Lucene search
K
MalwarebytesMost viewed

4709 matches found

Malwarebytes
Malwarebytes
added 2021/10/26 4:13 p.m.20 views

How social media mistakes can impact cybersecurity

We talked to members of our Malware Removal Support team and asked them what kind of problems they get asked to solve for our customers. To understand why they get to handle these questions, it is also necessary to know that the Malwarebytes software is unable to resolve the problems users are...

Exploits0
Malwarebytes
Malwarebytes
added 2021/10/01 2:19 p.m.20 views

Apple Pay vulnerable to wireless pickpockets

Researchers have shown that it is possible for attackers to bypass an Apple iPhones lock screen to access payment services and make contactless transactions. The issue, which only applies to Apple Pay and Visa, is caused by the use of so-called magic bytes, a unique code used to unlock Apple Pay...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/09/13 12:33 p.m.20 views

A week in security (Sept 6 – Sept 12)

Last week on Malwarebytes Labs Apple delays plans to search devices for child abuse imagery. ProtonMail hands user’s IP address and device info to police, showing the limits of private email. Patch now! Netgear fixes serious smart switch vulnerabilities. Tor vs VPN—What is the difference? Windows...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/09/29 5:0 p.m.20 views

Caught in the payment fraud net: when, not if?

Sometimes, I think there are three certainties in life: death, taxes, and some form of payment fraud. Security reporter Danny Palmer experienced this a little while ago, and has spent a significant amount of time tracking the journey of his card details from the UK to Suriname. His deep-dive...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/08/25 3:0 p.m.20 views

The cybersecurity skills gap is misunderstood

Nearly every year, a trade association, a university, an independent researcher, or a large corporation—and sometimes all of them and many in between—push out the latest research on the cybersecurity skills gap, the now-decade-plus-old idea that the global economy lacks a growing number of...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/08/04 3:0 p.m.20 views

Business email compromise: gunning for goal

The evergreen peril of business email compromise BEC finds itself in the news once more. This time, major English Premier League football teams almost fell victim to their trickery, to the tune of £1 million. First half: fraudsters on the offensive Somebody compromised a Managing Director’s email...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/10/02 3:0 p.m.20 views

Bring your own security (BYOS): good idea or not?

We've talked about the concept of Bring Your Own Device, or BYOD, on the blog before. BYOD is a popular policy whereby employees can bring personally-owned devices, such as laptops, tablets, or smartphones, to work and use them to access data and applications. It helps to cut costs and can increa...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/02/13 4:0 p.m.20 views

Kotlin-based malicious apps penetrate Google market

An open-source programming language, Kotlin is a fully-supported official programming language for Android. Google boasts that Kotlin contains safety features in order to make apps "healthy by default." Many apps are already built with Kotlin, from the hottest startups to Fortune 500 companies...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/02/06 6:0 p.m.20 views

Safer Internet Day 2018: ad blockers and anti-trackers

The path to a safer Internet can be a bit of a quandary. What programs should you buy? How long should your passwords be? Is it okay to write them down? What makes a website secure? All of these questions can merit their own lengthy essays, so today, on Safer Internet Day, we’re going to look at...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/12/06 7:42 p.m.20 views

Use TeamViewer? Fix this dangerous permissions bug with an update

TeamViewer, the remote control/web conference program used to share files and desktops, is suffering from a case of "patch it now." Issued yesterday, the fix addresses an issue where one user can gain control of another's PC without permission. Windows, Mac, and LinuxOS are all apparently affecte...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/12/05 6:20 p.m.20 views

Blockchain technology: not just for cryptocurrency

Imagine a place where you can safely store all your personal information and only you decide who has access to it. You can choose which parts of that information you want to share, and you can just as easily revoke that access. If this place ever comes into existence, I am willing to bet it will ...

