4709 matches found
The Pall Mall Pact and why it matters
The US State Department reportedly plans to sign an international agreement designed to govern the use of commercial spyware known as the Pall Mall Pact. The Pall Mall Pact, formally known as the Pall Mall Process, was initiated by France and the United Kingdom in February 2024. The goal of the...
“Urgent reminder” tax scam wants to phish your Microsoft credentials
Tax season is in full force, and with the filing deadline fast approaching on April 15, scammers are happy to use that sense of urgency to coax us into handing them our cash. In one example, one of our customers recently received an email with an attachment titled "Urgent reminder.” The attachmen...
Why we’re no longer doing April Fools’ Day
The internet is filled with falsehoods. We’re forever investigating new scams here at Malwarebytes, and so we get how hard it is to know what—or who—to trust online. There’s the scam that takes advantage of grieving people and tricks them into paying for a funeral live stream. There’s the fake...
Oops! Google accidentally deletes some users’ Maps Timeline data
Google has admitted it accidentally deleted some users' Google Maps Timeline data after a "technical issue". As reported by Forbes on March 11, users started noticing that their Google Maps Timelines had completely disappeared. At the time, we didn't know anything about the cause of this issue...
Temu must respect consumer protection laws, says EU
Temu has been accused of a number of infringements on its platform against European Union EU consumer law. The Consumer Protection Cooperation CPC Network of national consumer authorities and the European Commission teamed up for a coordinated ongoing investigation into Temu and its practices. Th...
Patch now! New Chrome update for two critical vulnerabilities
Google has released an update for its Chrome browser which includes patches for two critical vulnerabilities. The update brings the Stable channel to versions 130.0.6723.91/.92 for Windows and Mac and 130.0.6723.91 for Linux. The easiest way to update Chrome is to allow it to update automatically...
How to turn off location tracking on Android
Android devices come with location services. Some apps need access to location services to function properly. However, there may be reasons why you don’t want your device to be located, often because you don’t want to be found and the device is always with you. Depending on who you are trying to...
pcTattletale spyware leaks database containing victim screenshots, gets website defaced
The idea behind the software is simple. When the spying party installs the stalkerware, they grant permission to record what happens on the targeted Android or Windows device. The observer can then log in on an online portal and activate recording, at which point a screen capture is taken on the...
How AI will change your credit card behind the scenes
Many companies are starting to implement Artificial Intelligence AI within their services. Whenever there are large amounts of data involved, AI offers a way to turn that pile of data into actionable insights. And theres a big chance that our data are somewhere in that pile, whether they can be...
DocGo patient health data stolen in cyberattack
Medical health care provider DocGo has disclosed in a form 8-K that it experienced a cybersecurity incident involving some of the company’s systems. As part of the investigation of the incident, the company says it has determined that the attacker accessed and acquired data, including certain...
Apple warns people of mercenary attacks via threat notification system
Apple has reportedly sent alerts to individuals in 92 nations on Wednesday, April 10, to say its detected that they may have been a victim of a mercenary attack. The company says it has sent out these types of threat notifications to over 150 countries since the start in 2021. Mercenary spyware i...
New ransomware group demands Change Healthcare ransom
The Change Healthcare ransomware attack has taken a third cruel twist. A new ransomware group, RansomHub, has listed the organisation as a victim on its dark web leak site, saying it has 4 TB of "highly selective data," which relates to "all Change Health clients that have sensitive data being...
FakeBat delivered via several active malvertising campaigns
February was a particularly busy month for search-based malvertising with the number of incidents we documented almost doubling. We saw similar payloads being dropped but also a few new ones that were particularly good at evading detection. One malware family we have been tracking on this blog is...
Going viral shouldn’t lead to bomb threats, with Leigh Honeywell: Lock and Code S05E06
This week on the Lock and Code podcast… A disappointing meal at a restaurant. An ugly breakup between two partners. A popular TV show that kills off a beloved, main character. In a perfect world, these are irritations and moments of vulnerability. But online today, these same events can sometimes...
PetSmart warns customers of credential stuffing attack
Pet retail company PetSmart has emailed customers to alert them to a recent credential stuffing attack. Credential stuffing relies on the re-use of passwords. Take this example: User of Site A uses the same email and password to login to Site B. Site A gets compromised and those login details are...
ALPHV is singling out healthcare sector, say FBI and CISA
In an updated StopRansomware security advisory, the Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Department of Health and Human Services HHS has warned the healthcare industry about the danger of the ALPHV ransomware group, also known as...
A week in security (January 29 – February 4)
Last week on Malwarebytes Labs: CISA: Disconnect vulnerable Ivanti products TODAY FBI removes malware from hundreds of routers across the US "You have blood on your hands." Senate Committee calls for action by social media giants to protect children online Tax season is here, so are scammers Moth...
