back online after LockBit ransomware attack

ION Group, a financial software firm, is reportedly beginning to bring clients back online after being hit by a ransomware attack late last week. The Russian-linked LockBit ransomware group claimed responsibility for attacking a division of ION Group, which affecting 42 clients in Europe and the...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/12/12 3:0 a.m.30 views

A week in security (December 5 - 11)

Last week on Malwarebytes Labs: Security advisories are falling short. Here's why, with Dustin Childs: Lock and Code S03E25 Eufy "no cloud" security cameras streaming data to the cloud Snapchat gives Californians more power over their personal data Update now! Emergency fix for Google Chrome's V8...

Exploits0
Malwarebytes
Malwarebytes
added 2022/12/08 12:45 p.m.30 views

Apple's AirTag stalker safeguards are "woefully inadequate," alleges lawsuit

Two women filed a proposed class-action lawsuit on Monday, December 5, in the United States District Court for the Northern District of California against Apple, the makers of AirTags. Airtags are a small Bluetooth-enabled devices designed to track personal belongings. The suit accuses the compan...

Exploits0
Malwarebytes
Malwarebytes
added 2022/10/26 11:45 p.m.30 views

US agencies issue warning about DAIXIN Team ransomware

The FBI, Cybersecurity and Infrastructure Security Agency CISA, and the Department of Health and Human Services HHS have issued a joint advisory about DAIXIN Team, a fledgling ransomware and data exfiltration group that has been targeting US healthcare. First spotted in June 2022, the DAIXIN Team...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/09/28 10:30 a.m.30 views

Erbium stealer on the hunt for data

Theres a new slice of malware-as-a-service doing the rounds, although its actual newness is somewhat contested. The stealer, called Erbium, was first spotted on forums back in July 2022, but it seems nobody is quite sure when it started being deployed and snagging victims. Nevertheless, it is now...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/09/21 12:30 p.m.30 views

Scammers send fake 'Energy Bills Support Scheme' texts

Watch out for an energy-themed scam being sent out via SMS. The message plays on energy price fears, similar to what weve seen previously. Scam alert. I just received this text. Click through and it looks very official. Its a scam. The £400 energy bill discount is automatic, you dont need to...

1.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/09/20 3:0 p.m.30 views

Kiwi Farms breached, user data potentially exposed

The operators of a site known to most observers for being in a recent state of flux have announced a forum breach. Kiwi Farms, which gained a reputation for sophisticated trolling and doxxing, was recently dropped by Cloudflare after a sustained campaign to have the DDoS mitigation and cloud...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/09/05 2:30 p.m.30 views

Microsoft will disable Basic authentication for Exchange Online in less than a month

Microsoft has posted a reminder on the Exchange Team blog that Basic authentication for Exchange Online will be disabled in less than a month, on October 1, 2022. The first announcement of the change stems from September 20, 2019. With so much warning you might expect organizations to be ready, a...

Exploits0
Malwarebytes
Malwarebytes
added 2022/08/31 9:0 a.m.30 views

Final Fantasy 14 players targeted by QR code phishing

Final Fantasy 14, the smash-hit online role playing game, is under fire from scammers. The attack is a devious way to try and compromise player accounts, making use of free item promises and bogus QR codes. As the game is a constantly changing service, its almost impossible to keep up with new...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/04 8:48 p.m.30 views

Ransomware review: July 2022

Malwarebytes Threat Intelligence builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their Dark Web leak sites. This information represents victims who were successfully attacked but opted not to pay a ransom. In July, LockBit maintained...

0.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/04 1:19 p.m.30 views

Ransomware protection with Malwarebytes EDR: Your FAQs, answered!

We get a few questions about ransomware protection and how our Endpoint Detection and Response software can protect you from ransomware. In this post, our security experts answer some of your most frequently asked questions about ransomware and how our EDR can help—let’s get started. Q: When...

Exploits0
Malwarebytes
Malwarebytes
added 2022/07/14 2:38 p.m.30 views

China’s Tonto Team increases espionage activities against Russia

According to analyses of several cybersecurity firms and CERT Computer Emergency Response Team Ukraine CERT-UA, the state-sponsored threat actor group Tonto Team, which has been linked to China-backed cyber operations, is ramping up its spying campaign against Russian government agencies. The...

