4662 matches found
Mother of all Breaches may contain NEW breach data
On January 23, 2024, we reported on the discovery of billions of exposed records online, now commonly referred to as the “mother of all breaches” MOAB. Since then, the source of the dataset has been identified as data breach search engine Leak-Lookup. Prevention platform SpyCloud compared the MOA...
Decline in robocalls is encouraging, efforts seem to be working
The Federal Communications Commission FCC has announced that its recent actions with the Federal Trade Commission FTC against international robocalls appear to have had an effect. Robocalls are automated phone calls, often associated with scams and unwanted solicitations, which can be a nuisance ...
AI used to fake voices of loved ones in “I’ve been in an accident” scam
The San Francisco Chronicle tells a story about a family that almost got scammed when they heard their sons voice telling them hed been in a car accident and hurt a pregnant woman. Sadly, this is becoming more common. Scammers want to spread panic among their victims, and to do this, they feign a...
Alleged FruitFly malware creator ruled incompetent to stand trial
On January 4, 2017, Case Western Reserve University CWRU, located in Cleveland, Ohio, became aware of an infection on more than 100 of its computers. The university was notified by an undisclosed third party, who provided information to help the team find and identify the malware. CWRU began...
Malvertisers zoom in on cryptocurrencies and initial access
During the past month, we have observed an increase in the number of malicious ads on Google searches for "Zoom", the popular piece of video conferencing software. Threat actors have been alternating between different keywords for software downloads such as "Advanced IP Scanner" or "WinSCP"...
Malwarebytes consumer product roundup: The latest
At Malwarebytes, we’re constantly evolving to protect our customers. These days, our products don’t just protect you from malware, we protect your identity, defend you from ads, safeguard your social media, and keep your mobile safe too. Here are the innovations we’ve made in our products recentl...
State of Maine data breach impacts 1.3 million people
The US State of Maine says it has suffered a data breach impacting around 1.3 million people. According to the census from July 2022, thats more or less the the entire population of Maine. The State of Maine says it was compromised via a known vulnerability in secure transfer service MOVEit...
test post
...
Giant health insurer struck by ransomware didn't have antivirus protection
The Philippine Health Insurance Corporation PhilHealth, has confirmed that it was unprotected by antivirus software when it was attacked by the Medusa ransomware group in September. Antivirus software--or more correctly, its modern descendents endpoint security and Endpoint Detection and Response...
iPhone 15 launch: Wonderlust scammers rear their heads
Yesterday, Apple launched its latest iPhone and Watch models at its massive Wonderlust event. As with many high profile launches like this, it attracted not just a mountain of press, but a whole load of scammers too. One site uses the Apple brand to host a cryptocurrency scam. The hook is a...
Chrome's "Enhanced Ad Privacy": What you need to know
Users of Google's Chrome web browser may wish to dig into their privacy settings as a new feature regarding advertising privacy slowly rolls out to the masses. Googles "Enhanced Ad Privacy" feature may soon appear in your browser, tied to choices regarding a new Chrome feature named Topics. This ...
Password-stealing Chrome extension smuggled on to Web Store
Researchers at the University of Wisconsin-Madison have demonstrated that Chrome browser extensions can steal passwords from the text input fields in websites, even if the extension is compliant with Chrome's latest security and privacy standard, Manifest V3. To prove it, they created a proof of...
Minecraft fans beware: Players and servers at risk from BleedingPipe vulnerability
Minecraft players interested in modding are potentially at risk of compromise. A Remote Code Execution RCE vulnerability in certain Minecraft mods allows for malicious commands on both servers and clients. The vulnerability, named BleedingPipe, allows attackers to take over a targeted server...
Public companies must now disclose breaches within 4 days
Public organisations in the US impacted by a cyberattack will now have to disclose it within four days…with some caveats attached. On Wednesday, new rules were approved by the US Securities and Exchange Commission SEC. These rules mean that publicly traded companies will need to reveal said attac...
Microsoft Azure AD flaw can lead to account takeover
Researchers have found that a flaw in Microsoft Azure AD can be used by attackers to take over accounts that rely on pre-established trust. In a nutshell, Microsoft Azure AD allows you to change the email address associated with an account without verification of whether you are in control of tha...
Warning: Victims' faces placed on explicit images in sextortion scam
The FBI has issued a warning about criminals digitally manipulating people's faces on to pornographic images--known as deepfaking--and then using those images to harass or extort money out of their victim in a practice known as sextortion. The FBI said the victims include children. From the...
Trusting AI not to lie: The cost of truth: Lock and Code S04E12
In May, a lawyer who was defending their client in a lawsuit against Columbia's biggest airline, Avianca, submitted a legal filing before a court in Manhattan, New York, that listed several previous cases as support for their main argument to continue the lawsuit. But when the court reviewed the...
