Lucene search
K
MalwarebytesMost viewed

4709 matches found

Malwarebytes
Malwarebytes
added 2025/04/11 3:31 p.m.20 views

The Pall Mall Pact and why it matters

The US State Department reportedly plans to sign an international agreement designed to govern the use of commercial spyware known as the Pall Mall Pact. The Pall Mall Pact, formally known as the Pall Mall Process, was initiated by France and the United Kingdom in February 2024. The goal of the...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/04/02 5:19 a.m.20 views

“Urgent reminder” tax scam wants to phish your Microsoft credentials

Tax season is in full force, and with the filing deadline fast approaching on April 15, scammers are happy to use that sense of urgency to coax us into handing them our cash. In one example, one of our customers recently received an email with an attachment titled "Urgent reminder.” The attachmen...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/03/31 8:30 a.m.20 views

Why we’re no longer doing April Fools’ Day

The internet is filled with falsehoods. We’re forever investigating new scams here at Malwarebytes, and so we get how hard it is to know what—or who—to trust online. There’s the scam that takes advantage of grieving people and tricks them into paying for a funeral live stream. There’s the fake...

7.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/03/25 10:43 a.m.20 views

Oops! Google accidentally deletes some users’ Maps Timeline data

Google has admitted it accidentally deleted some users' Google Maps Timeline data after a "technical issue". As reported by Forbes on March 11, users started noticing that their Google Maps Timelines had completely disappeared. At the time, we didn't know anything about the cause of this issue...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/11/13 10:10 p.m.20 views

Temu must respect consumer protection laws, says EU

Temu has been accused of a number of infringements on its platform against European Union EU consumer law. The Consumer Protection Cooperation CPC Network of national consumer authorities and the European Commission teamed up for a coordinated ongoing investigation into Temu and its practices. Th...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/10/30 2:55 p.m.20 views

Patch now! New Chrome update for two critical vulnerabilities

Google has released an update for its Chrome browser which includes patches for two critical vulnerabilities. The update brings the Stable channel to versions 130.0.6723.91/.92 for Windows and Mac and 130.0.6723.91 for Linux. The easiest way to update Chrome is to allow it to update automatically...

8.8CVSS7.7AI score0.00653EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2024/05/29 1:42 p.m.20 views

How to turn off location tracking on Android

Android devices come with location services. Some apps need access to location services to function properly. However, there may be reasons why you don’t want your device to be located, often because you don’t want to be found and the device is always with you. Depending on who you are trying to...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/05/28 8:35 p.m.20 views

pcTattletale spyware leaks database containing victim screenshots, gets website defaced

The idea behind the software is simple. When the spying party installs the stalkerware, they grant permission to record what happens on the targeted Android or Windows device. The observer can then log in on an online portal and activate recording, at which point a screen capture is taken on the...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/05/23 10:9 a.m.20 views

How AI will change your credit card behind the scenes

Many companies are starting to implement Artificial Intelligence AI within their services. Whenever there are large amounts of data involved, AI offers a way to turn that pile of data into actionable insights. And theres a big chance that our data are somewhere in that pile, whether they can be...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/05/09 10:46 a.m.20 views

DocGo patient health data stolen in cyberattack

Medical health care provider DocGo has disclosed in a form 8-K that it experienced a cybersecurity incident involving some of the company’s systems. As part of the investigation of the incident, the company says it has determined that the attacker accessed and acquired data, including certain...

7.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/04/11 7:51 p.m.20 views

Apple warns people of mercenary attacks via threat notification system

Apple has reportedly sent alerts to individuals in 92 nations on Wednesday, April 10, to say its detected that they may have been a victim of a mercenary attack. The company says it has sent out these types of threat notifications to over 150 countries since the start in 2021. Mercenary spyware i...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/04/10 9:35 a.m.20 views

New ransomware group demands Change Healthcare ransom

The Change Healthcare ransomware attack has taken a third cruel twist. A new ransomware group, RansomHub, has listed the organisation as a victim on its dark web leak site, saying it has 4 TB of "highly selective data," which relates to "all Change Health clients that have sensitive data being...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/03/12 11:2 p.m.20 views

FakeBat delivered via several active malvertising campaigns

February was a particularly busy month for search-based malvertising with the number of incidents we documented almost doubling. We saw similar payloads being dropped but also a few new ones that were particularly good at evading detection. One malware family we have been tracking on this blog is...