0.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/07/04 12:1 p.m.30 views

5 pro-freedom technologies that could change the Internet

In the digital era, freedom is inextricably linked to privacy. After a good start, the Internet-enabled, technological revolution we are living through has hit some bumps in the road. We have already lost a lot of control over who and what has access to our data, and there are further threats to...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/07/04 10:4 a.m.30 views

A week in security (June 27 – July 3)

Last week on Malwarebytes Labs: Ransomware review: June 2022 AstraLocker 2.0 ransomware isn’t going to give you your files back YTStealer targets YouTube content creators ZuoRAT is a sophisticated malware that mainly targets SOHO routers Amazon Photos vulnerability could have given attackers acce...

0.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/06/21 10:45 a.m.30 views

You can be tracked online using your Chrome browser extensions

A researcher has found a way to generate a fingerprint of your device from your installed Google Chrome extensions, and then use that fingerprint to track you online. Fingerprinting is a way of figuring out what makes your device unique and then using that to identify you as you move around the...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/06/03 2:22 p.m.30 views

Internet Safety Month: Avoiding the consequences of unsafe Internet practices

Welcome to Internet Safety Month, a once-a-year event in which you, the public, are told that anywhere between three and 30 different best practices will simplify your approach to staying safe online. Unfortunately, much of the well-intentioned advice surrounding Internet Safety Month ignores one...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/05/09 3:54 p.m.30 views

Costa Rica continues defence against sustained Conti ransomware attacks

Its not been plain sailing recently for Conti ransomware, the Ransomware as a Service RaaS group with several major attacks under its belt. In August last year, a pen tester leaked valuable manuals and documents related to the operation. These leaks continued as the Conti gang expressed support f...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/05/06 10:37 a.m.30 views

How Instagram scammers talk users out of their accounts

If youve dealt with a scammer, youll know that making up stories is their bread and butter. Think about it: Just when you thought youd heard all the infamous 419 scam backstories, scammers surprise you with a "stuck astronaut" scam, something so utterly hilarious, nonsensical, and otherworldly th...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/05/03 1:16 p.m.30 views

Airdrop phishing: what is it, and how is my cryptocurrency at risk?

Airdrop phishing is a really popular tactic at the moment. It emerged alongside the explosion of Web3/NFT/cryptocurrency popularity, and ensures scammers get a slice of the money pie. You may well have heard the term in passing, and wondered what an Airdrop is. Is your iPhone about to be Airdrop...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/03/04 6:10 p.m.30 views

Update now! Cisco fixes several vulnerabilities

Cisco has released a security advisory about two vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS. The flaws could allow an authenticated, remote attacker with read/write privileges to the application t...

7.8AI score0.03177EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2022/02/17 4:59 p.m.30 views

Firefox and Chrome reaching major versions 100 may break some websites

Mozilla has issued a warning about the upcoming versions 100 for both Chrome and Firefox. The change in the version number from 2 to 3 digits may cause some problems when visiting websites that are not prepared for this change. For example, it’s possible that some parsing libraries may have...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/01/31 5:6 p.m.30 views

How a few PhD students revealed that phishing trainings might just not work: Lock and Code S03E03

Youve likely fallen for it before—a simulated test sent by your own company to determine whether or not its employees are vulnerable to one of the most pernicious online threats today: Phishing. Phishing has evolved in recent history, and as scammers have rolled out increasingly clever—and...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/12/23 11:36 p.m.30 views

Dridex affiliate dresses up as Scrooge

Threat actors are hoping to catch a few more victims before they leave work for the Christmas holidays. The recent malicious spam campaigns malspam we and others have observed appear to have been created by someone who wants to play Scrooge and add onto peoples already heightened state of anxiety...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/12/09 2:8 p.m.30 views

What is a search engine and why does anyone care which one you use?

