Cybercrime gets a few punches on the nose

It’s not often that we get to share good news, so we wanted to grab this opportunity and showcase some progress made by law enforcement actions against cybercrime with you. Europol notified us about the take-down of two of the largest cybercrime forums in the world. With over 10 million users,...

2024 in AI: It’s changed the world, but it’s not all good

A popular saying is: “To err is human, but to really foul things up you need a computer.” Even though the saying is older than you might think, it did not come about earlier than the concept of artificial intelligence AI. And as long as we have been waiting for AI technology to become commonplace...

Update your iPhone, Mac, Watch: Apple issues patches for several vulnerabilities

Apple has released security patches for most of its operating systems, including iOS, Mac, iPadOS and watchOS. Especially important are the updates for iOS and iPadOS which tackle vulnerabilities which could potentially leak sensitive user information. You should make sure you update as soon as y...

AI scammers target Gmail accounts, say they have your death certificate

Several reputable sources are warning about a very sophisticated Artificial Intelligence AI supported type of scam that is bound to trick a lot of people into compromising their Gmail account. The most recent warning comes from CEO of Y Combinator Garry Tan who posted on X, saying the scammers...

Android users targeted on Facebook and porn sites, served adware

Android users, be on your guard against adware trying to infect your device. The adware—known as MobiDash—is spreading via several channels, according to ThreatDown research. One of the characteristics that makes MobiDash stand out is that it can be added to legitimate apps without changing how t...

Relationship broken up? Here’s how to separate your online accounts

Breaking up is hard to do. The internet has made it harder. With couples today regularly sharing access to one another’s email accounts, streaming services, social media platforms, online photo albums, and more, the risk of a bad breakup isn’t just heartache. Equipped with unfettered access into...

Disney “breached,” data dumped online

A group of cybercriminals going by the handle NullBulge claims to have downloaded the Slack channels used by Disney’s developers. “DisneySlackLeak Disney has had their entire dev slack dumped. 1.1TiB of files and chat messages. Anything we could get our hands on, we downloaded and packaged up. Wa...

Microsoft Recall delayed after privacy and security concerns

Microsoft has announced it will postpone the broadly available preview of the heavily discussed Recall feature for Copilot+ PCs. Copilot+ PCs are personal computers that come equipped with several artificial intelligence AI features. The Recall feature tracks anything from web browsing to voice...

Advance Auto Parts customer data posted for sale

A cybercriminal using the handle Sp1d3r is offering to sell 3 TB of data taken from Advance Auto Parts, Inc. Advance Auto Parts is a US automotive aftermarket parts provider that serves both professional installers and do it yourself customers. Allegedly the customer data includes: Names Email...

Debt collection agency FBCS leaks information of 3 million US citizens

The US debt collection agency Financial Business and Consumer Solutions FBCS has filed a data breach notification, listing the the total number of people affected as 3,226,631. FBCS is a nationally licensed, third-party collection agency that collects commercial and consumer debts, with most of i...

A week in security (May 27 – June 2)

Last week on Malwarebytes Labs: Data leak site BreachForums is back, boasting Live Nation/Ticketmaster user data. But is it a trap? The Ticketmaster "breach"—what you need to know Ticketmaster confirms customer data breach How to tell if a VPN app added your Windows device to a botnet Beware of...

pcTattletale spyware leaks database containing victim screenshots, gets website defaced

The idea behind the software is simple. When the spying party installs the stalkerware, they grant permission to record what happens on the targeted Android or Windows device. The observer can then log in on an online portal and activate recording, at which point a screen capture is taken on the...

Your vacation, reservations, and online dates, now chosen by AI: Lock and Code S05E11

This week on the Lock and Code podcast… The irrigation of the internet is coming. For decades, we’ve accessed the internet much like how we, so long ago, accessed water—by traveling to it. We connected quite literally, we logged on, and we zipped to addresses and sites to read, learn, shop, and...

Apple and Google join forces to stop unwanted tracking

Apple and Google have announced an industry specification for Bluetooth tracking devices which help alert users to unwanted tracking. The specification, called Detecting Unwanted Location Trackers, will make it possible to alert users across both iOS and Android if a device is unknowingly being...

You get a passkey, you get a passkey, everyone should get a passkey

Microsoft is rolling out passkey support for all consumer accounts. Passkeys are a very secure replacement for passwords that cant be cracked, guessed or phished, and let you log in easily, without having to type a password every time. After enabling them in Windows 11 last year, Microsoft accoun...

A week in security (April 22 – April 28)

Last week on Malwarebytes Labs: Ring agrees to pay $5.6 million after cameras were used to spy on customers TikTok comes one step closer to a US ban Google ad for Facebook redirects to scam "Substantial proportion" of Americans may have had health and personal data stolen in Change Healthcare...

Picking fights and gaining rights, with Justin Brookman: Lock and Code S05E09

This week on the Lock and Code podcast… Our Lock and Code host, David Ruiz, has a bit of an apology to make: “Sorry for all the depressing episodes.” When the Lock and Code podcast explored online harassment and abuse this year, our guest provided several guidelines and tips for individuals to lo...

