Lucene search
K
MalwarebytesMost viewed

4709 matches found

Malwarebytes
Malwarebytes
added 2023/05/04 10:30 a.m.18 views

The one and only password tip you need

OK, its time for me to keep a promise. Back in October 2022, I wrote an article called Why almost everything we told you about passwords was wrong. The article summarizes how a lot of what youve been told about passwords over the years was either wrong change your passwords as often as your...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/03 10:0 a.m.18 views

Upcoming webinar: Is EDR or MDR better for your business?

Don't miss our upcoming webinar on EDR vs. MDR! In the webinar, Marcin Kleczynski, CEO and co-founder of Malwarebytes, and guest speaker Joseph Blankenship, Vice President and research director at Forrester, discuss topic such as: The difference between EDR and MDR, how EDR solutions can be...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/17 2:0 a.m.18 views

Fake Chrome updates spread malware

Compromised websites are causing big headaches for Chrome users. A campaign running since November 2022 is using hacked sites to push fake web browser updates to potential victims. Researcher Rintaro Koike says this campaign has now expanded to also target those who speak Korean, Spanish, and...

6.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/14 1:30 p.m.18 views

Port scan attacks: Protecting your business from RDP attacks and Mirai botnets

Compromised IP addresses and domains--otherwise legitimate sites that are exploited by hackers without the owner's knowledge--are frequently utilized to conduct port scanning attacks. Port scanning involves systematically scanning a computer network for open ports, which can then be exploited by...

7.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/13 12:15 p.m.18 views

Ransomware in France, April 2022–March 2023

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their dark web sites. In this report, "known attacks" are attacks where the victim opted not to pay a ransom. This provides the best overall picture ...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/06 3:0 a.m.18 views

Do cyber regulations actually make K–12 schools safer? Navigating compliance while securing school and student data

Over the last decade, K-12 schools have made great strides in employing technologies that facilitate learning--especially since the onset of pandemic-induced distance education. While students have long since returned to the classroom, digital platforms for instruction, collaboration, and homewor...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/05 3:0 a.m.18 views

TikTok misused children's data, faces $15.6M fine

TikTok has been ordered to pay a fine of $15.6M £12.7M for failing to protect 1.4 million UK children under the age of 13 from accessing its platform in 2020. The Information Commissioner's Office ICO, the UK's data protection watchdog, imposed the fine after finding the company used children's...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/05 1:0 a.m.18 views

Fake ransomware demands payment without actually encrypting files

Fake it till you make it ransomware groups are trying to get rich off the backs of genuine ransomware authors. Why are they "fake it till you make it"? Because they dont actually create ransomware or compromise networks in any way. Theyre simply lying through their teeth and hoping that recipient...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/03/20 4:0 a.m.18 views

"ViLE" members posed as police officers and extorted victims

Two men have been charged with wire fraud and conspiracy to commit computer intrusions after they allegedly extorted victims by threatening to publish their personal information online--a practice known as doxxing. In a press release, the US Attorney's Office in the Eastern District of New York...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/03/20 2:0 a.m.18 views

How to avoid potentially unwanted programs

If youve ever downloaded software onto your computer, chances are youve unknowingly cluttered your machine with PUPs. Heres what you need to know about these sneaky programs. What are PUPs? If you're thinking baskets of doe-eyed baby dogs, then you're sadly mistaken. PUPs is the acronym for...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/27 2:0 a.m.18 views

TikTok probed over child privacy practices

The privacy protection authorities for Canada, Quebec, British Columbia, and Alberta have announced they will start an investigation into TikTok's privacy practices, especially in relation to its younger users. The investigation will include whether the company obtained valid and meaningful conse...