7.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/03/11 2:59 p.m.20 views

Going viral shouldn’t lead to bomb threats, with Leigh Honeywell: Lock and Code S05E06

This week on the Lock and Code podcast… A disappointing meal at a restaurant. An ugly breakup between two partners. A popular TV show that kills off a beloved, main character. In a perfect world, these are irritations and moments of vulnerability. But online today, these same events can sometimes...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/03/07 2:36 p.m.20 views

PetSmart warns customers of credential stuffing attack

Pet retail company PetSmart has emailed customers to alert them to a recent credential stuffing attack. Credential stuffing relies on the re-use of passwords. Take this example: User of Site A uses the same email and password to login to Site B. Site A gets compromised and those login details are...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/02/28 5:11 p.m.20 views

ALPHV is singling out healthcare sector, say FBI and CISA

In an updated StopRansomware security advisory, the Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Department of Health and Human Services HHS has warned the healthcare industry about the danger of the ALPHV ransomware group, also known as...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/02/05 7:38 a.m.20 views

A week in security (January 29 – February 4)

Last week on Malwarebytes Labs: CISA: Disconnect vulnerable Ivanti products TODAY FBI removes malware from hundreds of routers across the US "You have blood on your hands." Senate Committee calls for action by social media giants to protect children online Tax season is here, so are scammers Moth...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/02/02 12:14 p.m.20 views

FBI removes malware from hundreds of routers across the US

The FBI has used a court order to remove malware from hundreds of routers across the US, and alter the routers’ settings to prevent reinfection. The routers are malware-infected NetGear and Cisco small office/home office SOHO devices that no longer receive updates because they have reached their...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/01/19 2:9 p.m.20 views

Google changes wording for Incognito browsing in Chrome

Users of Chrome Canary have noticed some slight changes in the wording that Google uses for Incognito mode. Chrome Canary is mainly intended for use by developers. It’s updated nearly daily with new features, and because it can be used alongside versions of the “normal” Chrome browser known...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/01/16 4:32 p.m.20 views

A true tale of virtual kidnapping: Lock and Code S05E02

This week on the Lock and Code podcast… On Thursday, December 28, at 8:30 pm in the Utah town of Riverdale, the city police began investigating what they believed was a kidnapping. 17-year-old foreign exchange student Kai Zhuang was missing, and according to Riverdale Police Chief Casey Warren,...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/11/08 5:59 p.m.20 views

Introducing Security Advisor Site Scores for OneView: Easy assessment of client security for MSPs

In a world rife with cyber threats, it is crucial for Managed Service Providers MSPs to conduct thorough assessments of their clients’ security posture. Even minor misconfigurations, if overlooked, can leave clients vulnerable to attacks. Yet, lacking the necessary tools, many MSP IT teams are in...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/10/20 12:18 p.m.20 views

Ragnar Locker ransomware group taken down

Even though it had a long run for a ransomware group, it seems the bell might be tolling for Ragnar Locker. On October 19, 2023, the group’s leak site was seized by an international group of law enforcement agencies. The take down action was carried out between 16 and 20 October. During the actio...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/10/18 2:30 a.m.20 views

3 crucial security steps people should do, but don't

Cybersecurity could be as easy as 1-2-3. The problem, though, is that people have to want it. In new research conducted by Malwarebytes, internet users across the United States and Canada admitted to dismal cybersecurity practices, failing to adopt some of the most basic defenses for staying safe...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/09/28 4:0 a.m.20 views

Google’s Bard conversations turn up in search results

Google is coming under scrutiny after people discovered transcripts of conversations with its AI chatbot Bard are being indexed in Google search results. Bard is Googles answer to ChatGPT, and allows users to have conversations with an AI. Services like these have attracted a lot of attention,...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/09/26 1:0 p.m.20 views

Webinar: Bridging digital transformation & cybersecurity

Digital transformation may be revolutionizing businesses and the way we operate, but it also presents notable challenge: How can organizations stay secure amidst the ceaseless tide of change? Our latest Byte Into Security webinar has the answers. Meet the Experts Marcin Kleczynski, CEO of...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/09/12 1:0 a.m.20 views