FBI removes malware from hundreds of routers across the US
The FBI has used a court order to remove malware from hundreds of routers across the US, and alter the routers’ settings to prevent reinfection. The routers are malware-infected NetGear and Cisco small office/home office SOHO devices that no longer receive updates because they have reached their...
Google changes wording for Incognito browsing in Chrome
Users of Chrome Canary have noticed some slight changes in the wording that Google uses for Incognito mode. Chrome Canary is mainly intended for use by developers. It’s updated nearly daily with new features, and because it can be used alongside versions of the “normal” Chrome browser known...
A true tale of virtual kidnapping: Lock and Code S05E02
This week on the Lock and Code podcast… On Thursday, December 28, at 8:30 pm in the Utah town of Riverdale, the city police began investigating what they believed was a kidnapping. 17-year-old foreign exchange student Kai Zhuang was missing, and according to Riverdale Police Chief Casey Warren,...
Introducing Security Advisor Site Scores for OneView: Easy assessment of client security for MSPs
In a world rife with cyber threats, it is crucial for Managed Service Providers MSPs to conduct thorough assessments of their clients’ security posture. Even minor misconfigurations, if overlooked, can leave clients vulnerable to attacks. Yet, lacking the necessary tools, many MSP IT teams are in...
Ragnar Locker ransomware group taken down
Even though it had a long run for a ransomware group, it seems the bell might be tolling for Ragnar Locker. On October 19, 2023, the group’s leak site was seized by an international group of law enforcement agencies. The take down action was carried out between 16 and 20 October. During the actio...
3 crucial security steps people should do, but don't
Cybersecurity could be as easy as 1-2-3. The problem, though, is that people have to want it. In new research conducted by Malwarebytes, internet users across the United States and Canada admitted to dismal cybersecurity practices, failing to adopt some of the most basic defenses for staying safe...
Google’s Bard conversations turn up in search results
Google is coming under scrutiny after people discovered transcripts of conversations with its AI chatbot Bard are being indexed in Google search results. Bard is Googles answer to ChatGPT, and allows users to have conversations with an AI. Services like these have attracted a lot of attention,...
Webinar: Bridging digital transformation & cybersecurity
Digital transformation may be revolutionizing businesses and the way we operate, but it also presents notable challenge: How can organizations stay secure amidst the ceaseless tide of change? Our latest Byte Into Security webinar has the answers. Meet the Experts Marcin Kleczynski, CEO of...
Major cyberattack leaves MGM Resorts reeling
A major incident impacting MGM Resorts has caused computer shutdowns all over the US. The systems most impacted are tied to casinos and hotel computer systems. According to the AP, locations caught by this shutdown range from New York and Ohio to Michigan and Mississippi. At this point Id link to...
Chrome's "Enhanced Ad Privacy": What you need to know
Users of Google's Chrome web browser may wish to dig into their privacy settings as a new feature regarding advertising privacy slowly rolls out to the masses. Googles "Enhanced Ad Privacy" feature may soon appear in your browser, tied to choices regarding a new Chrome feature named Topics. This ...
QR codes used to phish for Microsoft credentials
Researchers have published details about a phishing campaign that uses QR codes to phish for Microsoft credentials. A QR Quick Response code is a kind of two-dimensional barcode that holds encoded data in a graphical black-and-white pattern. The data that a QR code stores can include URLs, email...
Beware malware posing as beta versions of legitimate apps, warns FBI
The FBI has issued a warning that cybercriminals are embedding malicious code in mobile beta-testing apps in attempts to defraud potential victims. The victims are typically contacted on dating sites and social media, and in some cases they are promised incentives such as large financial payouts...
Public companies must now disclose breaches within 4 days
Public organisations in the US impacted by a cyberattack will now have to disclose it within four days…with some caveats attached. On Wednesday, new rules were approved by the US Securities and Exchange Commission SEC. These rules mean that publicly traded companies will need to reveal said attac...
Meta subsidiaries must pay $14m over misleading data collection disclosure
Meta has run into yet another bout of court related issues--two subsidiaries have been ordered to pay $14 million regarding undisclosed data collection. The Australian case, which has rumbled on for the best part of two and a half years, has focused on claims related to a now discontinued Virtual...
From Malvertising to Ransomware: A ThreatDown webinar recap
Our recent webinar From Malvertising to Ransomware highlight the clear connection between malvertising--the practice of embedding malicious code within legitimate online advertisements--and the epidemic of ransomware attacks affecting businesses globally. Presented by Mark Stockley, security...
Online safety tips for LGBTQIA+ communities
The internet is great for bringing people together, helping you feel part of a community, and staying in touch with your nearest and dearest. But it can also be a nasty place - from malware to scammers, to people just being plain awful to others. It's probably not surprising to read that recent...
5 unusual cybersecurity tips that actually work
So, youre on top of your software updates, you use a password manager, youve enabled two-factor authentication wherever you can, youve got BrowserGuard installed, and youre running Malwarebytes Premium. If you're doing all of that you're already winning at security. But you want more, because you...
