4711 matches found
Microsoft: Slow MFA adoption presents “dangerous mismatch” in security
Multi-factor authentication MFA has been around for many years now, but few enterprises have fully embraced it. In fact, according to Microsofts inaugural "Cyber Signals" report, only 22 percent of all its Azure Active Directory AD enterprise clients have adopted two-factor authentication 2FA, a...
Software engineer hacked webcams to spy on girls—Here’s how to protect yourself
A 32 year-old software engineer has been sentenced to two years and two months in prison for remotely accessing chat logs, photos, videos, and webcams of his female victims. For nine years, between 2010 to 2019, Robert Davies used malware to infiltrate his targets devices and access their data...
Microsoft disrupts China-based hacking group Nickel
Microsoft has taken control of 42 web domains that a hacking group was using to try to breach its targets. On December 2, the Microsoft Digital Crimes Unit DCU filed pleadings with the US District Court for the Eastern District of Virginia seeking authority to take control of the sites that it...
Emotet being spread via malicious Windows App Installer packages
As reported by Cryptolaemus on Twitter, and demonstrated step by step by BleepingComputer, Emotet is now being distributed through malicious Windows App Installer packages that pretend to be Adobe PDF software. How does the attack work? To understand what Microsoft is supposed to do about this...
Protect yourself from BlackMatter ransomware: Advice issued
Despite promises made by the BlackMatter ransomware gang about which organizations and business types they would avoid, multiple US critical infrastructure entities have been targeted. Now, the Federal Bureau of Investigation FBI, in conjunction with the Cybersecurity and Infrastructure Security...
A week in security (Oct 4 – Oct 10)
Last week on Malwarebytes Labs Does Cybersecurity Awareness Month actually improve security? Police take a piece out of a ransomware gang, but won’t say which one Neiman Marcus data breach affects millions Windows 11 is out. Is it any good for security? Criminals were inside Syniverse for 5 years...
At long last, Microsoft is disabling Excel 4.0 macros by default
Sometimes good news in the security world comes unexpectedly. This is one of those times. After three decades of macro viruses, and three decades of trying to convince every single Excel user individually to disable macros, Microsoft is going disable Excel 4.0 macros for everyone. Better late tha...
The FCC moves to curb SIM swap attacks
The Federal Communications Commission FCC is going to set new rules to curb the rising threat of SIM swapping, also known as SIMjacking. SIM swapping and the very similar port-out fraud is the unlawful use of someones personal information to steal their phone number and swap or transfer it to...
New Mac malware masquerades as iTerm2, Remote Desktop and other apps
Last week, security researcher Patrick Wardle released details of a new piece of malware masquerading as the legitimate app iTerm2. The malware was discovered earlier the same day by security researcher Zhi @CodeColorist on Twitter, and detailed on a Chinese-language blog. For those who dont spea...
A week in security (August 23 – August 29)
Last week on Malwarebytes Labs: Patch now! Microsoft Exchange is being attacked via ProxyShell Realtek-based routers, smart devices are being gobbled up by a voracious botnet Criminals exploited weak checks and old tech to pull off vast COVID benefit fraud Mice “taking over the world!”, one Windo...
How to stay secure from ransomware attacks this Labor Day weekend
Labor Day weekend is just around the corner and, believe it or not, cybercriminals are likely just as excited as you are! Ransomware gangs have nurtured a nasty habit of starting their attacks at the least convenient times: When computers are idle, when employees who might notice a problem are ou...
Twitter takes aim at the chaos, clutter and trolls with new feature concepts
Twitter is potentially looking to add some new features to combat specific forms of abuse and / or aggravation on the platform. They’re still at the design stage, but they’re asking for feedback and it seems this will happen down the line. With that in mind, let’s take a look at what they’re up t...
800 arrests after police dupe crime groups into using backdoored phones
An international operation that monitored an encrypted device company under control of the Federal Bureau of Investigation FBI and the Australian Federal Police AFP has led to a massive, coordinated string by law enforcement in several countries. The setup Law enforcement agencies around the worl...
Lock and Code S1Ep19: Forecasting IoT cybersecurity with John Donovan and Adam Kujawa
This week on Lock and Code, we offer something special for listeners—a backstage pass to a cybersecurity training that we held for employees during Cybersecurity Awareness Month, which ended in October. The topic? The future of cybersecurity for the Internet of Things. Our guests, Chief Informati...
RegTech explained: a crucial toolset for the financial industry
Every organization in the financial industry needs to meet certain regulatory obligations, even if it’s just filing a tax return or submitting an annual report. In certain industries, such as financial services, theyve added their own additional sets of rules that must be adhered to. For example,...
Prop 24 passes in California, will change data privacy law
First-day returns in California showed voters firmly approving to change their state’s current data privacy law—which already guarantees certain privacy protections that many states do not—through the passage of Prop 24. As of the morning of November 4, according to The Sacramento Bee, 56.1 perce...