0.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/22 10:45 a.m.18 views

The 5 most dangerous cyberthreats facing businesses this year

Which of the myriad, extant cyberthreats should your business be paying the most attention to in 2023? Thats the question we set out to answer in this years annual State of Malware report, and the answers might surprise you. To understand why, you need to know what makes this years report so...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/13 9:30 a.m.18 views

French law to report cyberincidents within 3 days to become effective soon

The pressure on victims of cybercrime to notify authorities in a timely manner is increasing from many sides and for multiple reasons. On January 24, 2023 France passed a law Article L12-10-1 of the Insurance Code that victims of cybercrime are required to report the incident within 72 hours afte...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/02 9:30 a.m.18 views

Cybersecurity and privacy tips you can teach your 5+-year-old

Everything we teach our kids starts at home--we parents are their first teachers, after all. So, why wait for them to start going to school to start learning about cybersecurity and online privacy? Though it's hardly news that more and more children are being introduced to mobile computing device...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/31 4:30 p.m.18 views

40% of online shops tricking users with “dark patterns”

The European Commission has been looking at retail websites to see if they're misleading consumers with "dark patterns". Spoiler: Yes, they are. The Commission, along with the national consumer protection authorities of 23 EU member states, plus Norway and Iceland, have released the results of...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/31 12:0 a.m.18 views

Google sponsored ads malvertising targets password manager

We have recently written about malvertising campaigns that leverage Google paid advertisements to try and trick people into downloading malware instead of the software they were looking for. This malware then stole login credentials from the affected system. Now, our researchers found that the...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/20 7:0 p.m.18 views

Mailchimp breach feels like deja vu

A threat actor successfully used compromised employee credentials to gain access to 133 accounts on Mailchimp, the mainstream Intuit-owned email marketing platform, in a security incident that recently came to light. "On January 11, the Mailchimp Security team identified an unauthorized actor...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/16 1:0 a.m.19 views

A week in security (January 9—15)

Last week on Malwarebytes Labs: Slack private code on GitHub stolen Crypto-inspired Magecart skimmer surfaces via digital crime haven Security vulnerabilities in major car brands revealed Microsoft ends extended support for Windows 7 and Windows Server 2008 today Pokemon NFT card game malware...

1.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/09 10:0 a.m.18 views

Slack private code on GitHub stolen

Online collaboration platform Slack reported on New Year's Eve it had suffered a "security incident" where some of its code stored on GitHub was stolen. According to the post from the company's security team, Slack's private code repositories were accessed using swiped employee tokens. No custome...

Exploits0
Malwarebytes
Malwarebytes
added 2023/01/09 9:0 a.m.18 views

A week in security (January 1 - 8)

Last week on Malwarebytes Labs: Why does technology no longer excite us? Lock and Code S04E01 New device? Here's how to safely dispose of your old one LastPass updates security notice with information about a recent incident Okta breached last month, no customers compromised Update VPN Plus Serve...

0.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/12/15 10:45 a.m.18 views

Uber data stolen via third-party vendor

Uber is facing a new cybersecurity incident after threat actors stole some of its data from Teqtivity, a third-party vendor that provides asset management and tracking services. "We are aware of customer data that was compromised due to unauthorized access to our systems by a malicious third...

0.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/11/01 2:15 p.m.18 views

LinkedIn introduces new security features to combat fake accounts

LinkedIn knows it has a problem with bots and fake accounts, and has acknowledged this on more than one occasion. For years, it has been aware of spam, fake job offers, phishing, fraudulent investments, and at times malware, and has been trying to combat those issues. In 2018, LinkedIn rolled out...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/10/31 11:45 a.m.18 views

A week in security (October 24 - 30)

Last week on Malwarebytes Labs: Lock and Code: A gym heist in London goes cyber Healthcare site leaks personal health information via Google and Meta tracking pixels An odd kind of cybercrime: Gift vouchers, medical records, and...food Cisco warns of ISE vulnerability with no fixed release or...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/10/20 4:0 p.m.18 views

Third-party application patching: Everything you need to know for your business

Patch management that is consistent and efficient has never been more critical in keeping your security infrastructure up to date and secure. Although todays endpoint management solutions include patch management functionalities, third-party patching is an area that shouldnt be forgotten. In this...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/10/20 1:0 p.m.18 views

Microsoft breach reveals some customer data

Microsoft customers find themselves in the middle of a data breach situation. The Microsoft Security Response Center blog reports that researchers reported a misconfigured Microsoft endpoint on September 24. This miscongifuration resulted in the possibility of "unauthenticated access to some...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/10/20 12:0 p.m.18 views

New PHP-based Ducktail infostealer is now after crypto wallets

A phishing campaign known to specifically target employees with access to their company's Facebook Business and Ads accounts has significantly widened its net and begun using a first-of-its-kind information-stealing malware to go after crypto wallets. The Ducktail Woo-ooh! campaign was first made...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/10/19 11:0 a.m.18 views

DeadBolt ransomware gang tricked into giving victims free decryption keys

Dutch police and other law enforcement agencies have managed to trick the DeadBolt ransomware operators into releasing 150 decryption keys for free. The method of obtaining decryption keys was found by a Dutch incident response company called Responders.NU, who shared the method with the police...

