Lucene search
K
MalwarebytesMost viewed

4709 matches found

Malwarebytes
Malwarebytes
added 2022/05/17 10:54 a.m.18 views

“Look what I found here” phish targets Facebook users

Facebook-themed messages are a frequent source of bogus links from both spam and compromised accounts. Whether you receive the messages via SMS, the Messenger app, or just inside regular web chat, it pays to be careful. A wide variety of attacks use bogus messages as their launchpad, and the risk...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/05/16 12:28 p.m.18 views

How COVID-19 fuelled a surge in malware

2021 saw a massive surge in detections of malware, adware, and Potentially Unwanted Programs PUPs. It didnt matter what the computers were used for or what operating system they ran—across business and home computers, on Windows and on Mac, detections went up, enormously. Detections of malware on...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/05/12 3:22 p.m.18 views

Clearview AI banned from selling facial recognition data in the US

Clearview AI, a facial recognition software and surveillance company, is permanently banned from selling its faceprint database within the United States. The company also cannot sell its database to state and law enforcement entities in Illinois for five years. This is a historic win for the...

0.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/05/08 11:51 a.m.18 views

Google, Apple, and Microsoft step hand in hand into a passwordless future

While we recently "celebrated" World Password Day, almost every security outlet keeps telling us that passwords alone are not enough. In practice, in the last few years this has meant pairing passwords with something else, such as a one-time code from an app or an SMS message, in a scheme called...

Exploits0
Malwarebytes
Malwarebytes
added 2022/05/05 3:44 p.m.18 views

The $43 billion Business Email Compromise threat

The FBI has released a public service announcement regarding the ever-present threat of Business Email Compromise BEC. This comes hot on the heels of an earlier release from the Las Vegas FBI department in April. Losses continue to mount, and were currently facing a scam racking up domestic and...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/05/03 1:21 p.m.18 views

US healthcare billing services group hacked, affecting at least half a million individuals

According to the US Department of Health and Human Services, Adaptive Health Integrations AHI, a healthcare software and billing services firm in North Dakota, suffered a data breach that affected more than half a million individuals. According to the firm, the breach occurred in mid-October last...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/05/02 4:0 p.m.18 views

Watch out for these 3 small business cybersecurity mistakes

May 2 marks the start of National Small Business Week, a week that recognizes "the critical contributions of America’s entrepreneurs and small business owners", and promises to "celebrate the resiliency and tenacity of America’s entrepreneurs." That sounds good to us: Small business are a vital...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/04/29 10:38 a.m.18 views

Beware scammers disguised as fraud busters

Fraudsters like confusing and disorienting people. Successful ones avoid obvious lines of approach and try things you wouldnt expect. A recent story highlights this, with a particularly devious method of parting someone from their money. The Daily Record reports scammers running off with an $11,0...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/04/19 4:40 p.m.18 views

Watch out for Ukraine donation scammers in Twitter replies

The invasion of Ukraine has been a money making opportunity for scammers since the moment it began: Fake donation sites, bogus Red Cross portals, phishing pages, the works. These scams can also be found on social media. Faking donations on Twitter Some users of social media have become very...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/04/14 10:53 a.m.18 views

“Your AppI‌e‌ ‌l‌D‌ ‌‌h‌‌a‌‌s‌‌ ‌‌b‌‌e‌‌e‌‌n‌‌ ‌‌l‌‌ocke‌‌d‌‌” spam email takes you on a website mystery tour

Spam which claims your account has been locked out and needs to be fixed are common. They drive people to phishing campaigns on a daily basis. The mail below follows the same pattern with one key difference. It looks like a phish, but goes somewhere else entirely. No, your Apple ID has not been...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/04/12 9:0 p.m.18 views

Malwarebytes Evaluation of the MITRE ENGENUITY ATT&CK Round 4 Emulations

The results of the MITRE Engenuity ATT&CK Evaluation of the Wizard Spider and Sandworm adversaries were officially released1 last week. We are very proud of the Malwarebytes EDR results in the MITRE Engenuity test, which are the direct reflection of a relentless core EDR team and the learnings fr...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/04/08 2:23 p.m.18 views

Successful operations against Russian Sandworm and Strontium groups targeting Ukraine revealed

The US Department of Justice DoJ and Microsoft have taken the sting out of two operations believed to be controlled by the Russian Federation’s Main Intelligence Directorate GRU. On Wednesday, the DOJ announced that it had disrupted GRU’s control over thousands of internet-connected firewall...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/04/04 5:3 p.m.18 views