6.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/09/28 2:58 p.m.20 views

Tech support scammers abuse native ad and content provider Taboola to serve malvertising (updated)

A large number of publishers - big and small - are monetizing their sites by selling space for companies that provide so-called native advertising, cited as more effective and engaging than traditional banner ads. Indeed, on a news or entertainment site, users are more inclined to click on links...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/07/27 4:0 p.m.20 views

The state of ransomware among SMBs

In a report conducted by Osterman Research and sponsored by Malwarebytes, more than 1,000 small and medium-sized businesses were surveyed in June 2017 about ransomware and other critical security issues. What we discovered was surprising—ransomware authors aren’t only targeting enterprise...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/06/27 8:26 p.m.20 views

Petya-esque ransomware is spreading across the world

UPDATE 6/29/2017 1045 PST: According to information uncovered within Malwarebytes Labs, we have determined that this ransomware variant is coded to erase a unique and randomly generated key that is used to encrypt the MFT Master File Table. The destruction of the Salsa20 key makes it very unlikel...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/06/26 3:0 p.m.20 views

Mobile Menace Monday: Fake WannaCry Scanner

With all the buzz around the PC ransomware WannaCry, it’s no surprise that a fake antivirus FakeAV has emerged on Google Play. Entitled WannaCry Ransomware Protector for Android, the bold claim it makes is right in its name. So how do we know this claim is false? Simple, there is no WannaCry...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/06/24 10:48 a.m.19 views

“Total access to all your devices.” Sextortion scammers strike again

At the moment, we’re seeing all kinds of sextortion emails. The scam is cheap to run, easy to automate, and apparently profitable enough that cybercriminals keep using it. Some criminals put more effort into their messages than others. Sextortion emails are messages claiming that scammers recorde...

5.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/06/18 11:27 a.m.19 views

Retro gaming fans are the new target for fake GitHub malware

Retro gaming fans should be careful with GitHub projects that claim to be tools or plugins for their consoles. Attackers can disguise ordinary computer malware as homebrew software, and the technique works against any retro platform with an active modding scene, not just one console. We recently...

5.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/05/26 10:1 a.m.19 views

Scammers pretending to be Microsoft had help from US executives

A pop-up appears on your computer, warning of a virus. You call the "Microsoft technician" in the pop-up message, and they explain that they need remote access to fix it. Most of us know this script by now. It's a scam, operated by people intent on siphoning money from your account. A court case...

5.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/05/18 10:42 a.m.19 views

Microsoft is changing Edge’s plaintext password behavior

Microsoft said it will change Edge’s password handling as a “defense‑in‑depth” measure. Originally, Edge decrypted the entire saved‑password store on startup and kept all credentials resident in process memory in clear text for the whole browser session, regardless of whether a given credential w...

5.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/05/13 11:0 a.m.19 views

May 2026 Patch Tuesday: no zero-days but plenty to fix

This month’s Patch Tuesday remedies 137 security vulnerabilities, including 31 marked critical by Microsoft, with no zero-days actively exploited in the wild. Microsoft defines a zero-day as “a flaw in software for which no official patch or security update is available yet.” This month, Microsof...

8.4CVSS7AI score0.00605EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2026/02/20 10:0 a.m.19 views

Facebook ads spread fake Windows 11 downloads that steal passwords and crypto wallets

Attackers are running paid Facebook ads that look like official Microsoft promotions, then directing users to near-perfect clones of the Windows 11 download page. Click Download Now and instead of a Windows update, you get a malicious installer—one that silently steals saved passwords, browser...

5.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/02/17 10:20 a.m.19 views

Hobby coder accidentally creates vacuum robot army

Sammy Azdoufal wanted to steer his robot vacuum with a PS5 controller. Like any good maker, he thought it would be fun to drive a new DJI Romo around manually. He ended up gaining access to an army of robotic cleaners that gave him eyes into thousands of homes. Driven by purely playful reasons,...

5.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/01/08 1:35 p.m.19 views

Lego’s Smart Bricks explained: what they do, and what they don’t

Lego just made what it claims is its most important product release since it introduced minifigures in 1978. No, it's not yet another brand franchise. It's a computer in a brick. Called the Smart Brick , it's part of a broader system called Smart Play that Lego hopes will revolutionize your child...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/07/22 1:49 p.m.19 views

Startup takes personal data stolen by malware and sells it on to other companies

A tech startup is using personal data stolen by infostealer malware that it has found on the dark web, and then selling access to that data. And it claims to be working within the law. According to 404 Media, for as little as $50, Farnsworth Intelligence will give companies a look at records from...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/04/25 3:58 p.m.19 views

AI is getting “creepy good” at geo-guessing

If you are worried about revealing your exact location—or if you maybe even fib about it at times—there are some good reasons to worry about what is visible in background photos, because Artificial Intelligence AI is getting very good at guessing where you are based on the smallest of clues. And...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/04/03 7:58 p.m.19 views

Popular VPNs are routing traffic via Chinese companies, including one with link to military

Up to one in five of the most popular mobile VPNs for iOS last year are owned by Chinese companies that do their best to hide the fact. In at least one case, the owner is on a US blacklist. That's according to a report from the non-profit Tech Transparency Project TTP, who investigated the top 10...