Risky business: survey shows majority of people use work devices for personal use
There’s no denying the coronavirus pandemic is having a significant impact on the way we use technology. Some changes feel like a subtle acceleration of behavioral shifts that were already well underway i.e. more online shopping and more streaming TV/movies. Other changes are more extreme and we’...
Fintech industry developments, differences between Europe and the US
“Put your money in the bank and you can watch it grow.” If there is a statement that shows us how much the financial world has changed it’s this one. With the introduction of negative interest, companies and consumers with a large amount of liquid assets are looking for a different way to handle...
Multi-stage APT attack drops Cobalt Strike using Malleable C2 feature
This blog post was authored by Hossein Jazi and Jérôme Segura On June 10, we found a malicious Word document disguised as a resume that uses template injection to drop a .Net Loader. This is the first part of a multi-stage attack that we believe is associated to an APT attack. In the last stage,...
Seven security tips for staying safe on an iPhone
iPhones have a reputation for being notoriously secure. After all, they caused quite the kerfuffle between Apple and the FBI because they are, from the FBI's point of view, too secure! However, don't let that lull you into a false sense of security. Using an iPhone is not an automatic guarantee o...
ChatGPT produced graphic violent images that shocked researchers
AI assistants like ChatGPT are supposed to be safe to use, with appropriate guardrails to stop people creating harmful content. However, a British AI security firm just figured out how to make ChatGPT produce explicit material. Mindgard, a company that tests AI engines for weaknesses, found that ...
A week in security (June 22 – June 28)
Last week on Malwarebytes Labs: Malware steals Chrome session cookies to take over your accounts Beware of "Parcel Expert" job offers: They’re parcel mule scams Update Chrome to patch critical browser security flaws Fake domain renewal emails trick website owners into paying scammers Elite networ...
A week in security (June 15 – June 21)
Last week on Malwarebytes Labs: Nearly 15,000 infected websites cleaned in SocGholish crackdown Apple patches Beats Studio Buds flaw that could turn earbuds into a wiretap Microsoft working on a fix for RoguePlanet, a flaw that grants full PC control Retro gaming fans are the new target for fake...
A week in security (May 18 – May 24)
Last week on Malwarebytes Labs: Update Chrome now: Critical bugs could let attackers run code Microsoft Defender vulnerabilities are being exploited in the wild TikTok, YouTube, and Roblox face scrutiny, but age gates won’t fix child safety Catch spyware in the act with Windows Webcam Monitoring...
AT&T breach data resurfaces with new risks for customers
When data resurfaces, it never comes back weaker. A newly shared dataset tied to AT&T shows just how much more dangerous an “old” breach can become once criminals have enough of the right details to work with. The dataset, privately circulated since February 2, 2026, is described as AT&T customer...
Cyber criminals impersonate payroll, HR and benefits platforms to steal information and funds
The relentless battle against online fraud is a constant evolution, a digital chase where security teams and malicious actors continually adapt. The increasing sophistication of attacks is blurring the lines between legitimate user behavior and impersonation attempts. The campaign we are exposing...
Update now! Apple releases new security patches for vulnerabilities in iPhones, Macs, and more
Apple has released security patches for most of its operating systems, including iOS, Mac, iPadOS, Safari, and visionOS. To check if you’re using the latest software version, go to Settings or System Settings General Software Update. It’s also worth turning on Automatic Updates if you haven’t...
“Simply staggering” surveillance conducted by social media and streaming services, FTC finds
The US Federal Trade Commission FTC released a report that examines the data collection and use practices of major social media and video streaming services, finding that—and this will not come as a surprise to our regular readers—the companies engaged in vast surveillance of consumers in order t...
Change Healthcare confirms the customer data stolen in ransomware attack
For the first time since news broke about a ransomware attack on Change Healthcare, the company has released details about the data stolen during the attack. First, a quick refresher: On February 21, 2024, Change Healthcare experienced serious system outages due to a cyberattack. The incident led...
Explained: Android overlays and how they are used to trick people
Sometimes you’ll see the term "overlays" used in articles about malware and you might wonder what they are. In this post we will try to explain what overlays—particularly on Android devices—are, and how cybercriminals deploy them. Most of the time, overlays are used to make people think they are...
How to turn off location tracking on iOS and iPadOS
On iOS and iPadOS, location services are typically turned on when you first set up your device. However, there may be reasons why you don’t want your device to be located, perhaps because you don’t want to be found but need to keep the device with you. There are a few options to hide your locatio...
How to remove a user from a shared Mac
There will be times when you need to remove a user from a device. In this article well show you how to remove a user from a Mac. For a better understanding its good to understand the difference between an actual user of the device and a "sharing only user." On a Mac, you can use Sharing Only User...