5 ways to spring clean your security

It is now officailly spring in the Northern Hemisphere, and with spring and the longer days comes the inescapable urge to shake off the lethargy of Winter and embrace the need to go through your stuff, throw a bunch of it out, and give the rest of it a shiny new lustre. And in our increasingly...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/03/18 4:2 p.m.18 views

Online Safety Bill’s provisions for “legal but harmful” content described as “censor’s charter”

The UKs Online Safety Bill, a landmark piece of legislation that that aims to regulate the countrys online content, has just been introduced into Parliament after undergoing significant revisions. The bill has been in progress for about five years and its main objective is to regulate online...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/03/18 3:4 p.m.18 views

Deepfake Zelenskyy video surfaces on compromised websites

It’s been a long time coming. The worry over deepfake technology being used during times of major upheaval has been alluded to frequently over the last couple of years. The buildup to the US election was peppered by “any moment now…” style warnings of dramatic and plausible deepfake deployment. I...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/03/17 1:25 p.m.18 views

Clouding the issue: what cloud threats lie in wait in 2022?

As more services move ever cloud-wards, so too do thoughts by attackers as to how best exploit them. With all that juicy data sitting on someone else’s servers, it’s essential that they run a tight ship. You’re offloading some of your responsibility onto a third party, and sometimes things can go...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/03/16 11:0 a.m.18 views

Fake Royal Mail chatbot offers up…a new iPhone?

Royal Mail scams are always popular techniques for people up to no good. We’ve covered them several times over the last year or so. A quick reminder: Your parcel is waiting for delivery This is the go-to tactic for fake Royal Mail phishing attacks. You receive a text claiming there’s a parcel in...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/03/10 1:31 p.m.18 views

Extortion scheme impersonates government officials, law enforcement

The FBI issued a public warning this week about a fraud scheme wherein scammers impersonate government officials and law enforcement personnel. According to the PSA, the scammers spoof legitimate numbers and names and use fake credentials of well-known members of the government and law enforcemen...

1.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/03/08 11:31 a.m.18 views

Google takes on Docs notification spammers

Cloud-based document suites have always been a hot target for scammers. When it’s easy to dip in and out for collaboration purposes, or just share things generally, then its likely that bad people will want in on the action. In 2019, Google calendar users were wading through endless spam...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/02/28 4:55 p.m.18 views

How Crisis Text Line crossed the line in the public’s mind: Lock and Code S03E05

Last month, Politico reported that Crisis Text Line, a national mental health support nonprofit whose volunteers help people through text-based chats, was sharing those chats with a for-profit company that Crisis Text Line spun-off in an attempt to boost funding for itself. That for-profit ventur...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/02/14 8:10 a.m.18 views

The world’s most coveted spyware, Pegasus: Lock and Code S03E04

Two years ago, the FBI reportedly purchased a copy of the worlds most coveted spyware, a tool that can remotely and silently crack into Androids and iPhones without leaving a trace, spilling device contents onto a console possibly thousands of miles away, with little more effort than entering a...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/02/09 3:19 p.m.18 views

IRS abandons facial recognition plans for online services

If you dislike the use of facial recognition technology in relation to essential services, youre in luck. One such proposition has been removed. Last year, the IRS announced it would be using facial recognition selfies to confirm identity. If you wanted the convenience of making payments online,...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/01/26 11:55 a.m.18 views

Cyberinsurance companies don’t want to pay out for “acts of war”

Due to the evolving and growing impact of cybersecurity incidents there are some questions starting to arise about the way that insurance companies deal with the costs that are the results of such incidents. Cyber insurance is a form of cover designed to protect your business from threats in the...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/12/21 3:16 p.m.18 views

Police forces pipe 225 million pwned passwords into ‘Have I Been Pwned?’

On his blog, Troy Hunt has announced a major milestone in the ‘Have I Been Pwned?’ project, thanks to the contributions of two of the worlds foremost law enforcement agencies, the FBI and the NCA the UK equivalent of the FBI, the National Crime Agency. This enormous injection of used passwords ha...

7.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/12/10 4:8 p.m.18 views

Click “OK” to defeat MFA

Researchers have discovered that Nobelium—the threat actor behind the infamous SolarWinds supply-chain attack, the Sunburst backdoor, TEARDROP malware, GoldMax malware, and other malicious activities—has found a way to use stolen credentials even when they require multi-factor authentication that...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/12/09 4:24 p.m.18 views

Fake job interviews plague major game developers like Riot Games and Rockstar

If you’re job hunting at the moment, be on your guard. The pandemic is still around. Lots of people are in need of employment. Scammers are all too happy to string folks along with bogus employment offers, as is the case here. How have they managed to snare prospective job hunters? Riding on the...