Cannabis investment scam JuicyFields ends in 9 arrests

Europol and its associates have arrested 9 people in conjunction with a cannabis investment scam known as "JuicyFields". The suspects used social media to lure investors to their website. There they found information about a “golden opportunity” to invest in the cultivation, harvesting and...

New ransomware group demands Change Healthcare ransom

The Change Healthcare ransomware attack has taken a third cruel twist. A new ransomware group, RansomHub, has listed the organisation as a victim on its dark web leak site, saying it has 4 TB of "highly selective data," which relates to "all Change Health clients that have sensitive data being...

Cookie consent choices are just being ignored by some websites

In news that is, sadly, unlikely to shock you, new research indicates that many websites ignore visitors choices to refuse cookies and collect their data anyway. Researchers at the University of Amsterdam UvA analyzed 85,000 European websites and came to the conclusion that 90% of them violated a...

Jackson County hit by ransomware, declares state of emergency

On April 2, 2024, Jackson County tweeted that it had identified significant disruptions within its IT systems, "potentially attributable to a ransomware attack". Jackson County is one of 114 counties in Missouri, with a population of approximately 718,000 people, mostly in Kansas City. We have...

How to back up your iPhone to a Windows computer

They say the only backup you ever regret is the one you didnt make. iPhone backups can be used to easily move your apps and data to a new phone, to recover things youve lost, or to fix things that have failed. Weve published posts on how to back up your iPhone to iCloud, and how to backup an iPho...

Signal to shield user phone numbers by default

Chat app Signal will shield user’s phone numbers by default from now on. And, it will no longer be necessary to exchange phone numbers when people want to connect through the app. In November, we reported that Signal was testing usernames to eliminate the need to share your phone number. Signal h...

LockBit, the world’s worst ransomware, is down

For the last two years the absolute worst, most prolific, most globally significant "big game" ransomware gang has been LockBit. This evening its position as ransomwares biggest beast is suddenly in doubt, following some non-consensual website redecoration at the hands of the UKs National Crime...

AI likely to boost ransomware, warns government body

The British National Cyber Security Centre NCSC says it expects Artificial Intelligence AI to heighten the global ransomware threat. In a report, the NCSC makes the assessment that AI will almost certainly increase the volume and heighten the impact of cyberattacks over the next two years. We’re...

A week in security (January 15 – January 21)

Last week on Malwarebytes Labs: Google failing to scrub abortion access in location history, study claims Google changes wording for Incognito browsing in Chrome CISA urges urgent patching of two actively exploited Citrix NetScaler vulnerabilities Cybersecurity spend to soar in 2024: How companie...

Free access to ThreatDown Application Block: Elevate your Windows security at no cost

Malwarebytes continues to add value to its ThreatDown Bundles with the inclusion of Application Block as free for all ThreatDown Nebula accounts excluding Mobile only accounts. Users dont need to activate this new feature: the policy has been enabled in their account by default. For as many...

Investment fraud a serious money maker for criminals

Europols’s spotlight report ‘Online fraud schemes: a web of deceit’, looks into online fraud schemes—a major crime threat in the EU and beyond—and one of the reports primary themes is investment fraud. But first I want to share some more remarkable conclusions from the report: Charity scams that...

Update now! Apple issues patches for older iPhones and other devices

Apple has issued emergency updates that include patches for older iOS devices concerning the two actively used zero-day vulnerabilities that were patched last week in newer devices. Updates are available for: Safari 17.2| macOS Monterey and macOS Ventura| ---|---|--- iOS 17.2 and iPadOS 17.2|...

Social media giants to testify over failing to protect kids

US senators have urgently invited the CEOs of five of the major social media giants to testify about their failure to protect children online. The Senate Judiciary Committee said it will hear from Meta CEO Mark Zuckerberg, X formerly Twitter CEO Linda Yaccarino, TikTok CEO Shou Zi Chew, Snap CEO...

Meta sued over forcing users to pay to stop tracking

Meta is required to get users’ consent in Europe in order to show them targeted ads. For this reason, Meta has to provide European users with a way to opt out of behavioral advertising or face fines totalling $100,000 a day. Behavioral advertising are ads tailored to someone’s browsing habits and...

Alarm system cyberattack leaves those in need struggling to call for help

An alarm system company that allows those in need to ask for help at the touch of a button has suffered a cyberattack, causing serious disruption. Tunstall Netherlands says the attack left the control room struggling to receive distress calls from clients on Sunday November 12, 2023. Tunstall,...

Octo Tempest cybercriminal group is “a growing concern”—Microsoft

Octo Tempest is believed to be a group of native English speaking cybercriminals that uses social engineering campaigns to compromise organizations all over the world. Initially the group made a name for itself by SIM swapping. SIM swapping, also known as SIM jacking, is the act of illegally taki...