Major cyberattack leaves MGM Resorts reeling

A major incident impacting MGM Resorts has caused computer shutdowns all over the US. The systems most impacted are tied to casinos and hotel computer systems. According to the AP, locations caught by this shutdown range from New York and Ohio to Michigan and Mississippi. At this point Id link to...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/09/10 10:0 p.m.20 views

Chrome's "Enhanced Ad Privacy": What you need to know

Users of Google's Chrome web browser may wish to dig into their privacy settings as a new feature regarding advertising privacy slowly rolls out to the masses. Googles "Enhanced Ad Privacy" feature may soon appear in your browser, tied to choices regarding a new Chrome feature named Topics. This ...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/08/21 8:45 p.m.20 views

QR codes used to phish for Microsoft credentials

Researchers have published details about a phishing campaign that uses QR codes to phish for Microsoft credentials. A QR Quick Response code is a kind of two-dimensional barcode that holds encoded data in a graphical black-and-white pattern. The data that a QR code stores can include URLs, email...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/08/16 11:15 a.m.20 views

Beware malware posing as beta versions of legitimate apps, warns FBI

The FBI has issued a warning that cybercriminals are embedding malicious code in mobile beta-testing apps in attempts to defraud potential victims. The victims are typically contacted on dating sites and social media, and in some cases they are promised incentives such as large financial payouts...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/08/01 11:30 a.m.20 views

Public companies must now disclose breaches within 4 days

Public organisations in the US impacted by a cyberattack will now have to disclose it within four days…with some caveats attached. On Wednesday, new rules were approved by the US Securities and Exchange Commission SEC. These rules mean that publicly traded companies will need to reveal said attac...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/31 9:30 p.m.20 views

Meta subsidiaries must pay $14m over misleading data collection disclosure

Meta has run into yet another bout of court related issues--two subsidiaries have been ordered to pay $14 million regarding undisclosed data collection. The Australian case, which has rumbled on for the best part of two and a half years, has focused on claims related to a now discontinued Virtual...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/13 9:0 a.m.20 views

From Malvertising to Ransomware: A ThreatDown webinar recap

Our recent webinar From Malvertising to Ransomware highlight the clear connection between malvertising--the practice of embedding malicious code within legitimate online advertisements--and the epidemic of ransomware attacks affecting businesses globally. Presented by Mark Stockley, security...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/06/30 1:0 a.m.20 views

Online safety tips for LGBTQIA+ communities

The internet is great for bringing people together, helping you feel part of a community, and staying in touch with your nearest and dearest. But it can also be a nasty place - from malware to scammers, to people just being plain awful to others. It's probably not surprising to read that recent...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/06/05 10:0 a.m.20 views

5 unusual cybersecurity tips that actually work

So, youre on top of your software updates, you use a password manager, youve enabled two-factor authentication wherever you can, youve got BrowserGuard installed, and youre running Malwarebytes Premium. If you're doing all of that you're already winning at security. But you want more, because you...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/23 8:0 a.m.20 views

Malvertising via brand impersonation is back again

Web search is about to embark on a new journey thanks to artificial intelligence technology that online giants such as Microsoft and Google are experimenting with. Yet, there is a problem when it comes to malicious ads displayed by search engines that AI likely won't be able to fix. In recent...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/15 1:15 p.m.20 views

A week in security (May 8-14)

Last week on Malwarebytes Labs: The rise of "Franken-ransomware," with Allan Liska: Lock and Code S04E11 Ransomware review: May 2023 Brightline breach hits at least 964,000 people, US records show Ransomware attack on MSI led to compromised Intel Boot Guard private keys Fake system update drops...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/04 10:30 a.m.20 views

World Password Day must die

The continued existence of World Password Day is a tell that something has gone badly wrong in cybersecurity. Now in its tenth year, the day is supposed to act as an annual reminder for people to follow good password hygiene: Dont reuse passwords; use long passwords; no, longer passwords than tha...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/25 3:0 a.m.20 views

GuLoader returns with a rotten shipment

GuLoader, a perennial favourite of email-based malware campaigns since 2019, has been seen in the wild once again. GuLoader is a downloader with a chequered history, dating back to somewhere around 2011 in various forms. Two years ago it was one of our most seen malspam attachments. Most popular...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/14 10:30 a.m.20 views

Is AI being used for virtual kidnapping scams?