An attempt at a simple definition: a search engine is a software system that allows users to find content on the Internet based on their input. The introduction of the major search engines brought about huge changes in the way we use the Internet. There is a wealth of knowledge available for thos...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/11/16 3:34 p.m.30 views

SoNot SoSafe: Android malware disguises itself as secure messaging app

If you haven’t heard of SoSafe Chat, you will now. This Android app, purported as a secure messaging application that uses end-to-end encryption, is the latest ruse cybercriminals put upon smartphone users, particularly those based in India, to infect their devices with GravityRAT, a piece of...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/11/03 5:1 p.m.30 views

Credit card skimmer evades Virtual Machines

This blog post was authored by Jérôme Segura There are many techniques threat actors use to slow down analysis or, even better, evade detection. Perhaps the most popular method is to detect virtual machines commonly used by security researchers and sandboxing solutions. Reverse engineers are...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/11/01 11:33 a.m.30 views

A week in security (Oct 25 – Oct 31)

Last week on Malwarebytes Labs Beyond the VPN: Ultimate online privacy with the Tor Project’s Isabela Bagueros: Lock and Code S02E20 Patch now to bypass Firefox add-ons that abuse the proxy API to deny updates How social media mistakes can impact cybersecurity Update now! Apple patches bugs in iO...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/10/08 9:8 a.m.30 views

GnuPG fixes a problem with Let’s Encrypt certificate chain validation

Despite advance warnings that a root certificate provided by Let’s Encrypt would expire on September 30, users reported issues with a variety of services and websites once that deadline hit. So what happened? The problem A number of high profile tech and security companies noticed their products...

0.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/10/07 3:22 p.m.30 views

US Navy ship Facebook page hijacked to stream video games

The official Facebook page of the US Navy’s destroyer-class warship, USS Kidd, has been hijacked. According to Task & Purpose, who first reported on the incident, the account has done nothing but stream Age of Empires, an award-winning, history-based real-time strategy RTS video game wherein...

1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/10/06 11:57 a.m.30 views

Twitch compromised: What we know so far, and what you need to do

Update, 7th October: Twitch has now confirmed the breach. The companys statement is as follows: We have learned that some data was exposed to the internet due to an error in a Twitch server configuration change that was subsequently accessed by a malicious third party. At this time, we have no...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/10/04 7:24 p.m.30 views

Neiman Marcus data breach affects millions

Millions of Neiman Marcus customers have had their personal and financial information exposed in a data breach. In a press release the company confirmed unauthorized access to customer online accounts. According to the press release 4.6 million customers of Neiman Marcus Group stores, specificall...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/09/29 1:23 p.m.30 views

Microsoft, CISA and NSA offer security tools and advice, but will you take it?

Microsoft offers to help you with patching Exchange servers, CISA offers an insider threat tool, and together with the NSA they offer advice on how to choose and harden your VPN. These initiatives from major parties aim to help organizations assess and manage their security needs. But will they...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/09/20 12:17 p.m.30 views

Microsoft makes a bold move towards a password-less future

In a recent blog Microsoft announced that as of September 15, 2021 you can completely remove the password from your Microsoft account and use the Microsoft Authenticator app, Windows Hello, a security key, or a verification code sent to your phone or email to sign in to Microsoft apps and service...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/08/20 4:58 p.m.30 views

New variant of Konni malware used in campaign targetting Russia

This blog post was authored by Hossein Jazi In late July 2021, we identified an ongoing spear phishing campaign pushing Konni Rat to target Russia. Konni was first observed in the wild in 2014 and has been potentially linked to the North Korean APT group named APT37. We discovered two documents...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/05/18 5:12 p.m.30 views

4 things you should know about testing AV software with VirusTotal’s free online multiscanner

As COVID-19 soldiers on, small and medium-size businesses now feel as ripe for malware attacks as deep-pocketed multinationals. SMBs see that, along with remote work, our pandemic has also brought troubling new holes to their security. This means cybercriminals—equal opportunity charlatans that...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/12/22 2:4 p.m.30 views

Beware: not so festive social media scams

We’re now into the most crucial stage of Christmas festivities, where money and gifts are on the march…and social media is a conduit for both good and bad tidings. This is the absolute best time for social media scammers to make their move. A little confidence trick here, the promise of good chee...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/11/30 11:11 a.m.30 views

