Lucene search
K
MalwarebytesMost viewed

4709 matches found

Malwarebytes
Malwarebytes
added 2021/05/10 1:43 p.m.29 views

Ransomware attack shuts down Colonial Pipeline fuel supply

UPDATE 10:47 AM Pacific Time, May 10: At 8:55 AM Pacific Time, the FBI confirmed that Colonial Pipeline was attacked by Darkside. According to a statement posted on Twitter, the FBI said: "The FBI confirms that the Darkside ransomware is responsible for the compromise of Colonial Pipeline network...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/11/30 5:50 p.m.29 views

Baltimore gets hit by ransomware again, the schools this time

All Baltimore County Public Schools closed Wednesday after the school system was hit with a ransomware attack, according to officials. Baltimore County Public Schools superintended Dr. Darryl Williams stated: “This morning, we decided to close all BCPS schools and offices in order to access and...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/11/18 4:16 p.m.29 views

Chris Krebs, director of Cybersecurity and Infrastructure Security Agency, fired by President

On Tuesday evening, President Donald Trump fired Chris Krebs, director of the Cybersecurity and Infrastructure Security Agency CISA, just days after CISA called the recent presidential election the “most secure in American history.” In a tweet posted the same day, the President justified his...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/10/19 6:28 p.m.29 views

A week in security (October 12 – October 18)

Last week on Malwarebytes Labs, we looked at journalism’s role in cybersecurity on our Lock and Code podcast, gave tips for safer shopping on Amazon Prime day, and discussed an APT attack springing into life as Academia returned to the real and virtual campus environment. We also dug into potenti...

7.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/10/15 3:0 p.m.29 views

How Covid fatigue puts your physical and digital health in jeopardy

After six months of social distancing, sheltering in place, working from home, distance learning, mask-wearing, hand-washing, and plenty of hand-wringing, people are pretty damn tired of COVID-19. And with no magic bullet yet and no end in sight, annoyance has turned into exasperation and even...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/08/05 4:35 p.m.29 views

Data Accountability and Transparency Act of 2020 looks beyond consent

In the United States, data privacy is hard work—particularly for the American people. But one US Senator believes it shouldn’t have to be. In June, Democratic Senator Sherrod Brown of Ohio released a discussion draft of a new data privacy bill to improve Americans’ data privacy rights and their...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/07/16 5:53 p.m.29 views

Coordinated Twitter attack rakes in 100 grand

Update 7/18/2020 Twitter released an update about the situation and their investigation on their blog. Update 8/2/2020 ZDNet published a timeline based on the court documents released by the DOJ "Im feeling generous because of Covid-19. Ill double any BTC payment sent to my BTC address for the ne...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/06/22 3:0 p.m.29 views

Lock and Code S1Ep9: Strengthening and forgetting passwords with Matt Davey and Kyle Swank

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Matt Davey, chief operations optimist at 1Password, and Kyle Swank, a member of 1Password’s security team, about—what else—passwords. We may know it’s...

7.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/01/07 5:45 p.m.29 views

Dubious downloads: How to check if a website and its files are malicious

A significant amount of malware infections and potentially unwanted program PUP irritants are the result of downloads from unreliable sources. There are a multitude of websites that specialize in distributing malicious payloads by offering them up as something legitimate or by bundling the desire...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/08/28 5:31 p.m.29 views

Making the case: How to get the board to invest in higher education cybersecurity

Security leaders in institutions of higher education face unique challenges, as they are charged with keeping data and the network secure, while also allowing for a culture of openness, sharing, and communication—all cornerstones of the academic community. And depending on the college or...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/04/23 5:3 p.m.29 views

Consumers have few legal options for protecting privacy

There are no promises in the words, “We care about user privacy.” Yet, these words appear on privacy policy after privacy policy, serving as disingenuous banners to hide potentially invasive corporate practices, including clandestine data collection, sharing, and selling. This is no accident. It ...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/07/17 12:5 p.m.29 views

Cybercrime tactics & techniques Q2 2018

A generally slow quarter reflects an overall lull in cybercrime, picking up where Q1 left off with cryptominers continuing to dominate, ransomware continuing to evolve through experimentation, and exploits making a small but significant comeback. In nearly every malware category for both business...

