4662 matches found
Stalkerware developer dealt new blow by FTC
Last week, the US Federal Trade Commission FTC interpreted its broad consumer protection mandate to file a first-of-its-kind enforcement action against the developer of three mobile stalkerware applications. The developer was banned from further selling the apps unless significant changes were ma...
Internet Shortcut used in Necurs malspam campaign
The Necurs botnet continues to be one of the most prolific malicious spam distributors, with regular waves of carefully-crafted attachments that are used to download malware. The majority of malspam campaigns that we track are targeting Microsoft Office with documents containing either macros or...
Safer Internet Day 2018: ad blockers and anti-trackers
The path to a safer Internet can be a bit of a quandary. What programs should you buy? How long should your passwords be? Is it okay to write them down? What makes a website secure? All of these questions can merit their own lengthy essays, so today, on Safer Internet Day, we’re going to look at...
Interesting disguise employed by new Mac malware HiddenLotus
On November 30, Apple silently added a signature to the macOS XProtect anti-malware system for something called OSX.HiddenLotus.A. It was a mystery what HiddenLotus was until, later that same day, Arnaud Abbati found the sample and shared it with other security researchers on Twitter. The...
Use TeamViewer? Fix this dangerous permissions bug with an update
TeamViewer, the remote control/web conference program used to share files and desktops, is suffering from a case of "patch it now." Issued yesterday, the fix addresses an issue where one user can gain control of another's PC without permission. Windows, Mac, and LinuxOS are all apparently affecte...
Blockchain technology: not just for cryptocurrency
Imagine a place where you can safely store all your personal information and only you decide who has access to it. You can choose which parts of that information you want to share, and you can just as easily revoke that access. If this place ever comes into existence, I am willing to bet it will ...
Multiple flaws found in smart syringe pump
A syringe pump is a small infusion pump that delivers liquids, either medication or nutrients, in small quantities into the patient's system. Hospitals, nursing homes, and homes with residents under acute or palliative care use them. Accurate and safe delivery of dosage from a variety of syringes...
Petya-esque ransomware is spreading across the world
UPDATE 6/29/2017 1045 PST: According to information uncovered within Malwarebytes Labs, we have determined that this ransomware variant is coded to erase a unique and randomly generated key that is used to encrypt the MFT Master File Table. The destruction of the Salsa20 key makes it very unlikel...
700+ education and tech websites hijacked in huge ClickFix malware campaign
Attackers are abusing a critical Ghost Content Management System CMS vulnerability to hijack more than 700 legitimate websites and inject a fake Cloudflare verification step that tricks visitors into running a Windows command that installs malware. These social engineering campaigns—where website...
Hobby coder accidentally creates vacuum robot army
Sammy Azdoufal wanted to steer his robot vacuum with a PS5 controller. Like any good maker, he thought it would be fun to drive a new DJI Romo around manually. He ended up gaining access to an army of robotic cleaners that gave him eyes into thousands of homes. Driven by purely playful reasons,...
Startup takes personal data stolen by malware and sells it on to other companies
A tech startup is using personal data stolen by infostealer malware that it has found on the dark web, and then selling access to that data. And it claims to be working within the law. According to 404 Media, for as little as $50, Farnsworth Intelligence will give companies a look at records from...
Cyber criminals impersonate payroll, HR and benefits platforms to steal information and funds
The relentless battle against online fraud is a constant evolution, a digital chase where security teams and malicious actors continually adapt. The increasing sophistication of attacks is blurring the lines between legitimate user behavior and impersonation attempts. The campaign we are exposing...
Android fixes 47 vulnerabilities, including one zero-day. Update as soon as you can!
Google has patched 47 vulnerabilities in Android, including one actively exploited zero-day vulnerability in its May 2025 Android Security Bulletin. Zero-days are vulnerabilities that are exploited before vendors have a chance to patch them—often before they even know about them. The May updates...
A week in security (April 27 – May 3)
Last week on Malwarebytes Labs: On world password day, Microsoft says fewer passwords, more passkeys Apple AirPlay SDK devices at risk of takeover—make sure you update The 3 biggest cybersecurity threats to small businesses Zero-day attacks on browsers and smartphones drop, says Google Fake Socia...
Why we’re no longer doing April Fools’ Day
The internet is filled with falsehoods. We’re forever investigating new scams here at Malwarebytes, and so we get how hard it is to know what—or who—to trust online. There’s the scam that takes advantage of grieving people and tricks them into paying for a funeral live stream. There’s the fake...
Texas scrutinizes four more car manufacturers on privacy issues (updated)
The Texas Attorney General’s Office has started an investigation into how Ford, Hyundai, Toyota, and Fiat Chrysler collect, share, and sell consumer data, expanding an earlier probe launched last year into how modern automakers are potentially using customer driving data. We've addressed cars and...
Temu must respect consumer protection laws, says EU
Temu has been accused of a number of infringements on its platform against European Union EU consumer law. The Consumer Protection Cooperation CPC Network of national consumer authorities and the European Commission teamed up for a coordinated ongoing investigation into Temu and its practices. Th...
