4709 matches found
Ransomware reinfections on the rise from improper remediation
Attack. Remediate. Repeat? Speak to any organization infiltrated by ransomware--the most dangerous malware in the world--and theyll be blunt: Theyd do anything to avoid getting hit twice. But ransomware attacks have been ramping up in 2023 and reinfections are occurring all over the globe, forcin...
TikTok flooded with fake celebrity nude photo Temu referrals
Sites and apps frequently gamify their products and experiences to grow their user base. Its a relatively easy way to have their customers become more involved thanks to whatever incentives may be on offer. A game here, a rewards program there, and everyone is happy. Well, almost everyone. If...
X wants your biometric data
Users of X formerly Twitter paying for a checkmark under what used to be called Twitter Blue now X Premium have some biometric related decisions to make. The BBC reports that Elon Musk, having dismantled the old checkmark system to replace it with the all new Premium, is reintroducing identity...
Of sharks, surveillance, and spied-on emails: This is Section 702, with Matthew Guariglia
In the United States, when the police want to conduct a search on a suspected criminal, they must first obtain a search warrant. It is one of the foundational rights given to US persons under the Constitution, and a concept that has helped create the very idea of a right to privacy at home and...
Top contenders in Endpoint Security revealed: G2 Summer 2023 results
Navigating the world of endpoint security is challenging, with numerous vendors stoking "Fear, Uncertainty, and Doubt" FUD and making bold claims that are difficult to verify. In times like these, the honest opinions of real users are invaluable for busy IT teams. Enter G2, an industry-leading...
Fake security researchers push malware files on GitHub
Researchers from VulnCheck have observed a campaign using real security researchers as bait for malware. The campaign goes to some lengths to appear genuine, using fake profiles, downloads, websites, and bogus GitHub profiles, to paint a convincing picture of security professionals offering up...
Warning: Victims' faces placed on explicit images in sextortion scam
The FBI has issued a warning about criminals digitally manipulating people's faces on to pornographic images--known as deepfaking--and then using those images to harass or extort money out of their victim in a practice known as sextortion. The FBI said the victims include children. From the...
Play ransomware gang compromises Spanish bank, threatens to leak files
Ransomware is creating additional work for a major Spanish bank. Globalcaja, said to have more than 300 offices in Spain and close to half a million customers, has fallen victim to the Play ransomware gang. The gang claim to have swiped both private and personal information in the attack--includi...
Trusting AI not to lie: The cost of truth: Lock and Code S04E12
In May, a lawyer who was defending their client in a lawsuit against Columbia's biggest airline, Avianca, submitted a legal filing before a court in Manhattan, New York, that listed several previous cases as support for their main argument to continue the lawsuit. But when the court reviewed the...
PharMerica breach impacts almost 6 million people
US pharmacy giant PharMerica has notified over 5.8 million people about a security incident in which it says personal information and medical information may have been obtained by cybercriminals. The Data Breach Notification lists the total number of persons affected as 5,815,591. An investigatio...
How to keep your ChatGPT conversations out of its training data
Last week, OpenAI announced it had given ChatGPT users the option to turn off their chat history. ChatGPT is a "generative AI", a machine learning algorithm that can understand language and generate written responses. Users can interact with it by asking questions, and the conversations users hav...
Google takes CryptBot to the wood shed
Google is in the midst of a legal campaign designed to take down the creators of a very persistent piece of malware called CryptBot. This malware, which Google claims compromised roughly 670k computers, set about infecting users of the Chrome browser. Unfortunately for the malware campaign...
Adult content malvertising scheme leads to clickjacking
Malwarebytes researchers have found a malvertising scheme that leads to clickjacking. Clickjacking is a form of ad fraud which is also referred to as click fraud or click spam. It is a practice performed by certain dubious advertising networks, where they sometimes use automated programs--from...
QBot changes tactic, remains a menace to business networks
QBot, an infostealer-turned-dropper that aids criminal gangs in their malicious campaigns, is now being distributed as part of a phishing campaign using PDFs and Windows Script Files WSF, according to recent discoveries by malware hunter Proxylife @pr0xylife and the Cryptolaemus group...
A week in security (February 20 - 26)
Last week on Malwarebytes Labs: GoAnywhere zero-day opened door to Clop ransomware Chip company loses $250m after ransomware hits supply chain GoDaddy says it's a victim of multi-year cyberattack campaign Twitter and two-factor authentication: What's changing? How to set up two-factor...
Ransomware pushes City of Oakland into state of emergency
The ransomware attack that hit Oakland on Wednesday February 8, 2023 is still crippling many of the citys services a week later. In fact, the situation is so bad that the Interim City Administrator has now declared a state of emergency. Tweet announcing the state of emergency The ransomware attac...
Florida hospital takes entire IT systems offline after 'ransomware attack'
Tallahassee Memorial Healthcare TMH, a major hospital system in northern Florida, has reportedly been experiencing an "IT security issue" since Thursday evening, which impacted some of its IT systems. When TMH learned of the issue, it took its entire IT systems offline as a precaution and contact...
