How to back up your iPhone to iCloud

They say the only backup you ever regret is the one you didnt make. iPhone backups can be used to easily move your apps and data to a new phone, to recover things youve lost, or to fix things that have failed. The most convenient way to backup your iPhone is to have it backup to iCloud. Backups a...

Malwarebytes Premium blocks 100% of malware during external AVLab test

Malwarebytes Premium earned a perfect score in the latest AVLab Cybersecurity Foundation “Advanced In-The-Wild Malware Test,” catching and stopping 100% of malware samples, outperforming multiple competitors in the field, and continuing a longstanding tradition of proven, perfect protection for...

How to update outdated software on Mac endpoints: Introducing ThreatDown VPM for Mac

ThreatDown is happy to announce that our Vulnerability Assessment and Patch Management VPM tool is now available for Mac endpoints. There are hundreds of third-party apps that Mac endpoint use on a daily basis—and with that large number of apps comes a dizzying amount of software updates to apply...

Data brokers admit they’re selling information on precise location, kids, and reproductive healthcare

Information newly made available under California law has shed light on data broker practices, including exactly what categories of information they trade in. Any business that meets the definition of data broker must register with the California Privacy Protection Agency CPPA annually. The CPPA...

Wyze cameras show the wrong feeds to customers. Again.

Last September, we wrote an article about how Wyze home cameras temporarily showed other people’s security feeds. As far as home cameras go, we said this is absolutely up there at the top of the “things you don’t want to happen” list. Turning your customers into Peeping Tom against their will and...

FBI removes malware from hundreds of routers across the US

The FBI has used a court order to remove malware from hundreds of routers across the US, and alter the routers’ settings to prevent reinfection. The routers are malware-infected NetGear and Cisco small office/home office SOHO devices that no longer receive updates because they have reached their...

Tax season is here, so are scammers

The Internal Revenue Service has announced that the 2024 tax filing season has officially begun, with an expected 146 million individual tax returns to be filed. While it is costly and complex for the IRS to process so many digital and paper documents, it can also be a headache for many Americans...

Apple warns of “privacy and security threats” after EU requires it to allow sideloading

Despite several warnings about the risks, Apple will allow European iPhone owners to install apps obtained from outside the official App store sideloading. These drastic changes are brought about to comply with the European Union’s EU Digital Markets Act DMA. The Digital Markets Act DMA establish...

Google changes wording for Incognito browsing in Chrome

Users of Chrome Canary have noticed some slight changes in the wording that Google uses for Incognito mode. Chrome Canary is mainly intended for use by developers. It’s updated nearly daily with new features, and because it can be used alongside versions of the “normal” Chrome browser known...

DNA data deserves better, with Suzanne Bernstein: Lock and Code S05E01

This week on the Lock and Code podcast… Hackers want to know everything about you: Your credit card number, your ID and passport info, and now, your DNA. On October 1 2023, on a hacking website called BreachForums, a group of cybercriminals claimed that they had stolen—and would soon...

Explained: Privacy washing

Question: Who said the sentence below? “Privacy is at the heart of everything we do.” Answer: Sundar Pichai, the CEO of Alphabet and its largest subsidiary Google. And if you look at the recent actions Google has announced, you’d be tempted to take his word for it: An initiative to let Chrome hid...

3 benefits of ThreatDown bundles

Traditional approaches to endpoint security today have a three-fold complexity problem—with big consequences. First, complexity in deployment causes long delays in protection, directly impacting ROI and leaving organizations vulnerable to breaches. In fact, almost 10 percent of small security tea...

Introducing Security Advisor Site Scores for OneView: Easy assessment of client security for MSPs

In a world rife with cyber threats, it is crucial for Managed Service Providers MSPs to conduct thorough assessments of their clients’ security posture. Even minor misconfigurations, if overlooked, can leave clients vulnerable to attacks. Yet, lacking the necessary tools, many MSP IT teams are in...

Using ChatGPT to cheat on assignments? New tool detects AI-generated text with amazing accuracy

ChatGPT and similar Large language models LLMs can be used to write texts about any given subject, at any desired length at a speed unmatched by humans. So its not a surprise that students have been using them to "help" write assignments, much to the dismay of teachers who prefer to receive...

TikTok flooded with fake celebrity nude photo Temu referrals

Sites and apps frequently gamify their products and experiences to grow their user base. Its a relatively easy way to have their customers become more involved thanks to whatever incentives may be on offer. A game here, a rewards program there, and everyone is happy. Well, almost everyone. If...

A history of ransomware: How did it get this far?

Today's ransomware is the scourge of many organizations. But where did it start? If we define ransomware as malware that encrypts files to extort the owner of the system, then the first malware that could be classified as ransomware is the 1989 AIDS Trojan. However, while it encrypted filenames a...