1.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/10/18 2:45 p.m.18 views

How to spot a scam

Unfortunately, scams are a fact of life online. The virtual ties that bind us are international now: Our public telephone numbers, social media accounts, email addresses, messaging apps, dating profiles, and even our physical mailboxes, can all be reached by any criminal and con artist from...

Exploits0
Malwarebytes
Malwarebytes
added 2022/10/11 11:0 p.m.18 views

Security awareness campaign highlights things your bank will never say

If you like anti-phishing efforts, hashtags, and confusing but colourful video games, youll be interested to know that a security initiative involving all three is now live. The American Bankers Association and other banks in the US are involved in an awareness campaign tied in with National...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/10/05 10:45 p.m.18 views

Admin from hell facing 10 years for sabotaging ex-employer's network

The perils of the insider threats are often talked about in abstract terms, probably because most organisations want to keep a lid on internally-based bad actors. Every so often, concrete details emerge to highlight what a thoroughly rotten day a rogue employee can inflict on everybody else thoug...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/09/21 12:0 p.m.18 views

Tax refund phish logs keystrokes to swipe personal details

Theres been some smart phishing campaigns running over the last few weeks, and this one is particularly sneaky. Bleeping Computer reports that a phishing page is targeting Greek taxpayers with a tax refund scam. The added sting in the tail comes in the form of an embedded keylogger which grabs...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/09/15 7:0 p.m.18 views

School app Seesaw compromised to send shock NSFW image

On Wednesday, parents and teachers reported that student learning platform, Seesaw, had been hacked after some users received an infamous explicit photo known as "goatse" on private chats. Schools from districts in Colorado, Illinois, Kansas, Michigan, New York, Oklahoma, South Dakota, and Texas...

0.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/09/12 1:0 p.m.18 views

The North Face hit by credential stuffing attack

The North Face clothing brand, which specialises in outdoor and heavy weather outerwear, has experienced a "large-scale" credential stuffing attack. This has resulted in no fewer than 194,905 accounts being compromised. What is credential stuffing, and how did it affect The North Face customers?...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/09/12 4:0 a.m.18 views

A week in security (September 5 – 11)

Last week on Malwarebytes Labs: Phishers use verified status as bait for Instagram users Microsoft will disable Basic authentication for Exchange Online in less than a month Zero-day puts a dent in Chrome's mojo Update now! QNAP warns users DeadBolt is exploiting Photo Station vulnerability Don't...

0.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/22 9:0 a.m.18 views

A week in security (August 15 - August 21)

Last week on Malwarebytes Labs: Donut breach: Lessons from pen-tester Mike Miller: Lock and Code S03E17 Introducing Malwarebytes Cloud Storage Scanning: How to scan for malware in cloud file storage repositories JSSLoader: the shellcode edition CISA and FBI issue alert about Zeppelin ransomware H...

0.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/19 4:30 p.m.18 views

Explained: Steganography

Steganography is the prime example of effectively hiding something in plain sight. The word steganography comes from the Greek words "stegos" meaning "cover" and "grafia" meaning "writing." Steganography, then, is defined as "covered writing." In essence, we use the name steganography for every...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/11 10:0 a.m.18 views

Slack flaw exposed users' hashed passwords

Slack, the workplace communication platform, has notified some of its users that their hashed passwords have been subject to exposure for the last five years. The company wasnt specific in its notice, but Wired said that the flaw was in one of its "low-friction features". The flaw exposed hashed...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/07 8:0 p.m.18 views

A week in security (August 1 - August 7)

Last week on Malwarebytes Labs: Have we lost the fight for data privacy? Lock and Code S03E16 Wrestling star Mick Foleys Twitter compromised, selling PS5 consoles Millions of Arris routers are vulnerable to path traversal attacks When a sextortion victim fights back How to protect yourself and yo...