You may have seen a worrying report of Artificial Intelligence AI being used in a virtual kidnapping scam. The AI was supposedly used to imitate the voice of an Arizona resident's daughter, who claimed to have been kidnapped. The daughter was safe and well elsewhere on a school trip. Unfortunatel...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/06 12:0 p.m.20 views

Uber data theft: Driver info stolen after law firm breached

Uber, yet again, has become a victim of data theft following a third-party breach. This time, threat actors have aimed at the company's law firm, Genova Burns. Data of Uber's drivers may have been swiped during the security incident. According to the letter sent to affected drivers, the firm beca...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/06 9:0 a.m.20 views

Google aims to reduce data theft with app data and account deletions

Google has made multiple security improvements to the general operation of apps over the last 12 months or so. Its now a little easier to understand what apps want from you. Labels which indicate a level of trustworthiness for developers. Changes made to ensure old, abandoned apps will no longer...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/03/30 2:0 a.m.20 views

[Updated April 3] 3CX desktop app used in a supply chain attack

Researchers have found that the 3CX desktop app may be compromised and used in supply chain attacks. The 3CX Desktop App is a Voice over Internet Protocol VoIP type of application which is available for Windows, macOS, Linux and mobile. Many large corporations use it internally to make calls, vie...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/03/21 12:15 p.m.20 views

The NBA tells fans about data breach

The National Basketball Association NBA has notified its fans they may be affected by a data breach in a third-party service the organization uses. For now, it is safe to assume that the attacker only obtained names and email addresses, but the NBA has hired the services of external cybersecurity...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/03/17 11:45 a.m.20 views

LockBit ransomware attacks Essendant

The LockBit ransomware group is claiming responsibility for taking down a US-based distributor of office products called Essendant. This attack, which is said to have begun on or around March 6, created severe ramifications for the organisation, disrupting freight carrier pickups, online orders,...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/03/16 4:0 a.m.20 views

Hackers threaten to leak STALKER 2 assets if devs don’t heed demands

Ukrainian game developer GSC Game World has announced it was breached by Russian hacktivists who stole assets related to the much-awaited game STALKER 2: Heart of Chernobyl. A message from GSC Game World team pic.twitter.com/rqRM0tFZmO -- S.T.A.L.K.E.R. OFFICIAL @stalkerthegame March 12, 2023...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/21 5:0 a.m.20 views

How to set up two-factor authentication on Twitter using a hardware key

If you use text based authentication as an additional level of security for your Twitter account, you may be aware that this option will be reserved for paying Twitter Blue subscribers come mid-March. This post explains how to enable hardware key authentication instead. Enabling a hardware securi...

7.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/17 11:45 a.m.20 views

TikTok car theft challenge: Hyundai, Kia fix flaw

Car manufacturer Hyundai, and its subsidiary Kia, began rolling out a free software update on February 14, 2023, to address a flaw in their anti-theft software, which was highlighted in a social media challenge. The release of the update came nine months after an uptick in car theft of the affect...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/13 9:0 a.m.20 views

What is AI good at (and what the heck is it, actually), with Josh Saxe: Lock and Code S04E04

In November of last year, the AI research and development lab OpenAI revealed its latest, most advanced language project: A tool called ChatGPT. ChatGPT is so much more than "just" a chatbot. As users have shown with repeated testing and prodding, ChatGPT seems to "understand" things. It can give...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/01 10:45 a.m.20 views

Up to 10 million people potentially impacted by JD Sports breach

Were at the start of February, and news of breaches keeps on coming. In this case, though, while the news that 10 million JD Sports customers may have been impacted by a cyber attack has only just arrived, the data potentially accessed in that attack is already several years old. The danger zone ...

Exploits0
Malwarebytes
Malwarebytes
added 2023/01/26 1:0 a.m.20 views

"2.6 million DuoLingo account entries" up for sale

Not a week goes by where we dont see an example of data scraping causing concern for both business and folks at home. The latest target happens to be popular language platform DuoLingo, who is currently digging into a forum post concerning data related to its customer accounts. Scraping data for...

6.9AI score
Exploits0
Total number of security vulnerabilities4709