6.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/10/16 1:14 p.m.19 views

“Nudify” deepfake bots remove clothes from victims in minutes, and millions are using them

Millions of people are turning normal pictures into nude images, and it can be done in minutes. Journalists at Wired found at least 50 "nudify" bots on Telegram that claim to create explicit photos or videos of people with only a couple of clicks. Combined, these bots have millions of monthly...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/10/15 2:4 p.m.19 views

AI scammers target Gmail accounts, say they have your death certificate

Several reputable sources are warning about a very sophisticated Artificial Intelligence AI supported type of scam that is bound to trick a lot of people into compromising their Gmail account. The most recent warning comes from CEO of Y Combinator Garry Tan who posted on X, saying the scammers...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/09/27 3:57 p.m.19 views

Millions of Kia vehicles were vulnerable to remote attacks with just a license plate number

In June of 2024 security researchers uncovered a set of vulnerabilities in the Kia dealer portal that allowed them to remotely take over any Kia vehicle built after 2013—and all they needed was a license plate number. According to the researchers: "These attacks could be executed remotely on any...

7.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/09/23 1:54 p.m.19 views

Relationship broken up? Here’s how to separate your online accounts

Breaking up is hard to do. The internet has made it harder. With couples today regularly sharing access to one another’s email accounts, streaming services, social media platforms, online photo albums, and more, the risk of a bad breakup isn’t just heartache. Equipped with unfettered access into...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/06/27 1:0 p.m.19 views

‘Poseidon’ Mac stealer distributed via Google ads

On June 24, we observed a new campaign distributing a stealer targeting Mac users via malicious Google ads for the Arc browser. This is the second time in the past couple of months where we see Arc being used as a lure, certainly a sign of its popularity. It was previously used to drop a Windows...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/06/20 9:58 a.m.19 views

TikTok facing fresh lawsuit in US over children’s privacy

The Federal Trade Commission FTC has announced its referred a complaint against TikTok and parent company ByteDance to the Department of Justice. The investigation originally focused on Musical.ly which was acquired by ByteDance on November 10, 2017, and merged it into TikTok. The FTC started a...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/06/17 1:55 p.m.19 views

Microsoft Recall delayed after privacy and security concerns

Microsoft has announced it will postpone the broadly available preview of the heavily discussed Recall feature for Copilot+ PCs. Copilot+ PCs are personal computers that come equipped with several artificial intelligence AI features. The Recall feature tracks anything from web browsing to voice...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/05/03 8:21 p.m.19 views

You get a passkey, you get a passkey, everyone should get a passkey

Microsoft is rolling out passkey support for all consumer accounts. Passkeys are a very secure replacement for passwords that cant be cracked, guessed or phished, and let you log in easily, without having to type a password every time. After enabling them in Windows 11 last year, Microsoft accoun...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/04/30 1:39 p.m.19 views

Malwarebytes Premium Security earns “Product of the Year” from AVLab

After blocking 100% of “in-the-wild” malware samples that were deployed in multiple, consecutive third-party tests conducted by the AVLab Cybersecurity Foundation, Malwarebytes Premium Security has earned “Product of the Year.” The recognition cements Malwarebytes Premium Security’s perfect recor...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/04/29 7:6 a.m.19 views

A week in security (April 22 – April 28)

Last week on Malwarebytes Labs: Ring agrees to pay $5.6 million after cameras were used to spy on customers TikTok comes one step closer to a US ban Google ad for Facebook redirects to scam "Substantial proportion" of Americans may have had health and personal data stolen in Change Healthcare...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/04/18 5:58 p.m.19 views

Law enforcement reels in phishing-as-a-service whopper

A major international law enforcement effort involving agencies from 19 countries has disrupted the notorious LabHost phishing-as-a-service platform. Europol reports that the organizations infrastructure has been compromised, its website shut down, and 37 suspects arrested, including four people ...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/04/03 7:44 p.m.19 views

