Lucene search
K
MalwarebytesMost viewed

4709 matches found

Malwarebytes
Malwarebytes
added 2024/07/31 1:4 p.m.17 views

Apple fixes Siri vulnerabilities that could have allowed sensitive data theft from locked device. Update now!

Apple has released security updates for many of its products in order to patch several vulnerabilities that could allow an attacker to steal sensitive information from a locked device. Included in the patches for Apple Watch, iOS, and iPadOS are four vulnerabilities in Siri. While your device is...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/07/08 10:13 a.m.17 views

‘RockYou2024’: Nearly 10 billion passwords leaked online

On a popular hacking form, a user has leaked a file that contains 9,948,575,739 unique plaintext passwords. The list appears to be a compilation of passwords that were obtained during several old and more recent data breaches. The list is referred to as RockYou2024 because of its filename,...

7.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/07/05 7:59 p.m.17 views

Ticketmaster hackers release stolen ticket barcodes for Taylor Swift Eras Tour [updated]

The cybercriminals who claimed responsibility for the Ticketmaster data breach say theyve stolen 440,000 tickets for Taylor Swift’s Eras Tour. As proof, an entity using the handle Sp1d3rHunters, a merger of Sp1d3r and ShinyHunters who are both aliases associated with the breach, leaked 170k...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/07/04 12:33 p.m.17 views

Authy phone numbers accessed by cybercriminals, warns Twilio

Twilio has warned users of the Authy multi-factor authentication MFA app about an incident in which cybercriminals may have obtained their phone numbers. Twilio said the cybercriminals abused an unsecured Application Programming Interface API endpoint to verify the phone numbers of millions of...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/06/06 11:44 a.m.17 views

Microsoft Recall snapshots can be easily grabbed with TotalRecall tool

Microsofts Recall feature has been criticized heavily by pretty much everyone since it was announced last month. Now, researchers have demonstrated the risks by creating a tool that can find, extract, and display everything Recall has stored on a device. For those unaware, Recall is a feature...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/05/21 8:10 p.m.17 views

How to remove a user from a shared Android device

Some of our loyal readers may remember my little mishap when I was able to track my wife by accident after inadvertently adding myself to her phone as a user. For exactly that reason we want to warn against sharing devices and at least show you how to remove other people’s accounts from your...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/05/03 8:21 p.m.17 views

You get a passkey, you get a passkey, everyone should get a passkey

Microsoft is rolling out passkey support for all consumer accounts. Passkeys are a very secure replacement for passwords that cant be cracked, guessed or phished, and let you log in easily, without having to type a password every time. After enabling them in Windows 11 last year, Microsoft accoun...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/04/10 7:19 p.m.17 views

How to protect yourself from online harassment

It takes a little to receive a lot of online hate today, from simply working as a school administrator to playing a role in a popular movie or video game. But these moments of personal crisis have few, immediate solutions, as the current proposals to curb and stem online harassment zero in on the...

7.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/04/08 3:13 p.m.17 views

Porn panic imperils privacy online, with Alec Muffett (re-air): Lock and Code S05E08

This week on the Lock and Code podcast… A digital form of protest could become the go-to response for the world’s largest porn website as it faces increased regulations: Not letting people access the site. In March, PornHub blocked access to visitors connecting to its website from Texas. It marke...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/03/25 9:1 a.m.17 views

A week in security (March 18 – March 24)

Last week on Malwarebytes Labs: New Go loader pushes Rhadamanthys stealer Canada revisits decision to ban Flipper Zero Patch Ivanti Standalone Sentry and Ivanti Neurons for ITSM now 19 million plaintext passwords exposed by incorrectly configured Firebase instances Apex Legends Global Series...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/03/11 8:35 a.m.17 views

A week in security (March 4 – March 10)

Last week on Malwarebytes Labs: Patch now! VMWare escape flaws are so serious even end-of-life software gets a fix Update now! JetBrains TeamCity vulnerability abused at scale PetSmart warns customers of credential stuffing attack Predator spyware vendor banned in US ALPHV ransomware gang fakes o...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/02/27 10:47 a.m.17 views