Business Email Compromise attack imitates vendors, targets supply chains
Today we have a fascinating tale of a business email compromise BEC group steering clear of targeting executives, in favour of fouling up supply chains instead. The attack, which may sound overly complicated, is a fairly streamlined attack with the intention of making a lot of money. BEC: What is...
Ho, ho, no! Scams to avoid this festive season
Whether youve been naughty or nice, someone will try and stuff a scam down your chimney either way. The FBI is warning of several likely ways to be parted from your funds or logins, and were going to give some additional context along with tips to avoid these digital lumps of coal. Social media...
SIM swapper jailed for 18 months over crypto heist
Nicholas Truglia 25 from Florida was sentenced to 18 months on Thursday for his involvement in a digital heist that cost Michael Terpin @michaelterpin, a renowned personality in the cryptocurrency space, $23.8M. The theft happened on January 2018, where Truglia and his co-conspirators targeted...
Snapchat gives Californians more power over their personal data
There's a new toggle switch in Snapchat that, once enabled, limits the use of sensitive personal information. TechCrunch reports that the switch is a new privacy feature Snapchat will be rolling out to comply with the California Privacy Rights Act CPRA, also known as Proposition 24. The act, whic...
Eufy "no cloud" security cameras streaming data to the cloud
Eufy home security cameras are currently in a spot of trouble as a result of door camera footage. This is because it turns out that data which should not have been going to the cloud was doing so anyway in certain conditions. Securing your home: a complicated proposition Insecure cameras,...
What is ransomware-as-a-service and how is it evolving?
Ransomware attacks are becoming more frequent and costlier--breaches caused by ransomware grew 41 percent in the last year, the average cost of a destructive attack rising to $5.12 milllion. Whats more, a good chunk of the cyber criminals doing these attacks operate on a ransomware-as-a-service...
Malformed signature trick can bypass Mark of the Web
Mark of the Web MOTW--the technology that ensures Windows pops a warning message when trying to open a file downloaded from the Internet--is back in the news, but unfortunately not in a good way. Bleeping Computer reports that a recently uncovered but somewhat old bug has been unearthed which hel...
Android and iOS leak some data outside VPNs
Virtual Private Networks VPNs on Android and iOS are in the news. Its been discovered that in certain circumstances, some of your traffic is leaked so it ends up outside of the safety cordon created by the VPN. Mullvad, the discoverers of this Android "feature" say that it has the potential to...
Welcome to high tech hacking in 2022: Annoying users until they say "yes"
Last week we learned that ride-sharing giant Uber's defences had been unpicked by an attacker with a novel take on social engineering: Fatigue. Fatigue attacks play on the often repetitive nature of certain security procedures and failsafes. Do you hate having to punch in a password on your login...
Vulnerable children's identities used in tax fraud scheme
Fraudster Ariel "Melo" Jimenez has been sentenced to 12 years in prison for leading a "tax fraud and identity theft conspiracy" that resulted in the fraudulent claiming of tax credits, earning him millions of dollars. "Ariel Jimenez was the leader of a long-running fraudulent tax business that...
Here are the new security and privacy features of iOS 16
On Monday, September 12, Apple released iOS 16, which included a host of new security and privacy features. Let's look at what these are--and some quality-of-life QoL changes. Lockdown Mode As Macrumors calls it, Lockdown Mode is an "extreme" security setting ideal for those who regularly find...
Cyber threat hunting for SMBs: How MDR can help
When you hear the words "cyber threat hunting", you just may picture an elite team of security professionals scouring your systems for malware. Sounds like something only huge businesses or nation states would need to do, right? Not quite. Threat hunting is just as essential for...
How to set up an iPhone for your kids
Thanks to Thomas Reed for his expertise and guidance. This is it. After much hemming and hawing, you've finally given in and bought your child their first smartphone, which you plan to give to them before the school year starts. But before you give it to them, it's worth sitting them down to talk...
How IT teams can prevent phishing attacks with Malwarebytes DNS filtering
Phishing attacks are a persistent threat to businesses globally. According to Verizon, 82 percent of data breaches in 2021 involved the human element--with phishing attacks making up over 60 precent of these. And if it aint broke, dont fix it: threat actors have only continued to use phishing to...
Ransomwater confusion, does the criminal know who the victim is?
When we say that attribution is always tricky, we are obviously only seeing the half of it. Apparently sometimes even the cybercriminals are not always clear on which company they breached. Clop ransomware put out a statement that they breached Thames Water when in reality their victim was South...
Introducing Malwarebytes Cloud Storage Scanning: How to scan for malware in cloud file storage repositories
Were excited to announce Malwarebytes Cloud Storage Scanning, a new service that extends Nebula malware scanning options to include files stored on cloud storage repositories that are part of your organizations digital ecosystem. Today, the service supports scanning of files under 100Mb in size...