Mac users targeted in new malvertising campaign delivering Atomic Stealer

Summary Malicious ads for Google searches are targeting Mac users Phishing sites trick victims into downloading what they believe is the app they want The malware is bundled in an ad-hoc signed app so it cannot be revoked by Apple The payload is a new version of the recent Atomic Stealer for OSX...

Prompt injection could be the SQL injection of the future, warns NCSC

The UK's National Cyber Security Centre NCSC has issued a warning about the risks of integrating large language models LLMs like OpenAIs ChatGPT into other services. One of the major risks is the possibility of prompt injection attacks. The NCSC points out several dangers associated with...

QR codes used to phish for Microsoft credentials

Researchers have published details about a phishing campaign that uses QR codes to phish for Microsoft credentials. A QR Quick Response code is a kind of two-dimensional barcode that holds encoded data in a graphical black-and-white pattern. The data that a QR code stores can include URLs, email...

Attackers demand ransoms for stolen LinkedIn accounts

An ongoing campaign targeting LinkedIn accounts has led to victims losing control of their accounts, or being locked out following repeated login attempts. Whether the attackers are using brute force methods or credential stuffing isn't known, but because some victims are being being locked out...

Malvertisers up their game against researchers

Threat actors constantly take notice of the work and takedown efforts initiated by security researchers. In this constant game of cat and mouse chasing, tactics and techniques keep evolving from simple to more complex, and more covert. This is a trend we have observed time and time again, no matt...

Beware malware posing as beta versions of legitimate apps, warns FBI

The FBI has issued a warning that cybercriminals are embedding malicious code in mobile beta-testing apps in attempts to defraud potential victims. The victims are typically contacted on dating sites and social media, and in some cases they are promised incentives such as large financial payouts...

Meta subsidiaries must pay $14m over misleading data collection disclosure

Meta has run into yet another bout of court related issues--two subsidiaries have been ordered to pay $14 million regarding undisclosed data collection. The Australian case, which has rumbled on for the best part of two and a half years, has focused on claims related to a now discontinued Virtual...

Malwarebytes stops 100% of Advanced Threats in latest AV-Test assessment

AV-TEST, a leading independent tester of cybersecurity solutions, has just given Malwarebytes two Advanced awards for the ability of our consumer and business products to protect against the latest attack techniques. Lets take a deeper dive into the test and the results. Advanced Threat Protectio...

Malicious ad for USPS fishes for banking credentials

We often think of malvertising as being malicious ads that push malware or scams, and quite rightly so these are probably the most common payloads. However, malvertising is also a great vehicle for phishing attacks which we usually see more often via spam emails. Threat actors continue to abuse a...

Online safety tips for LGBTQIA+ communities

The internet is great for bringing people together, helping you feel part of a community, and staying in touch with your nearest and dearest. But it can also be a nasty place - from malware to scammers, to people just being plain awful to others. It's probably not surprising to read that recent...

6 tips for a cybersecure honeymoon

You've done it, you've got married. The big day is over, and while you're relaxing on honeymoon you definitely don't want to get distracted by security problems. So, we rounded up some quick tips to keep you safe. Refrain from posting on social media about your honeymoon. This is good practice...

Strava heatmap loophole may reveal users' home addresses

Researchers at NC State University have outlined potential privacy issues with popular fitness app Strava which could lead to users' homes being pinpointed. The researchers' findings are detailed in a paper called Heat marks the spot: de-anonymising users' geographical data on the Strava heat map...

Play ransomware gang compromises Spanish bank, threatens to leak files

Ransomware is creating additional work for a major Spanish bank. Globalcaja, said to have more than 300 offices in Spain and close to half a million customers, has fallen victim to the Play ransomware gang. The gang claim to have swiped both private and personal information in the attack--includi...

Malvertising via brand impersonation is back again

Web search is about to embark on a new journey thanks to artificial intelligence technology that online giants such as Microsoft and Google are experimenting with. Yet, there is a problem when it comes to malicious ads displayed by search engines that AI likely won't be able to fix. In recent...

PharMerica breach impacts almost 6 million people

US pharmacy giant PharMerica has notified over 5.8 million people about a security incident in which it says personal information and medical information may have been obtained by cybercriminals. The Data Breach Notification lists the total number of persons affected as 5,815,591. An investigatio...

A week in security (May 1 - 7)

Last week on Malwarebytes Labs: How to protect your small business from social engineering Microsoft: You're already using the last version of Windows 10 Is it OK to train an AI on your images, without permission? Upcoming webinar: Is EDR or MDR better for your business? Google Authenticator WILL...

Malware authors join forces and target organisations with Domino Backdoor

Theres a new ransomware gang in town, stitched together from members of well known threat creators to push a new kind of malware focused on punishing unwary organisations. The malware family, called "Domino", is the brainchild of FIN7 and ex-Conti ransomware members. Domino has been seen in attac...

Is AI being used for virtual kidnapping scams?