0.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/03/28 3:0 p.m.29 views

10 ways to protect your Android phone

Android has been around for nearly a decade and has come a long way from its early wannabe iPhone days. New features, upgraded camera phones, a wide variety of apps and platforms, and polished interface design have led to a huge install base—a whopping 2 billion+ monthly active devices—making it...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/09/28 4:0 p.m.29 views

Deloitte breached by hackers for months

On September 25, 2017, Deloitte announced that they detected a breach of the firm’s global email server via a poorly secured admin email in March of this year. Further, the attackers most likely had control of the server since November of 2016. Deloitte’s initial statement indicated that only six...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/09/14 4:0 p.m.29 views

Crowdsourced fraud and kickstarted scams

Crowdsourced funding opportunities via Kickstarter, Patreon, and GoFundMe have removed many structural roadblocks for people to access capital quickly and conveniently. But they’ve also lowered the barrier to entry for many very old scams. So how do you tell the difference between a great cause o...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/07/28 6:56 p.m.29 views

Today is System Administrator Appreciation Day

And we are enormously grateful. What started off as a tongue-and-cheek offshoot of Administrative Professionals Day has now become a special holiday that people around the world recognize and practice. Dear reader, today is System Administrator Appreciation Day. Let’s be honest, maintaining the...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/06/08 3:2 p.m.28 views

Americans lost nearly $900 million to AI-powered scams, FBI says

The 2025 Federal Bureau of Investigation FBI Internet Crime Report shows that Americans reported $893,346,472 in AI‑related scam losses. Those losses stem from 22,364 AI-related complaints. And these figures represent only the reported losses, which may well be the proverbial tip of the iceberg...

5.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/06/01 2:40 p.m.28 views

Fake BlueWallet steals passwords, accounts, and crypto from Macs

A fake website impersonating BlueWallet a real Bitcoin wallet is targeting Mac users with a simple but effective attack. BlueWallet itself has not been compromised. Instead, cybercriminals have stolen the name and branding of the legitimate Bitcoin wallet to make a malicious download appear...

5.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/06/01 7:1 a.m.28 views

A week in security (May 25 – May 31)

Last week on Malwarebytes Labs: Payment apps are watching what you say Lock and Code S07E11 Scammers pretending to be Microsoft had help from US executives 700+ education and tech websites hijacked in huge ClickFix malware campaign Fake software on GitHub and SourceForge distribute Deno RAT Fake...

5.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/05/21 5:36 p.m.28 views

Microsoft Defender vulnerabilities are being exploited in the wild

Two Microsoft Defender vulnerabilities are being actively exploited in the wild. On May 20, 2026, the Cybersecurity and Infrastructure Security Agency CISA added a notable set of actively exploited vulnerabilities to its Known Exploited Vulnerabilities KEV catalog. The KEV catalog tracks...

7.8CVSS5.8AI score0.63076EPSS
Exploits2
Malwarebytes
Malwarebytes
added 2025/04/02 1:37 p.m.28 views

“Nudify” deepfakes stored unprotected online

Yesterday, we told you about how millions of pictures from specialized dating apps had been stored online without any kind of password protection. Now it's the turn of an AI "nudify" service. A researcher, famous for finding unprotected cloud storage buckets, has uncovered an unprotected AWS buck...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/11/06 12:46 p.m.28 views

Update your Android: Google patches two zero-day vulnerabilities

Google has announced patches for several high severity vulnerabilities. In total, 51 vulnerabilities have been patched in November's updates, two of which are under limited, active exploitation by cybercriminals. If your Android phone shows patch level 2024-11-05 or later then the issues discusse...

9.8CVSS9.2AI score0.00714EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2024/06/11 10:55 a.m.28 views

When things go wrong: A digital sharing warning for couples

“When things go wrong” is a troubling prospect for most couples to face, but the internet—and the way that romantic partners engage both with and across it—could require that this worst-case scenario become more of a best practice. In new research that Malwarebytes will release this month, romant...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/04/22 3:46 p.m.28 views

Picking fights and gaining rights, with Justin Brookman: Lock and Code S05E09

This week on the Lock and Code podcast… Our Lock and Code host, David Ruiz, has a bit of an apology to make: “Sorry for all the depressing episodes.” When the Lock and Code podcast explored online harassment and abuse this year, our guest provided several guidelines and tips for individuals to lo...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/03/14 5:8 p.m.28 views

TikTok faces ban in US unless it parts ways with Chinese owner ByteDance

The House of Representatives has passed a bill that would effectively ban TikTok from the US unless Chinese owner ByteDance gives up its share of the immensely popular app. TikTok is an immensely popular social media platform that allows users to create, share, and discover, short video clips. It...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/02/01 5:13 p.m.28 views