Google Chrome gets ‘Device Bound Session Credentials’ to stop cookie theft

Google has announced the introduction of Device Bound Session Credentials DBSC to secure Chrome users against cookie theft. In January we reported how hackers found a way to gain unauthorized access to Google accounts, bypassing multi-factor authentication MFA, by stealing authentication cookies...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/03/04 8:51 a.m.19 views

A week in security (February 26 – March 3)

Last week on Malwarebytes Labs: PikaBot malware on the rise: What organizations need to know Malicious meeting invite fix targets Mac users Pig butchering scams, how they work and how to avoid them Airbnb scam sends you to a fake Tripadvisor site, takes your money Facebook bug could have allowed...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/02/20 7:53 p.m.19 views

ThreatDown EDR update: Streamlined Suspicious Activity investigation

Navigating the complex world of alerts just got easier, thanks to our latest enhancements to the ThreatDown Endpoint Detection and Response EDR platform. The detailed technical information in EDR alerts—replete with complicated diagrams and references to advanced cybersecurity tactics—can overwhe...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/02/20 10:43 a.m.19 views

Raccoon Infostealer operator extradited to the United States

A Ukrainian national, Mark Sokolovsky, has been indicted for crimes related to fraud, money laundering and aggravated identity theft and extradited to the United States from the Netherlands, the US Attorney’s Office of the Western District of Texas has announced. In March 2022, around the same ti...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/02/07 4:43 p.m.19 views

How to tell if your toothbrush is being used in a DDoS attack

Its not...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/01/24 2:55 p.m.19 views

How to lock out your ex-partner from your smart home

Stalkers can use all kinds of apps, gadgets, devices, and phones to spy on their targets, which are often their ex-partners. Unfortunately, while they no doubt have many positive uses, smart home devices give stalkers an array of tools to keep an eye on their targets. If you are the partner that...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/01/23 1:27 p.m.19 views

Microsoft got hacked by state sponsored group it was investigating

In a spy-vs-spy type of scenario, Microsoft has acknowledged that a group called Midnight Blizzard also known as APT29 or Cozy Bear, gained access to a Microsoft legacy non-production test tenant account. According to Microsoft, the group managed to access the account in November after subjecting...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/12/07 8:49 p.m.19 views

US government is snooping on people via phone push notifications, says senator

Many people don’t realize that the instant alert push notifications you get on your phone are routed through Google or Apples servers, depending on which device you use. So if you have an iPhone or iPad, any push notifications can be seen by Apple, and if you use an Android, they can be seen by...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/12/06 4:28 p.m.19 views

How IT teams can conduct a vulnerability assessment for third-party applications

Google Chrome, Adobe Acrobat Reader, TeamViewer, you name it—there’s no shortage of third-party apps that IT teams need to constantly check for vulnerabilities. But to get a better picture of the problem, lets bust out some napkin math. The average company uses about 200 applications overall...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/12/06 2:31 p.m.19 views

Windows 10 gets its own extended security updates program

The day that Windows 10 machines will get their last security updates is set for October 14, 2025. So if you want to stay secure, you’d have to upgrade to a newer version. Either to Windows 11, which is not all that different, but more demanding when it comes to system requirements. Or to the...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/12/05 12:59 p.m.19 views

Roblox and Twitch provider Tipalti breached by ransomware [updated]

As a response to this post, Tipalti reached out to us and asked us to post the following statement: Tipalti takes the security of our systems and data very seriously and has strong security protocols and tools in place. The Tipalti cybersecurity team and third-party forensic experts have been...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/12/04 10:37 a.m.19 views

Social media giants to testify over failing to protect kids

US senators have urgently invited the CEOs of five of the major social media giants to testify about their failure to protect children online. The Senate Judiciary Committee said it will hear from Meta CEO Mark Zuckerberg, X formerly Twitter CEO Linda Yaccarino, TikTok CEO Shou Zi Chew, Snap CEO...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/11/13 7:28 a.m.19 views

A week in security (November 06 – November 12)

Last week on Malwarebytes Labs: Defeating Little Brother requires a new outlook on privacy: Lock and Code S04E23 Medical research data Advarra stolen after SIM swap Okta breach happened after employee logged into personal Google account Introducing ThreatDown: A new chapter for Malwarebytes...

7.6AI score
Exploits0
Total number of security vulnerabilities4709