“Simply staggering” surveillance conducted by social media and streaming services, FTC finds
The US Federal Trade Commission FTC released a report that examines the data collection and use practices of major social media and video streaming services, finding that—and this will not come as a surprise to our regular readers—the companies engaged in vast surveillance of consumers in order t...
‘Poseidon’ Mac stealer distributed via Google ads
On June 24, we observed a new campaign distributing a stealer targeting Mac users via malicious Google ads for the Arc browser. This is the second time in the past couple of months where we see Arc being used as a lure, certainly a sign of its popularity. It was previously used to drop a Windows...
A week in security (June 3 – June 9)
Last week on Malwarebytes Labs: Google will start deleting location history Advance Auto Parts customer data posted for sale Husband stalked ex-wife with seven AirTags, indictment says Microsoft Recall snapshots can be easily grabbed with TotalRecall tool Financial sextortion scams on the rise Sa...
Big name TikTok accounts hijacked after opening DM
High profile TikTok accounts, including CNN, Sony, and—er—Paris Hilton have been targeted in a recent attack. CNN was the first account takeover that made the news, with Semafor reporting that the account was down for several days after the incident. According to Forbes, the attack happens witho...
DocGo patient health data stolen in cyberattack
Medical health care provider DocGo has disclosed in a form 8-K that it experienced a cybersecurity incident involving some of the company’s systems. As part of the investigation of the incident, the company says it has determined that the attacker accessed and acquired data, including certain...
Psychotherapy practice hacker gets jail time after extorting patients, publishing personal therapy notes online
On October 30, 2020, I started a article with the words: “Hell is too nice a place for these people.” The subject of this outrage focused on the cybercriminals behind an attack on Finnish psychotherapy practice Vastaamo. Because it was a psychotherapy practice, the records contained extremely...
Going viral shouldn’t lead to bomb threats, with Leigh Honeywell: Lock and Code S05E06
This week on the Lock and Code podcast… A disappointing meal at a restaurant. An ugly breakup between two partners. A popular TV show that kills off a beloved, main character. In a perfect world, these are irritations and moments of vulnerability. But online today, these same events can sometimes...
A week in security (March 4 – March 10)
Last week on Malwarebytes Labs: Patch now! VMWare escape flaws are so serious even end-of-life software gets a fix Update now! JetBrains TeamCity vulnerability abused at scale PetSmart warns customers of credential stuffing attack Predator spyware vendor banned in US ALPHV ransomware gang fakes o...
A week in security (February 26 – March 3)
Last week on Malwarebytes Labs: PikaBot malware on the rise: What organizations need to know Malicious meeting invite fix targets Mac users Pig butchering scams, how they work and how to avoid them Airbnb scam sends you to a fake Tripadvisor site, takes your money Facebook bug could have allowed...
Facebook bug could have allowed attacker to take over accounts
A vulnerability in Facebook could have allowed an attacker to take over a Facebook account without the victim needing to click on anything at all. The bug was found by a bounty hunter from Nepal called Samip Aryal and has now been fixed by Facebook. In his search for an account takeover...
Android banking trojans: How they steal passwords and drain bank accounts
For the most popular operating system in the world—which is Android and it isn’t even a contest—there’s a sneaky cyberthreat that can empty out a person’s bank accounts to fill the illicit coffers of cybercriminals. These are “Android banking trojans,” and, according to our 2024 ThreatDown State ...
ThreatDown EDR update: Streamlined Suspicious Activity investigation
Navigating the complex world of alerts just got easier, thanks to our latest enhancements to the ThreatDown Endpoint Detection and Response EDR platform. The detailed technical information in EDR alerts—replete with complicated diagrams and references to advanced cybersecurity tactics—can overwhe...
How ransomware changed in 2023
In 2023, the CL0P ransomware gang broke the scalability barrier and shook the security world with a series of short, automated campaigns, hitting hundreds of unsuspecting targets simultaneously with attacks based on zero-day exploits. The gangs novel approach challenged a bottleneck that makes it...
Known ransomware attacks up 68% in 2023
Today, Malwarebytes released its 2024 State of Malware report, detailing six cyberthreats that resource-constrained IT teams should pay attention to in 2024. Top of the list is "Big Game" ransomware, the most serious cyberthreat to businesses all around the world. Big game attacks extort vast...
“You have blood on your hands.” Senate Committee calls for action by social media giants to protect children online
In an unusually emotional and unified setting, the Senate Judiciary Committee found common ground for the need to protect children online yesterday. On January 31, 2024, the CEOs of the most widely used social media platforms appeared before the Committee. Meta’s Mark Zuckerberg, Xs Linda...
How to lock out your ex-partner from your smart home
Stalkers can use all kinds of apps, gadgets, devices, and phones to spy on their targets, which are often their ex-partners. Unfortunately, while they no doubt have many positive uses, smart home devices give stalkers an array of tools to keep an eye on their targets. If you are the partner that...