0.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/11/15 12:16 p.m.18 views

Instagram’s memorialize feature abused to memorialize…Instagram’s boss

The mechanisms for memorialising the social network accounts of people who’ve died haven’t really suffered a lot of scrutiny up until now. I’ve done a fair amount of research on the processes and perils we face in the digitally deceased age. Traditionally, the biggest issues in this space tended ...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/10/25 10:30 a.m.18 views

A week in security (Oct 18 – Oct 24)

Last week on Malwarebytes Labs Multiple vulnerabilities in popular WordPress plugin WP Fastest Cache. “Killware”: Is it just as bad as it sounds? REvil ransomware disappears after Tor services hijacked. Protect yourself from BlackMatter ransomware: Advice issued. q-logger skimmer keeps Magecart...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/10/14 12:51 p.m.18 views

Inside Apple: How Apple’s attitude impacts security

Last week saw the fourth occurrence of the Objective by the Sea OBTS security conference, which is the only security conference to focus exclusively on Apples ecosystem. As such, it draws many of the top minds in the field. This year, those minds, having been starved of a good security conference...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/10/08 10:57 a.m.18 views

Making better cybersecurity training: Q&A with Malwarebytes expert Kelsey Prichard

If you hadn’t noticed by now, we are in the first week of National Cybersecurity Awareness Month, which, according to the Cybersecurity Infrastructure and Security Agency in the United States, means that we should all consider how people, organizations, and businesses can “be cyber smart” this ye...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/09/22 10:54 a.m.18 views

No, Colonel Gaddafi’s daughter isn’t emailing to give you untold riches

It’s not every day you receive a big money offer from someone claiming to sit in political asylum, but here we are. The following missive landed in our spam traps at the weekend. The mail claims to be from the daughter of no less than the late Colonel Gaddafi. Ayesha Gaddafi promises you untold...

Exploits0
Malwarebytes
Malwarebytes
added 2021/09/15 5:17 p.m.18 views

What are SSL certificates?

Secure Sockets Layer SSL certificates are what cause your browser to display a padlock icon, indicating that your connection to a websites is secure. Although the padlock may soon be hidden from view, certificates arent going anywhere. Lets start with some definitions and explain some of the...

6.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/09/06 10:48 a.m.18 views

A week in security (August 30 – September 5)

Last week on Malwarebytes Labs ProxyToken: another nail-biter from Microsoft Exchange Macs turn on apps signed by Symantec, treat them as malware Google Play sign-ins can be abused to track another person’s movements FTC bans SpyFone and its CEO from continuing to sell stalkerware BrakTooth...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/06/17 3:30 p.m.18 views

End of line: supporting IoT in the home

Trouble is potentially brewing in Internet of Things IoT land, even if the consequences may still be a little way off. System updates and issues surrounding expiring certificates will pose problems for manufacturers and headaches for consumers. System updates for fun and profit One of the first...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/12/12 4:0 p.m.18 views

A state of constant uncertainty or uncertain constancy? Fast flux explained

Last August, WireX made headlines. For one thing, it was dubbed the first-known DDoS botnet that used the Android platform. For another, it used a technique that—for those who have been around in the industry for quite a while now—rung familiar in the ears: fast flux. In the context of...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/10/16 6:0 p.m.18 views

Phishes, pseudophishes, and bad email

Everyone knows about phishing. We’ve all heard that the solution to phishing is to educate the user as, after all, it must be the user’s fault for stupidly clicking on the thing. But what about when perverse incentives make clicking the phish seem logical? What about the enterprise pseudophish—wh...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/07/27 2:0 p.m.18 views

The real problem with ransomware

Ransomware – a specialized form of malware that encrypts files and renders them inaccessible until the victim pays a ransom – is an extremely serious problem and it’s quickly getting worse. The FBI estimated that ransomware payments were $1 billion in 2016, up from “just” $24 million a year...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/07/07 1:43 p.m.17 views

Fake Netflix, Coca-Cola, and FIFA job scams target marketers

Attackers are impersonating major companies and recruiters to target marketing professionals, using trusted services and browser tricks to make the scam look legitimate. A BleepingComputer article detailing the campaign found at least 34 domains impersonating high-value companies, including...