5 unusual cybersecurity tips that actually work
So, youre on top of your software updates, you use a password manager, youve enabled two-factor authentication wherever you can, youve got BrowserGuard installed, and youre running Malwarebytes Premium. If you're doing all of that you're already winning at security. But you want more, because you...
Google takes CryptBot to the wood shed
Google is in the midst of a legal campaign designed to take down the creators of a very persistent piece of malware called CryptBot. This malware, which Google claims compromised roughly 670k computers, set about infecting users of the Chrome browser. Unfortunately for the malware campaign...
Adult content malvertising scheme leads to clickjacking
Malwarebytes researchers have found a malvertising scheme that leads to clickjacking. Clickjacking is a form of ad fraud which is also referred to as click fraud or click spam. It is a practice performed by certain dubious advertising networks, where they sometimes use automated programs--from...
TikTok: What’s going on and should I be worried?
Since 2020, several governments and organizations have banned, or considered banning, the immensely popular social media app TikTok from their staffs devices. With all these alarming bells ringing, we thought it might be handy to break down what we know and see if we can plot a sensible strategy...
"Log-out king" Instagram scammer gets accounts taken down, then charges to reinstate them
A fraudster going by "OBN Brandon" has been defrauding Instagram influencers and entertainment figures out of hundreds of thousands of dollars by taking down their accounts and then asking for money to get them back up again, ProPublica reports. OBN has been successful in his exploits taking...
Zero-day spells disaster for Bitcoin ATM
Bitcoin ATMs have experienced a severe bout of cash drain after a zero-day bug was exploited to steal a total of $1.5 million in digital currency. The ATMs, located in various convenience stores, function along the lines of regular banking ATMs except your dealings are all in the cryptocurrency...
Malware creator who compromised 10,000 computers arrested
The creator of a Remote Access Trojan RAT, responsible for compromising more than 10,000 computers, has been arrested by law enforcement in Ukraine. At the time of the arrest, the developer still had real-time access to 600 PCs. According to the announcement, the RAT could tell infected devices t...
LockBit ransomware attacks Essendant
The LockBit ransomware group is claiming responsibility for taking down a US-based distributor of office products called Essendant. This attack, which is said to have begun on or around March 6, created severe ramifications for the organisation, disrupting freight carrier pickups, online orders,...
How to set up two-factor authentication on Twitter using an app
If you use text based authentication as an additional level of security for your Twitter account, you may be aware that this option will be reserved for paying Twitter Blue subscribers come mid-March. This post will explain how to enable app based authentication. We found it easier to do on our...
What is AI good at (and what the heck is it, actually), with Josh Saxe: Lock and Code S04E04
In November of last year, the AI research and development lab OpenAI revealed its latest, most advanced language project: A tool called ChatGPT. ChatGPT is so much more than "just" a chatbot. As users have shown with repeated testing and prodding, ChatGPT seems to "understand" things. It can give...
Up to 10 million people potentially impacted by JD Sports breach
Were at the start of February, and news of breaches keeps on coming. In this case, though, while the news that 10 million JD Sports customers may have been impacted by a cyber attack has only just arrived, the data potentially accessed in that attack is already several years old. The danger zone ...
A private moment, caught by a Roomba, ended up on Facebook. Eileen Guo explains how: Lock and Code S04E03
In 2020, a photo of a woman sitting on a toilet--her shorts pulled half-way down her thighs--was shared on Facebook, and it was shared by someone whose job it was to look at that photo and, by labeling the objects in it, help train an artificial intelligence system for a vacuum. Bizarre? Yes...
Fighting technology's gender gap with TracketPacer: Lock and Code S04E02
Last month, the TikTok user TracketPacer posted a video online called "Network Engineering Facts to Impress No One at Zero Parties." TracketPacer regularly posts fun, educational content about how the Internet operates. The account is run by a network engineer named Lexie Cooper, who has worked i...
The Guardian hit by "ransomware attack"
On Tuesday December 20, 2022 British newspaper The Guardian experienced a major IT security incident that crippled a part of its IT infrastructure. The suspected cause is ransomware. In an online article the newspaper published an internal statement from the chief executive and the editor-in-chie...
Millions of Gemini cryptocurrency exchange user details leaked
If youre a user of the Gemini cryptocurrency exchange, its time to be on your guard against phishing attacks. Gemini says its own systems have not been compromised, but an unnamed third party has become the focal point for a breach. On December 13 or some point before, rogues gained access to jus...
Maintenance Mode aims to keep phone data private during repairs
One of the biggest data related headaches youll face with a mobile device is what do to in the event of a repair. When you have to send your phone in for a fix, what happens to your data? In many cases, the repair technicians will simply scrub the phone by default unless you ask them not to. In...
Hookup site targeted by typo-squatters
Ethical hacker and security researcher Kody Kinzie shared with BleepingComputer a list of over 50 domains of which many are spelling variations of the brand name Sniffies. Sniffies identifies itself as a "modern, map-based, meetup app for gay, bi, and curious guys." Kody used an open source tool...