November spam roundup: Stalkers, property tips, porn, stern words and PayPal

Today were rounding up some of the interesting pieces of spam currently in circulation, taking in everything from housing deals to mysteriously free slices of cash. You may have seen some of these already. Hopefully we can help make up your mind about whatevers lurking in your mailbox. A full hou...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/09/30 3:30 p.m.30 views

Introducing VideoBytes, by Malwarebytes Labs

We have exciting news for avid readers of Malwarebytes Labs: This week, we’re launching a new, monthly video series that will feature the research, insights, and commentary of our own Adam Kujawa, security evangelist and a director for Malwarebytes Labs. Welcome to VideoBytes, our little corner o...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/07/31 3:0 p.m.30 views

Avoid these PayPal phishing emails

For the last few weeks, there’s been a solid stream of fake PayPal emails in circulation, twisting FOMO fear of missing out into DO THIS OR BAD THINGS WILL HAPPEN. It’s one of the most common tools in the scammer’s arsenal, and a little pressure applied in the right way often brings results for...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/06/18 3:30 p.m.30 views

Facial recognition: tech giants take a step back

Last week, a few major tech companies informed the public that they will not provide facial recognition software to law enforcement. These companies are concerned about the way in which their technology might be used. What happens when software that threatens our privacy falls into the hands of...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/06/10 3:30 p.m.30 views

MSPs, know what you’re really looking for in an RMM platform

MSPs naturally adapt and mature as innovative technologies and more effective processes are introduced into the industry. But with ransomware cyberattacks happening left and right, pushing them to evolve even further, MSPs are left with no choice but to go with the flow. Going for improved...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/04/22 5:54 p.m.30 views

iOS Mail bug allows remote zero-click attacks

On Monday, ZecOps released a report about a couple concerning vulnerabilities with the Mail app in iOS. These vulnerabilities would allow an attacker to execute arbitrary code in the Mail app or the maild process that assists the Mail app behind the scenes. Most concerning, though, is the fact th...

0.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/02/18 5:25 p.m.30 views

Harnessing the power of identity management (IDaaS) in the cloud

Sometimes, consumers have it easy. Take, for example, when they accidentally lock themselves out of their personal email. Their solution? Reset the password. With one click, they're able to change their old, complicated password with a new, more memorable one. Self-service password reset is aweso...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/01/15 4:59 p.m.30 views

Rules on deepfakes take hold in the US

For years, an annual, must-pass federal spending bill has served as a vehicle for minor or contentious provisions that might otherwise falter in standalone legislation, such as the prohibition of new service member uniforms, or the indefinite detainment of individuals without trial. In 2019, that...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/12/10 5:30 p.m.30 views

Hundreds of counterfeit online shoe stores injected with credit card skimmer

There's a well-worn saying in security: "If it's too good to be true, then it probably isn't." This can easily be applied to the myriad of online stores that sell counterfeit goods—and now attract secondary fraud in the form of a credit card skimmer. Allured by great deals on brand names, many...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/05/24 3:0 p.m.30 views

Happy anniversary to Dreamcast…and its scams

This month marks 20 years since the legendary SEGA Dreamcast console was first announced. Looked on fondly by gamers, it revolutionised many aspects of gaming and brought cheapish online console gaming to the masses. Click to enlarge SEGA has endured many, many calls for it to come back as...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/02/08 7:23 p.m.30 views

New Deepfakes forum goes mining with Coinhive

You may or may be familiar with the furore over Deepfakes, a relatively new development in pornography involving a tool called FacesApp, which is capable of producing a real porn clip that replaces the original actors' heads with those of celebrities—or indeed, anyone at all. Online fakes have be...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/11/06 6:0 p.m.30 views

A week in security (October 30 – November 5)

Last week on our blog, we told you what to expect at the upcoming Irisscon security conference in Dublin. We gave you a quick introduction into the why and how of analyzing malware based on their API calls. And we issued a warning about some lesser-known cybercrimes. Plus we explained why emergin...

6.8AI score
Exploits0
Total number of security vulnerabilities4709