Tax season is here, so are scammers

The Internal Revenue Service has announced that the 2024 tax filing season has officially begun, with an expected 146 million individual tax returns to be filed. While it is costly and complex for the IRS to process so many digital and paper documents, it can also be a headache for many Americans...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/01/29 4:23 p.m.28 views

Bruce Schneier predicts a future of AI-powered mass spying: Lock and Code S05E03

This week on the Lock and Code podcast… If the internet helped create the era of mass surveillance, then artificial intelligence will bring about an era of mass spying. That’s the latest prediction from noted cryptographer and computer security professional Bruce Schneier, who, in December, share...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/11/23 4:13 p.m.28 views

Chrome pushes forward with plans to limit ad blockers in the future

Google has announced it will shut down Manifest V2 in June 2024 and move on to Manifest V3, the latest version of its Chrome extension specification that has faced criticism for putting limits on ad blockers. Roughly said, Manifest V2 and V3 are the rules that browser extension developers have to...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/11/07 4:58 p.m.28 views

ThreatDown powered by Malwarebytes: A 15 Year Journey

November marks a significant shift in our legacy. After 15 years as Malwarebytes, we are proud to introduce our rebranded identity, ThreatDown powered by Malwarebytes. Building off Malwarebytes’ initial recognition for removing every trace of viruses that others missed, ThreatDown powered by...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/11/06 10:25 a.m.28 views

Defeating Little Brother requires a new outlook on privacy: Lock and Code S04E23

This week on the Lock and Code podcast… A worrying trend is cropping up amongst Americans, particularly within Generation Z—theyre spying on each other more. Whether reading someones DMs, rifling through a partners text messages, or even rummaging through the bags and belongings of someone else,...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/10/27 5:15 a.m.28 views

Octo Tempest cybercriminal group is “a growing concern”—Microsoft

Octo Tempest is believed to be a group of native English speaking cybercriminals that uses social engineering campaigns to compromise organizations all over the world. Initially the group made a name for itself by SIM swapping. SIM swapping, also known as SIM jacking, is the act of illegally taki...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/09/25 10:30 p.m.28 views

Ransomware group claims it's "compromised all of Sony systems"

Newcomer ransomware group RansomedVC claims to have successfully compromised the computer systems of entertainment giant Sony. As ransomware gangs do, it made the announcement on its dark web website, where it sells data that it's stolen from victims' computer networks. The announcement says Sony...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/09/05 2:0 a.m.28 views

Password-stealing Chrome extension smuggled on to Web Store

Researchers at the University of Wisconsin-Madison have demonstrated that Chrome browser extensions can steal passwords from the text input fields in websites, even if the extension is compliant with Chrome's latest security and privacy standard, Manifest V3. To prove it, they created a proof of...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/08/14 8:0 a.m.28 views

A new type of "freedom," or, tracking children with AirTags, with Heather Kelly: Lock and Code S04E17

"Freedom" is a big word, and for many parents today, it's a word that includes location tracking. Across America, parents are snapping up Apple AirTags, the inexpensive location tracking devices that can help owners find lost luggage, misplaced keys, and--increasingly so--roving toddlers setting...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/08/03 8:30 p.m.28 views

Film companies lose battle to unmask Reddit users

An interesting case marking the limits of what data big business can expect to dig up has concluded its day or to be more accurate, many days in court. Ars Technica reports that film companies have lost their battle to make social site Reddit identify anonymous users discussing piracy. No fewer...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/06/23 10:30 p.m.28 views

Microsoft Azure AD flaw can lead to account takeover

Researchers have found that a flaw in Microsoft Azure AD can be used by attackers to take over accounts that rely on pre-established trust. In a nutshell, Microsoft Azure AD allows you to change the email address associated with an account without verification of whether you are in control of tha...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/31 11:45 a.m.28 views

CISA issues warning to US businesses: Beware of China's state-sponsored cyber actor

The US Cybersecurity and Infrastructure Security Agency CISA has an urgent message for US businesses: watch out for Volt Typhoon, a threat actor sponsored by the Peoples Republic of China PRC. The agency's joint Cybersecurity Advisory CSA published last week highlights a cluster of tactics,...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/22 8:0 a.m.28 views

Identity crisis: How an anti-porn crusade could jam the Internet, featuring Alec Muffett: Lock and Code S04E11

On January 1, 2023, the Internet in Louisiana looked a little different than the Internet in Texas, Mississippi, and Arkansas--its next-door state neighbors. And on May 1, the Internet in Utah looked quite different, depending on where you looked, than the Internet in Arizona, or Idaho, or Nevada...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/18 2:0 p.m.28 views

APT attacks: Exploring Advanced Persistent Threats and their evasive techniques

Cyber criminals come in all shapes and sizes. On one end of the spectrum, theres the script kiddie or inexperienced ransomware gang looking to make a quick buck. On the other end are state-sponsored groups using far more sophisticated tactics--often with long-term, strategic goals in mind. Advanc...