AI sneak attacks, location spying, and definitely not malware, or, what one teenager fears online: Lock and Code S04E21

This week on the Lock and Code podcast... What are you most worried about online? And what are you doing to stay safe? Depending on who you are, those could be very different answers, but for teenagers and members of Generation Z, the internet isn't so scary because of traditional threats like...

Gen Z fears physical violence from being online more than anyone else, Malwarebytes finds

The "version history" of the internet was split by what we could do online--simple browsing across Web 1.0s static web pages, instant connection throughout Web 2.0s social platforms, and, into the future, potential new forms of ownership within Web 3.0s dreams of decentralization. But, as...

Malwarebytes MDR wins G2 awards for "Best ROI," "Easiest to Use," and more

Malwarebytes Managed Detection and Response MDR earned a placed in 12 new reports on G2s Fall 2023 reports, winning badges for "Easiest to do Business With," "Best Est. ROI," "Easiest to Use," and "Easiest Admin." Purpose-built for resource constrained teams, Malwarebytes MDR provides IT staff wi...

What does a car need to know about your sex life? Lock and Code S04E20

This week on the Lock and Code podcast... When you think of the modern tools that most invade your privacy, what do you picture? There's the obvious answers, like social media platforms including Facebook and Instagram. There's email and "everything" platforms like Google that can track your...

A week in security (September 18 - September 24)

Last week on Malwarebytes Labs: Emergency update! Apple patches three zero-days T-Mobile spills billing information to other customers Involved in a data breach? Heres what you need to know Steer clear of cryptocurrency recovery phrase scams DoppelPaymer ransomware group suspects identified The...

Steer clear of cryptocurrency recovery phrase scams

The dangers of cryptocurrency phishing are back in the news, after tech investor Mark Cuban was reported to have lost around $870k via a phishing link. Cuban lost a combination of coin types as asset movement flagged up after months of inactivity from his wallet. Cuban discovered some of the...

Compromised Free Download Manager website was delivering malware for years

In a public announcement, Free Download Manager has acknowledged that a specific web page on its site was compromised by a Ukrainian cybercrime group, exploiting it to distribute malware. Free Download Manager is--unsurprisingly--a download manager for Windows, macOS, Android, and Linux that allo...

Ransomware group steps up, issues statement over MGM Resorts compromise

The recent attack on MGM Resorts generated lots of speculation with regard to what the cause was. Some folks claimed the culprit was ransomware. Well, confirmation is now forthcoming as an affiliate of the BlackCat/ALPHV ransomware group is said to be the one responsible for the attack and...

Microsoft Teams used to deliver DarkGate Loader malware

Researchers have found a new method by which cybercriminals are spreading the DarkGate Loader malware. Until now, DarkGate was typically distributed via phishing emails. The malspam campaign used stolen email threads to lure victims into clicking a hyperlink, which downloaded the malware. But...

Major cyberattack leaves MGM Resorts reeling

A major incident impacting MGM Resorts has caused computer shutdowns all over the US. The systems most impacted are tied to casinos and hotel computer systems. According to the AP, locations caught by this shutdown range from New York and Ohio to Michigan and Mississippi. At this point Id link to...

Wyze home cameras temporarily show other people's security feeds

A mishap has resulted in security feeds and camera logs from home cameras being temporarily visible online. Users of Wyze, makers of smart products and home cameras, fell victim to this bizarre incident sometime around September 8. One of the first posts about this appeared on Reddit, where a use...

Meal delivery service PurFoods announces major data breach

An organisation that provides home delivery meals has revealed that around 1.2 million people's personal data may be at risk, after the company suffered a ransomware attack earlier in the year. PurFoods, which offers up a service called Moms Meals, helps to provide meals for folks in a variety of...

Google strengthens its Workplace suite protection

Google has announced the strengthening of safeguard measures for its Workspace customers. You may well be using Workspace without realising it. If youre using a Google product such as Gmail, Calendar, Drive, or Google Docs Editors Suite among other apps, then congratulations: you are fully inside...

Alert Prioritization and Guided Remediation: The future of EDR

Sleepless nights, missed threats, a deluge of notifications--the common symptoms of the bane of IT teams everywhere: Alert fatigue. Out of the litany of problems IT teams face every day, alert fatigue might be among the most pressing--especially considering that 30 percent of EDR alerts are ignor...

A week in security (August 7 - August 13)

Last week on Malwarebytes Labs: Zoom clarifies user consent requirement when training its AI Several hospitals still counting the cost of widespread ransomware attack Old exploit kits still kicking around in 2023 YouTube makes sweeping changes to tackle spam on Shorts videos Googles "browse...

TikTok facing fines for violating children’s privacy

The European Data Protection Board is expected to fine TikTok for violating the privacy of young children within the next four weeks. The European Data Protection Board said a binding decision has been reached over TikTok's processing of childrens data, after the ByteDance-owned app submitted leg...

Docker Hub images found to expose secrets and private keys

Numerous Docker images shared on Docker Hub are exposing sensitive data, according to a study conducted by researchers at the German university RWTH Aachen. Needless to say, this poses a significant security risk. In traditional software development, programmers code an application in one computi...