1.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/07 1:45 a.m.18 views

Phishy calls and emails play on energy cost increase fears

Gas and electricity price concerns are rife at the moment, with spiralling costs and bigger increases waiting down the line. Sadly this makes the subject valuable material for fraudsters, playing into people's fears with a dash of social engineering to make them worse off than they were previousl...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/01 7:0 p.m.18 views

When a sextortion victim fights back

When Katie Yates suddenly started receiving nude photos of her friend, Natalie Claus, over on Snapchat, she instantly recognized that Claus had just become a victim of a sextortion attack. She also knew how Claus should respond. This happened in December 2019 when Claus was a sophomore. Both were...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/07/29 3:49 p.m.18 views

Google delays Chrome third party cookie sunsetting…again

Weve seen many examples of third-party cookies being tackled by browsers recently. Its not so long ago that Firefox effectively locked down third-party tracking by isolating cookies into so-called jars. By doing so, their "Total Cookie Protection" seeks to prevent all those cookies on your PC...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/07/28 3:4 p.m.18 views

TikTok owner ByteDance pushed a pro-China agenda to Americans, say former employees

Controversy over supposed pro-China messaging in apps from TikTok owner Bytedance continues to grow. Tales are emerging relating to a now shelved app called TopBuzz. Former employees have spoken to BuzzFeed, making claims of both pro-China content promotion and forms of censorship elsewhere...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/07/20 12:12 p.m.18 views

Ring shares data with police without consent (but it’s in good faith), says Amazon

Ring, the Amazon-owned company behind the popular smart doorbells, has admitted to giving doorbell data to law enforcement willy-nilly. All they have to do is fill out a form called the Amazon Law Enforcement Request Tracker—no need to ask for the data owners consent, give a warrant or court orde...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/07/05 2:34 p.m.18 views

Cloud-based malware is on the rise. How can you secure your business?

There’s a lot of reasons to think the cloud is more secure than on-prem servers, from better data durability to more consistent patch management — but even so, there are many threats to cloud security businesses should address. Cloud-based malware is one of them. Indeed, while cloud environments...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/06/30 2:13 p.m.18 views

Immigration organisations targeted by APT group Evilnum

Organisations working in the immigration sector are advised to be on high alert for Advanced Persistent Threat APT attacks. Bleeping Computer reports that European organisations, specifically, are under threat from the Evilnum hacking group. Evilnum, on the APT scene since 2018 at the earliest an...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/06/28 12:26 p.m.18 views

City worker loses USB stick containing data on every resident after day of drinking

A person working in the city of Amagasaki, in Western Japan, has mislaid a USB stick which contained data on the citys 460,000 residents. The USB drive was in a bag that went missing during a reported day of drinking and dining at a restaurant last Tuesday. The person reported it to the police th...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/06/28 11:15 a.m.18 views

LGBTQ+ community targeted by extortionists who threaten to publish nudes

The FTC Federal Trade Commission has warned the LGBTQ+ community about extortionists posing as potential romantic partners on Grindr and Feeld. The scammers send their targets explicit photos and then ask for them to reciprocate. If they do, targets are then blackmailed into paying a ransom,...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/06/27 7:51 p.m.18 views

You only have nine months to ditch Exchange Server 2013

Microsoft has posted a reminder that Exchange Server 2013 reaches End of Support EoS on April 11, 2023. Thats a little more than 9 months from now. A useful and timely reminder, since we all realize that it takes some time to migrate to a different system. Every Windows product has a lifecycle. T...

7.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/06/27 7:23 p.m.18 views

Brave Search wants to replace Google’s biased search results with yours

Brave Search, Brave Softwares privacy search engine, just turned one. To celebrate, the company says it is moving the search engine out of its beta phase to become the default search engine for all Brave browser users. Goodbye, Google? Not entirely. In May 2015, Mozilla alumni Brendan Eich and...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/06/20 1:59 p.m.18 views

DDoS-for-hire service provider jailed

Matthew Gatrel, a 33-year-old man from St. Charles, Illinois, has been sentenced to two years in prison for running websites that provide powerful distributed denial-of-service DDoS attacks against internet users and websites. This sentencing resulted in the seizure of his websites, making the...

1.1AI score
Exploits0
Total number of security vulnerabilities4709