Malvertising via brand impersonation is back again
Web search is about to embark on a new journey thanks to artificial intelligence technology that online giants such as Microsoft and Google are experimenting with. Yet, there is a problem when it comes to malicious ads displayed by search engines that AI likely won't be able to fix. In recent...
A week in security (May 8-14)
Last week on Malwarebytes Labs: The rise of "Franken-ransomware," with Allan Liska: Lock and Code S04E11 Ransomware review: May 2023 Brightline breach hits at least 964,000 people, US records show Ransomware attack on MSI led to compromised Intel Boot Guard private keys Fake system update drops...
World Password Day must die
The continued existence of World Password Day is a tell that something has gone badly wrong in cybersecurity. Now in its tenth year, the day is supposed to act as an annual reminder for people to follow good password hygiene: Dont reuse passwords; use long passwords; no, longer passwords than tha...
GuLoader returns with a rotten shipment
GuLoader, a perennial favourite of email-based malware campaigns since 2019, has been seen in the wild once again. GuLoader is a downloader with a chequered history, dating back to somewhere around 2011 in various forms. Two years ago it was one of our most seen malspam attachments. Most popular...
Is AI being used for virtual kidnapping scams?
You may have seen a worrying report of Artificial Intelligence AI being used in a virtual kidnapping scam. The AI was supposedly used to imitate the voice of an Arizona resident's daughter, who claimed to have been kidnapped. The daughter was safe and well elsewhere on a school trip. Unfortunatel...
Uber data theft: Driver info stolen after law firm breached
Uber, yet again, has become a victim of data theft following a third-party breach. This time, threat actors have aimed at the company's law firm, Genova Burns. Data of Uber's drivers may have been swiped during the security incident. According to the letter sent to affected drivers, the firm beca...
Google aims to reduce data theft with app data and account deletions
Google has made multiple security improvements to the general operation of apps over the last 12 months or so. Its now a little easier to understand what apps want from you. Labels which indicate a level of trustworthiness for developers. Changes made to ensure old, abandoned apps will no longer...
[Updated April 3] 3CX desktop app used in a supply chain attack
Researchers have found that the 3CX desktop app may be compromised and used in supply chain attacks. The 3CX Desktop App is a Voice over Internet Protocol VoIP type of application which is available for Windows, macOS, Linux and mobile. Many large corporations use it internally to make calls, vie...
The NBA tells fans about data breach
The National Basketball Association NBA has notified its fans they may be affected by a data breach in a third-party service the organization uses. For now, it is safe to assume that the attacker only obtained names and email addresses, but the NBA has hired the services of external cybersecurity...
LockBit ransomware attacks Essendant
The LockBit ransomware group is claiming responsibility for taking down a US-based distributor of office products called Essendant. This attack, which is said to have begun on or around March 6, created severe ramifications for the organisation, disrupting freight carrier pickups, online orders,...
Hackers threaten to leak STALKER 2 assets if devs don’t heed demands
Ukrainian game developer GSC Game World has announced it was breached by Russian hacktivists who stole assets related to the much-awaited game STALKER 2: Heart of Chernobyl. A message from GSC Game World team pic.twitter.com/rqRM0tFZmO -- S.T.A.L.K.E.R. OFFICIAL @stalkerthegame March 12, 2023...
How to set up two-factor authentication on Twitter using a hardware key
If you use text based authentication as an additional level of security for your Twitter account, you may be aware that this option will be reserved for paying Twitter Blue subscribers come mid-March. This post explains how to enable hardware key authentication instead. Enabling a hardware securi...
TikTok car theft challenge: Hyundai, Kia fix flaw
Car manufacturer Hyundai, and its subsidiary Kia, began rolling out a free software update on February 14, 2023, to address a flaw in their anti-theft software, which was highlighted in a social media challenge. The release of the update came nine months after an uptick in car theft of the affect...
What is AI good at (and what the heck is it, actually), with Josh Saxe: Lock and Code S04E04
In November of last year, the AI research and development lab OpenAI revealed its latest, most advanced language project: A tool called ChatGPT. ChatGPT is so much more than "just" a chatbot. As users have shown with repeated testing and prodding, ChatGPT seems to "understand" things. It can give...
Up to 10 million people potentially impacted by JD Sports breach
Were at the start of February, and news of breaches keeps on coming. In this case, though, while the news that 10 million JD Sports customers may have been impacted by a cyber attack has only just arrived, the data potentially accessed in that attack is already several years old. The danger zone ...
"2.6 million DuoLingo account entries" up for sale
Not a week goes by where we dont see an example of data scraping causing concern for both business and folks at home. The latest target happens to be popular language platform DuoLingo, who is currently digging into a forum post concerning data related to its customer accounts. Scraping data for...