You may have seen a worrying report of Artificial Intelligence AI being used in a virtual kidnapping scam. The AI was supposedly used to imitate the voice of an Arizona resident's daughter, who claimed to have been kidnapped. The daughter was safe and well elsewhere on a school trip. Unfortunatel...

Ransomware review: March 2023

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their Dark Web leak sites. This information represents victims who were successfully attacke...

AI voice cracks telephone banking voice recognition

Voice ID is slowly rolling out across various banks worldwide as a way to perform user authentication over the phone. However, questions remain about just how secure it is. Now that we have freely available artificial intelligence AI happily replicating peoples voices, could it be a security risk...

Samsung adds Message Guard protection against zero-click exploits

Samsung has announced the introduction of Message Guard for the Samsung Galaxy S23 series. It will be gradually rolled out to other Galaxy smartphones and tablets later this year. Message Guard works on images received in messages by the apps "Samsung Messages" and "Messages by Google" and...

Ransomware pushes City of Oakland into state of emergency

The ransomware attack that hit Oakland on Wednesday February 8, 2023 is still crippling many of the citys services a week later. In fact, the situation is so bad that the Interim City Administrator has now declared a state of emergency. Tweet announcing the state of emergency The ransomware attac...

Stalkerware-type app developers fined by NY Attorney General

Stalkerware is a huge problem when it comes to intrusion into peoples personal lives. "Friends", strangers, family members, abusive spouses and many more can potentially dabble in this malignant pastime and cause all manner of trouble for their target. Thanks to the New York Attorney Generals...

Business Email Compromise attack imitates vendors, targets supply chains

Today we have a fascinating tale of a business email compromise BEC group steering clear of targeting executives, in favour of fouling up supply chains instead. The attack, which may sound overly complicated, is a fairly streamlined attack with the intention of making a lot of money. BEC: What is...

Riot Games refuses to pay ransom to avoid League of Legends leak

After confirming threat actors were able to steal some of its code, Riot Games has also revealed that it received a ransom email from its attacker. The attackers demanding $10 million to stop them leaking source code from League of Legend's and other games. Riot's reply? Today, we received a rans...

New data wipers deployed against Ukraine

As war in Ukraine rages, new destructive malware continues to be discovered. In a recent tweet, the Ukrainian Computer Emergency Response Team CERT-UA named five wipers used against Ukrinform, Ukraines national news agency. It suspects a link to the Sandworm group. UPDATE: UAC-0082 suspected...

3 ways Malwarebytes helps you browse securely and privately online

Malicious links. Third-party ad trackers. Information-gobbling data brokers. Lets face it, the Internet is kind of like the Wild West when it comes to threats to our privacy and security. And unfortunately, it takes a little more than a cowboy hat and a pistol to defend yourself out there. Thats...

"2.6 million DuoLingo account entries" up for sale

Not a week goes by where we dont see an example of data scraping causing concern for both business and folks at home. The latest target happens to be popular language platform DuoLingo, who is currently digging into a forum post concerning data related to its customer accounts. Scraping data for...

VASTFLUX ad fraud massively affected millions of iOS devices, dismantled

Researchers have successfully dismantled a massive ad fraud campaign they stumbled upon by accident. The Satori Threat Intelligence and Research Team dubbed the campaign VASTFLUX, a portmanteau of "fast flux"--an evasion technique involving the constant changing of IP addresses behind a single...

A week in security (January 16—22)

Last week on Malwarebytes Labs: Google to support the use of Rust in Chromium Law enforcement app SweepWizard leaks data on crime suspects Accountant ordered to pay ex-employer after bossware shows "time theft" TikTok dances to the tune of $5.4m cookie fine "Untraceable" surveillance firm sued fo...

LastPass users should move their crypto funds, experts warn

Several experts have warned LastPass users who store cryptocurrency-related login information in their vaults to change that login information as soon as they can. Apparently, cybercriminals who have access to the stolen information are making it a priority to decrypt the data in an attempt to...

Why does technology no longer excite us? Lock and Code S04E01

When did technology last excite you? If Douglas Adams, author of The Hitchhiker's Guide to the Galaxy, is to be believed, your own excitement ended, simply had to end, after turning 35 years old. Decades ago, at first writing privately and later having those private writings published after his...

The pitfalls of blocking IP addresses

In August 2022, the Austrian court ordered the block of 11 IP addresses for copyright violations on 14 websites. Sadly, there was an undesirable side-effect--thousands of websites were rendered inaccessible to internet users in Austria for two days. There are many possible reasons why governments...

Restaurant platform SevenRooms confirms data breach

SevenRooms, a "guest experience and retention platform" for food establishments and hospitality organisations, has confirmed it has fallen victim to a third party vendor data breach. Mostly known for its customer management platform, Seven Rooms' breach came to light after stolen data was seen fo...