7.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/17 2:0 a.m.28 views

Leaked Babuk ransomware builder code lives on as RA Group

The bones of long gone ransomware group Babuk continue to rattle in the breeze, in the form of reused code. Researchers from Cisco Talos have named this new team the "RA Group", a ransomware collective which may have only been up and running since last month. Babuk famously threatened to leak law...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/27 3:0 a.m.28 views

Fileless attacks: How attackers evade traditional AV and how to stop them

When you hear about malware, theres a good chance you think of sketchy executables or files with extensions like .DOCX or .PDF that, once opened, execute malicious code. These are examples of file-based attacks--and while they can be bad, theyre nothing compared to their fileless cousins. As the...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/12 9:0 a.m.28 views

KFC, Pizza Hut owner employee data stolen in ransomware attack

Upon learning that attackers accessed and siphoned data in January, Yum! Brands, the fast-food chain operator behind The Habit Burger Grill, KFC, Pizza Hut, and Taco Bell, has begun sending Notice of Security Breach letters to employees whose data were potentially affected. "We are writing to...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/03/27 2:0 a.m.28 views

Food giant Dole reveals more about ransomware attack

Fruit and vegetable producer Dole has confirmed attackers behind its February ransomware attack accessed employee data. The company hasn't revealed the number of staff impacted. In an annual report filed to the US Securities and Exchange Commission SEC last week, Dole said: "In February of 2023, ...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/30 8:30 a.m.28 views

A private moment, caught by a Roomba, ended up on Facebook. Eileen Guo explains how: Lock and Code S04E03

In 2020, a photo of a woman sitting on a toilet--her shorts pulled half-way down her thighs--was shared on Facebook, and it was shared by someone whose job it was to look at that photo and, by labeling the objects in it, help train an artificial intelligence system for a vacuum. Bizarre? Yes...

Exploits0
Malwarebytes
Malwarebytes
added 2023/01/16 2:0 a.m.28 views

Google to support the use of Rust in Chromium

In a blog by the Chrome security team we learned that the Chromium project is going to support the use of third-party Rust libraries from C++ in Chromium. This is good news because Rust is a so-called memory-safe programming language. So using it in a widespread program like Chrome and the other...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/06/25 4:0 p.m.28 views

5 ways to avoid being catfished

Today, many Americans will head out to the water—not to swim, but to catch a catfish in time for National Catfish Day. But when we talk about catfishing in cybersecurity, we mean something different. Here, catfishing refers to someone who assumes someone elses identity online in order to harass,...

0.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/06/09 5:30 p.m.28 views

Cloud data breaches: 4 biggest threats to cloud storage security

Just about anywhere you look, organizations are using the cloud in some form—and they’re not all large enterprises. Small and medium businesses SMBs are also reaping the many benefits that the cloud offers over on-premise software, especially the lowered IT costs, increased scalability, and large...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/05/26 12:17 p.m.28 views

ChromeLoader targets Chrome Browser users with malicious ISO files

If you’re on the hunt for cracked software or games, be warned. Rogue ISO archive files are looking to infect your systems with ChromeLoader. If you think campaigns such as this only target Windows users, you’d sadly be very much mistaken. The attack sucks in several operating systems and even us...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/04/28 2:27 p.m.28 views

Onyx ransomware destroys files, and also the criminal circle of trust

Some ransomware authors seem to be whittling down their tenuous "circle of trust" style agreement with victims even further. Word has spread of an Onyx ransomware operation a variant of Chaos ransomware which is quite a bit more destructive than those impacted would be hoping for. However, all is...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/04/11 2:14 p.m.28 views

Credential-stealing malware disguises itself as Telegram, targets social media users

A credential-stealing Windows-based malware, Spyware.FFDroider, is after social media credentials and cookies, according to researchers at ThreatLabz. The version analyzed by the researchers was packed with Aspack. The spyware is offered on download sites pretending to be installers for freeware...

0.7AI score
Exploits0
Total number of security vulnerabilities4709