Microsoft got hacked by state sponsored group it was investigating
In a spy-vs-spy type of scenario, Microsoft has acknowledged that a group called Midnight Blizzard also known as APT29 or Cozy Bear, gained access to a Microsoft legacy non-production test tenant account. According to Microsoft, the group managed to access the account in November after subjecting...
Google failing to scrub abortion access in location history, study claims
Nearly 16 months after Google announced a policy change to remove location data that could reveal users’ physical trips to abortion clinics and other potentially sensitive medical centers, a nonprofit has alleged in a new report that the company is failing to do just that. The findings, which wer...
“I’ll miss him so much” Facebook scam uses BBC branding to lure victims
Facebook scams are a constant nuisance and vary from like-farming to scams that can cost you some serious money. The latest one we found is a bit morbid. Recently, I’ve seen quite a few posts on my timeline that looked like this: Without going into details the post says: “I can’t believe he’s gon...
Exposing the ransomware lie to “leave hospitals alone”
Ransomware groups are liars, yes, but even when these dangerous cybercriminals would ransack organizations and destroy entire companies, a few select groups espoused a sort of "honor among thieves.” According to those few groups, their cybercriminal actions would never include organizations...
Explained: Quishing
Quishing is phishing using QR Quick Response codes. QR codes are basically two-dimensional barcodes that hold encoded data, and they can be used to work as a link. Point your phone's camera at a QR code and it will ask you if you want to visit the link. The use of QR codes in malicious campaigns ...
Ransomware reinfections on the rise from improper remediation
Attack. Remediate. Repeat? Speak to any organization infiltrated by ransomware--the most dangerous malware in the world--and theyll be blunt: Theyd do anything to avoid getting hit twice. But ransomware attacks have been ramping up in 2023 and reinfections are occurring all over the globe, forcin...
Webinar: Bridging digital transformation & cybersecurity
Digital transformation may be revolutionizing businesses and the way we operate, but it also presents notable challenge: How can organizations stay secure amidst the ceaseless tide of change? Our latest Byte Into Security webinar has the answers. Meet the Experts Marcin Kleczynski, CEO of...
The privacy perils of the Metaverse
A recently released report from New York University claims that the Metaverse, an all-in-one virtual online space, poses a potentially major risk to user privacy. This is because headsets and other similar devices can collect an incredible amount of personal, physical and biometric information. T...
Smart lightbulb and app vulnerability puts your Wi-Fi password at risk
New research highlights another potential danger from IoT devices, with a popular make of smart light bulbs placing your Wi-Fi network password at risk. Researchers from the University of London and Universita di Catania produced a paper explaining the dangers of common IoT products. In this case...
25 most popular websites vs Malwarebytes Browser Guard
Do you know how many see-everything-you're-doing-on-the-web trackers get loaded into your browser when you watch a YouTube video? Would you care to guess? It's about sixty. Sixty. Six zero. Sixty trackers when you load one video. I know this because I decided to take Browser Guard, the...
YouTube makes sweeping changes to tackle spam on Shorts videos
YouTube is rolling out unclickable links. Video portals like YouTube have had to deal with spam comments and bogus links for many years. With new additions to a platform come new places for scammers to go about their business. YouTube is now cracking down on links posted to the comments section o...
Elderly targeted in car accident scam, kingpin arrested
The head of a criminal network responsible for defrauding hundreds of elderly people has been arrested, Europol has announced. After a joint operation in Germany, Poland, and the UK, Europol says the suspect was arrested in London from where he ran a network of fraudsters targeting mainly German...
A week in security (June 12 - 18)
Last week on Malwarebytes Labs: MOVEit discloses THIRD critical vulnerability Fake security researchers push malware files on GitHub LockBit ransomware advisory from CISA provides interesting insights Microsoft fixes six critical vulnerabilities in June Patch Tuesday Update Chrome now! Google fix...
A week in security (June 5 - 11)
Last week on Malwarebytes Labs: Trusting AI not to lie: The cost of truth: Lock and Code S04E12 5 unusual cybersecurity tips that actually work The 2023 State of Ransomware in Education: 84% increase in attacks over 6-month period Information stealer compromises legitimate sites to attack other...
Employee guilty of joining ransomware attack on his own company
A 28-year old IT Security Analyst pleaded guilty and will consequently be convicted of blackmail and unauthorized access to a computer with intent to commit other offences. It all started when the UK gene and cell therapy company Oxford BioMedica fell victim to a cybersecurity incident which...
APT attacks: Exploring Advanced Persistent Threats and their evasive techniques
Cyber criminals come in all shapes and sizes. On one end of the spectrum, theres the script kiddie or inexperienced ransomware gang looking to make a quick buck. On the other end are state-sponsored groups using far more sophisticated tactics--often with long-term, strategic goals in mind. Advanc...
Google adds unwanted tracker detection to Find My Device network
Last week we reported that Google and Apple were looking for input on a draft specification to alert users in the event of suspected unwanted tracking. Apple and Google said other tracker makers like Samsung, Tile, Chipolo, eufy Security, and Pebblebee have expressed interest in their draft. Now,...