5.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/05/18 7:2 a.m.17 views

A week in security (May 11 – May 17)

Last week on Malwarebytes Labs: Attackers replaced JDownloader installer downloads with malware Meta’s confusing new approach to chat privacy Why Malwarebytes blocks some Yahoo Mail redirects Fake Claude search results lure Mac users into ClickFix attack Deepfake sextortion forces schools to remo...

5.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/04/28 10:46 a.m.17 views

Fake CAPTCHA scam turns a quick click into a costly phone bill

Researchers have documented a long‑running campaign that uses fake CAPTCHA pages to trick mobile users into sending dozens of international SMS messages in the background. If you’ve spent any time on today’s web, CAPTCHAs may seem like background noise: click a few traffic lights, prove you’re...

5.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/04/15 10:37 a.m.17 views

From fake Proton VPN sites to gaming mods, this Windows infostealer is everywhere

We’ve uncovered multiple campaigns distributing an infostealer we track as NWHStealer , using everything from fake VPN downloads to hardware utilities and gaming mods. What makes this campaign stand out isn’t just the malware, but how widely and convincingly it’s being spread. Once installed, it...

6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/03/02 1:57 p.m.17 views

A fake FileZilla site hosts a malicious download

A trojanized copy of the open-source FTP client FileZilla 3.69.5 is circulating online. The archive contains the legitimate FileZilla application, but with a single malicious DLL added to the folder. When someone downloads this tampered version, extracts it, and launches FileZilla, Windows loads...

5.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/02/24 9:47 a.m.17 views

Fake Zoom meeting “update” silently installs unauthorized version of monitoring tool abused by cybercriminals to spy on victims

UPDATE February 27, 2026: We have added more clarity around the abuse of legitimate commercial products. UPDATE February 25, 2026 : Teramind has stated that it is not affiliated with the threat actors described and did not authorize the deployment of the software referenced. Further updates have...

5.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/12/10 4:6 p.m.17 views

December Patch Tuesday fixes three zero-days, including one that hijacks Windows devices

These updates from Microsoft fix serious security issues, including three that attackers are already exploiting to take control of Windows systems. In total, the security update resolves 57 Microsoft security vulnerabilities. Microsoft isn't releasing new features for Windows 10 anymore, so Windo...

8.4CVSS8.4AI score0.02383EPSS
Exploits7
Malwarebytes
Malwarebytes
added 2025/12/01 3:33 p.m.17 views

New Android malware lets criminals control your phone and drain your bank account

Albiriox is a new family of Android banking malware that gives attackers live remote control over infected phones, letting them quietly drain bank and crypto accounts during real sessions. Researchers have analyzed a new Android malware family called Albiriox which is showing signs of developing...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/10/07 11:0 a.m.17 views

Troops and veterans’ personal information leaked in CPAP Medical data breach

In December 2024, CPAP Medical Supplies and Services Inc. CPAP, a Jacksonville—a Florida-based provider of sleep therapy services and CPAP machines—experienced a cybersecurity incident that compromised the personal data of over 90,000 patients. Since CPAP Medical specializes in tailored sleep apn...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/06/30 10:0 a.m.17 views

Android threats rise sharply, with mobile malware jumping by 151% since start of year

The Android threat landscape in the first half of 2025 has entered a new phase. An era marked not just by volume, but by coordination and precision. Attackers are no longer simply throwing malware at users and hoping for results. They’re building ecosystems . Recent Malwarebytes threat research...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/06/11 9:48 p.m.17 views

US airline industry quietly selling flight data to DHS

A data broker owned by some of America's biggest airlines has been selling access to customer flight data to the US Department of Homeland Security DHS. The data, compiled by data broker Airlines Reporting Corporation ARC, includes names, flight itineraries, and financial details. It also covers...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/06/09 7:14 a.m.17 views

A week in security (June 1 – June 7)

Last week on Malwarebytes Labs: What does Facebook know about me? Lock and Code S06E11 Victims risk AsyncRAT infection after being redirected to fake Booking.com sites Juice jacking warnings are back, with a new twist The North Face warns customers about potentially stolen data Scammers are...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/06/04 3:18 p.m.17 views

Google fixes another actively exploited vulnerability in Chrome, so update now!

Google has released an update for the Chrome browser to patch an actively exploited flaw. The update brings the Stable channel to versions 137.0.7151.68/.69 for Windows and Mac and 137.0.7151.68 for Linux. The easiest way to update Chrome is to allow it to update automatically, but you can end up...

8.8CVSS8.8AI score0.0645EPSS
Exploits3
Total number of security vulnerabilities4709