Summer of exploitation leads to healthcare under fire
May 2021 was a tough month for the Healthcare and Medical sector-the most notable threat trend at the time was the heavy use of a new popular exploit against Dell systems, leading to immense effort by attackers to utilize the exploit before it became less effective due to patching. During this...
Phishy calls and emails play on energy cost increase fears
Gas and electricity price concerns are rife at the moment, with spiralling costs and bigger increases waiting down the line. Sadly this makes the subject valuable material for fraudsters, playing into peoples fears with a dash of social engineering to make them worse off than they were previously...
Lock down your Neopets account: Data breach being investigated
Bad news for players of long-time virtual pet management title Neopets. Word is spreading of a compromise claimed to have accessed around 69 million user accounts. This compromise, posted to a hacking forum, is said to include both the database and around 460 MB of compressed source code from...
PyPI starts rolling out required 2FA for important projects
The Python Package Index PyPI says it has begun rolling out a two-factor authentication 2FA requirement which enforces maintainers of critical projects to have 2FA enabled to publish, update, or modify them. PyPI plays an important role in the Python developers ecosystem. Python repository PyPi i...
AstraLocker 2.0 ransomware isn’t going to give you your files back
Reversing Labs reports that the latest verison of AstraLocker ransomware is engaged in a a so-called "smash and grab" ransomware operation. Smash and grab is all about maxing out profit in the fastest time. It works on the assumption by malware authors that security software or victims will find...
LinkedIn scams are a “significant threat”, warns FBI
Digital currency fraud is a growing issue on social media, and LinkedIn is no different. In fact, according to according to Sean Ragan, the FBI’s special agent in charge of the San Francisco and Sacramento, California, field offices, cryptocurrency scams are big business on LinkedIn. "It’s a...
Securing the software supply chain, with Kim Lewandowski: Lock and Code S03E13
At the start of the global coronavirus pandemic, nearly everyone was forced to learn about the "supply chain." Immediate stockpiling by an alarmed and from a smaller share, opportunistic public led to an almost overnight disappearance of hand sanitizer, bottled water, toilet paper, and face masks...
Taking down the IP2Scam tech support campaign
Tech support scams follow a simple business model that has not changed much over the years. After all, why change a recipe that continues to yield large profits. We see countless such campaigns and block them indiscriminately to protect our customers from being defrauded by a fraudulent tech...
A week in security (June 6 – June 12)
Last week on Malwarebytes Labs: FBI warns of scammers soliciting donations for Ukraine Microsoft autopatch is here…but can you use it? Prometheus ransomwares flaws inspired researchers to try to build a near-universal decryption tool Rotten apples banned from App store Hackers can take over...
SSNDOB stolen data marketplace shut down by global law enforcement operation
The United States Department of Justice has announced a major takedown of a criminal marketplace that traded Personally Identifiable Information PII. Not just any old marketplace; this was a major, years-long operation with several failsafes to prevent permanent takedown. It took quite the...
Rotten apples banned from the App store
Apple’s App Review process may have received ill wishes from many benevolent developers, but Apple has now revealed how effective it is and why it is so stringent. According to its review of the year 2021, Apple protected customers from nearly $1.5 billion in potentially fraudulent transactions,...
Prometheus ransomware’s flaws inspired researchers to try to build a near-universal decryption tool
This blog is part of our live coverage from RSA Conference 2022: Prometheus—a ransomware build based on Thanos that locked up victims’ computers in the summer of 2021—included a major “vulnerability” that led security researchers at IBM to try and build a one-size-fits-all ransomware decryptor th...
Phishing mail claims a 3D Secure upgrade is required
Today we took a look at a phishing mail pinning its hopes on a QR code linking to a bogus website. Scammers claim that your mail address has "not been registered for the 3D Secure Security Update". 3D Secure phishing mail The mail reads as follows: Dear Sir / Madam, Our administration has shown...
Chicago students lose data to ransomware attackers
Chicago Public Schools CPS disclosed on Friday that students may have had their data taken in a ransomware incident involving one of its vendors. The ransomware attack happened last December at Battelle for Kids BfK, based in Columbus Ohio, which develops services to provide innovation in schools...
Steer clear of fake premium mobile app unlockers
A site has been bouncing around YouTube comments for the past couple of weeks. The site sometimes changes, the messages alter slightly, but the essence remains the same: In all cases, people acting in suspiciously automated fashion ask if everyone is using this "glitch" or generator without ever...
Unfixed vulnerability in popular library puts IoT products at risk
Researchers have found a vulnerability in a popular C standard library in IoT products that could allow attackers to perform DNS poisoning attacks against a target device. The library is known to be used by major vendors such as Linksys, Netgear, and Axis, but also by Linux distributions such as...
Rogue ads phishing for cryptocurrency: Are you secure?
Bad ads are at it again. Rogue Google ads caused no end of misery for cryptocurrency enthusiasts, costing them roughly $4.31 million between the 12th and the 21st of April. This is an astonishing slice of cryptocurrency cash to lose for the sake of clicking on something in a search engine. The...