Uber hacked
Uber informed the public on Thursday it was responding to a cybersecurity incident after somebody breached its network. From what we have been able to find out so far, the attacker managed to compromise an employees access to the chat app Slack. The intruder may also have gained access to the...
Here are the new security and privacy features of iOS 16
On Monday, September 12, Apple released iOS 16, which included a host of new security and privacy features. Let's look at what these are--and some quality-of-life QoL changes. Lockdown Mode As Macrumors calls it, Lockdown Mode is an "extreme" security setting ideal for those who regularly find...
Ransomwater confusion, does the criminal know who the victim is?
When we say that attribution is always tricky, we are obviously only seeing the half of it. Apparently sometimes even the cybercriminals are not always clear on which company they breached. Clop ransomware put out a statement that they breached Thames Water when in reality their victim was South...
Elden Ring maker Bandai Namco hit by ransomware and data leaks
Its not been a great couple of months for gaming giant Bandai Namco. The name behind smash hit titles like Elden Ring and Dark Souls has endured a long run of cheats and hacks. Hacking concerns led to Remote Code Execution issues, and multiplayer features in Souls titles were disabled for months...
PyPI starts rolling out required 2FA for important projects
The Python Package Index PyPI says it has begun rolling out a two-factor authentication 2FA requirement which enforces maintainers of critical projects to have 2FA enabled to publish, update, or modify them. PyPI plays an important role in the Python developers ecosystem. Python repository PyPi i...
Europe threatens to ban Facebook over data transfers to the US
If regulators have their way, data transfers from Facebook and Instagram between Europe and the United States could stop this summer. WhatsApp, another Meta service, will not be affected by the decision as it has a different data controller within Meta. This could force Meta, Facebooks parent...
AstraLocker 2.0 ransomware isn’t going to give you your files back
Reversing Labs reports that the latest verison of AstraLocker ransomware is engaged in a a so-called "smash and grab" ransomware operation. Smash and grab is all about maxing out profit in the fastest time. It works on the assumption by malware authors that security software or victims will find...
A week in security (June 6 – June 12)
Last week on Malwarebytes Labs: FBI warns of scammers soliciting donations for Ukraine Microsoft autopatch is here…but can you use it? Prometheus ransomwares flaws inspired researchers to try to build a near-universal decryption tool Rotten apples banned from App store Hackers can take over...
Cloud data breaches: 4 biggest threats to cloud storage security
Just about anywhere you look, organizations are using the cloud in some form—and they’re not all large enterprises. Small and medium businesses SMBs are also reaping the many benefits that the cloud offers over on-premise software, especially the lowered IT costs, increased scalability, and large...
SSNDOB stolen data marketplace shut down by global law enforcement operation
The United States Department of Justice has announced a major takedown of a criminal marketplace that traded Personally Identifiable Information PII. Not just any old marketplace; this was a major, years-long operation with several failsafes to prevent permanent takedown. It took quite the...
More than a quarter of Americans fell for robocall scam calls in past year
More and more Americans have been falling victim to phone scams since 2019. According to the latest report from Truecaller Google Docs upload of the entire report, separate blog here, a known spam blocker and caller ID app, 68.4 million Americans were victimized in the last 12 months, a substanti...
Phishing mail claims a 3D Secure upgrade is required
Today we took a look at a phishing mail pinning its hopes on a QR code linking to a bogus website. Scammers claim that your mail address has "not been registered for the 3D Secure Security Update". 3D Secure phishing mail The mail reads as follows: Dear Sir / Madam, Our administration has shown...
Eerie GoodWill ransomware forces victims to publish videos of good deeds on social media
Ransomware does what the name implies: holds your files or network to ransom. Pay the authors, typically in cryptocurrency, and you may get your files back. Refuse, and the files could be lost forever or even leaked to the far corners of the net. Sometimes creators of ransomware try different...
Hunting down your data with Whitney Merrill: Lock and Code S03E11
Depending on where you live, you can ask a company to hand over all the data it has collected about you and, in a matter of weeks as mandated by law, that company has to fork that information over. Whether the company will abide on time, however, is a different story. In the European Union, the...
Chicago students lose data to ransomware attackers
Chicago Public Schools CPS disclosed on Friday that students may have had their data taken in a ransomware incident involving one of its vendors. The ransomware attack happened last December at Battelle for Kids BfK, based in Columbus Ohio, which develops services to provide innovation in schools...
OpenSea warns of Discord channel compromise
OpenSea, the primary marketplace for buyers and sellers of non-fungible tokens NFTs, has reported major problems with its Discord support channel. How major? Well, theres a "potential vulnerability" which allowed spambots to post phishing links to other users. A problem that lead OpenSea Support ...