[updated] Deleted iPhone photos show up again after iOS update
iPhone owners are reporting that photos theyd deleted are now back on their phones, after updating to iOS 17.5. With so many users reporting similar oddities, it would seem something went wrong, or at least different than to be expected. Here are some examples from Reddit: “When in conversation...
Introducing the Digital Footprint Portal
Digital security is about so much more than malware. That wasn’t always the case. When I started Malwarebytes more than 16 years ago, malware was the primary security concern—the annoying pop-ups, the fast-spreading viruses, the catastrophic worms—and throughout our company’s history, Malwarebyte...
Cookie consent choices are just being ignored by some websites
In news that is, sadly, unlikely to shock you, new research indicates that many websites ignore visitors choices to refuse cookies and collect their data anyway. Researchers at the University of Amsterdam UvA analyzed 85,000 European websites and came to the conclusion that 90% of them violated a...
AT&T confirms 73 million people affected by data breach
Telecommunications giant AT&T has finally confirmed that 73 million current and former customers have been caught up in a massive dark web data leak. The leaked data includes names, addresses, mobile phone numbers, dates of birth, and social security numbers. Malwarebytes VP of Consumer Privacy,...
Tax scammer goes after small business owners and self-employed people
While most tax payers don’t particularly look forward to tax season, for some scammers it’s like the opening of their hunting season. So its no surprise that our researchers have found yet another tax-related scam. In this most recent scam, weve not seen the lure the scammer uses, but it is likel...
Ransomware review: March 2024
This article is based on research by Marcelo Rivero, Malwarebytes ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim did not pay a ransom. This provides the best overall picture of...
Data brokers admit they’re selling information on precise location, kids, and reproductive healthcare
Information newly made available under California law has shed light on data broker practices, including exactly what categories of information they trade in. Any business that meets the definition of data broker must register with the California Privacy Protection Agency CPPA annually. The CPPA...
Malicious meeting invite fix targets Mac users
Cybercriminals are targeting Mac users interested in cryptocurrency opportunities with fake calendar invites. During the attacks the criminals will send a link supposedly to add a meeting to the target’s calendar. In reality the link runs a script to install Mac malware on the target’s machine...
Android banking trojans: How they steal passwords and drain bank accounts
For the most popular operating system in the world—which is Android and it isn’t even a contest—there’s a sneaky cyberthreat that can empty out a person’s bank accounts to fill the illicit coffers of cybercriminals. These are “Android banking trojans,” and, according to our 2024 ThreatDown State ...
Law enforcement trolls LockBit, reveals massive takedown
In an act of exquisite trolling, the UKs National Crime Agency NCA has announced further details about its disruption of the LockBit ransomware group by using the groups own dark web website. The LockBit dark web site has a new look Since the demise of Conti in 2022, LockBit has been unchallenged...
Why keeping track of user accounts is important
CISA the Cybersecurity & Infrastructure Security Agency has issued a cybersecurity advisory after the discovery of documents containing host and user information of a state government organization’s network environment—including metadata—on a dark web brokerage site. An attacker managed to...
A week in security (February 12 – February 18)
Last week on Malwarebytes Labs: GoldPickaxe Trojan steals your face! Microsoft Exchange vulnerability actively exploited Massive utility scam campaign spreads via online ads Facebook Marketplace users’ stolen data offered for sale How ransomware changed in 2023 Malwarebytes crushes malware all th...
GoldPickaxe Trojan steals your face!
Well, the GoldPickaxe Trojan does not literally steal your face, but it does steal an image of your face in order to be able to identify as you. Researchers have found a family of Trojans, attributed to a financially motivated Chinese group, which come in versions for iOS and Android...
Facebook Marketplace users’ stolen data offered for sale
Personal data belonging to Facebook Marketplace users has been published online, according to BleepingComputer. A cybercriminal was allegedly able to steal a partial database after hacking the systems of a Meta contractor. The leak consists of around 200,000 records that contain names, phone...
AI-generated voices in robocalls are illegal, rules FCC
The Federal Communications Commission FCC has announced that calls made with voices generated with the help of Artificial Intelligence AI will be considered “artificial” under the Telephone Consumer Protection Act TCPA. Effective immediately, that makes robocalls that implement voice cloning...
2 million job seekers targeted by data thieves
A cybercriminal group known as ResumeLooters has infiltrated 65 job listing and retail websites, compromising the personal data of over two million job seekers. The group used SQL injection and cross-site scripting XSS attacks—both common techniques— to extract the sensitive information from the...
2024 State of Ransomware in Education: 92% spike in K-12 attacks
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, “known attacks” are those where the victim did not pay a ransom. This provides the best overall picture of...
23andMe blames “negligent” breach victims, says it’s their own fault
In a surprising move, in a letter to legal representatives of victims of the recent 23andMe data breach, the company has laid the blame at the feet of victims themselves. 23andMe even goes as far as to claim that this wasn’t a data breach at 23andMe at all. The reasoning: “… unauthorized actors...