Identity theft is number one threat for consumers, says report

The German Federal Office for Information Security BSI has published a report on The State of IT Security in Germany in 2023, and the number one threat for consumers is… identity theft. The thing is, you can protect your devices and your online privacy as much as possible, but what happens when...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/02/20 12:7 a.m.17 views

LockBit, the world’s worst ransomware, is down

For the last two years the absolute worst, most prolific, most globally significant "big game" ransomware gang has been LockBit. This evening its position as ransomwares biggest beast is suddenly in doubt, following some non-consensual website redecoration at the hands of the UKs National Crime...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/12/18 8:7 a.m.17 views

A week in security (December 11 – December 17)

Last week on Malwarebytes Labs: PikaBot distributed via malicious search ads Chrome starts the countdown to the end of tracking cookies Apple to introduce new feature that makes life harder for iPhone thieves Recently-patched Apache Struts vulnerability used in worldwide attacks ALPHV ransomware...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/12/15 6:56 p.m.17 views

PikaBot distributed via malicious search ads

During this past year, we have seen an increase in the use of malicious ads malvertising and specifically those via search engines, to drop malware targeting businesses. In fact, browser-based attacks overall have been a lot more common if we include social engineering campaigns. Criminals have...

7.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/12/12 10:9 p.m.17 views

How to choose a free vulnerability scanner: Insights from an industry veteran

The cybersecurity market is awash with expensive, high-end solutions for detecting vulnerabilities in third-party applications. However, for smaller security teams, free vulnerability scanners offer a practical alternative. But of course, free doesn’t always mean better—it’s crucial to thoroughly...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/10/25 6:27 a.m.17 views

Announcing NEW Malwarebytes Identity Theft Protection

We’ve always been committed to keeping you safe and secure online. But these days, cybersecurity isn’t just about defending you from malware; it’s about protecting your—and your family’s—entire digital identity. We know that people are worried. In fact, in our latest report, titled “Everyone’s...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/10/23 12:22 p.m.17 views

Battling a new DarkGate malware campaign with Malwarebytes MDR

First publicly reported in 2018, DarkGate is a Windows-based malware with a wide-range of capabilities including credential stealing and remote access to victim endpoints. Until recently, it was only seen being delivered through traditional email malspam campaigns. In late August 2023, however,...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/10/11 5:0 a.m.17 views

CISA catalog passes 1,000 known-to-be-exploited vulnerabilities. Celebration time, or is it?

On September 18, 2023, the Cybersecurity & Infrastructure Security Agency CISA announced that its Known Exploited Vulnerabilities KEV catalog has reached the milestone of covering more than 1,000 vulnerabilities since its launch in November 2021. This may seem like a lot, but with over 25,000 new...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/10/06 1:0 p.m.17 views

Multi-factor authentication has proven it works, so what are we waiting for?

Recently, Amazon announced that it will require all privileged Amazon Web Services AWS accounts to use multi-factor authentication MFA, starting in mid-2024. Our regular readers will know that we feel that passwords alone are not adequate protection, especially not for your important accounts. So...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/09/19 1:0 a.m.17 views

Compromised Free Download Manager website was delivering malware for years

In a public announcement, Free Download Manager has acknowledged that a specific web page on its site was compromised by a Ukrainian cybercrime group, exploiting it to distribute malware. Free Download Manager is--unsurprisingly--a download manager for Windows, macOS, Android, and Linux that allo...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/09/07 2:0 a.m.17 views

FreeWorld ransomware attacks MSSQL—get your databases off the internet

When we think of ransomware and brute force password guessing attacks, we normally think of RDP, but recent research from Securonix reminds us that anything secured with a password and exposed to the internet is of interest to cybercriminals. Microsoft's Remote Desktop Protocol has been a favouri...

7.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/08/29 2:0 a.m.17 views

Meal delivery service PurFoods announces major data breach

An organisation that provides home delivery meals has revealed that around 1.2 million people's personal data may be at risk, after the company suffered a ransomware attack earlier in the year. PurFoods, which offers up a service called Moms Meals, helps to provide meals for folks in a variety of...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/08/25 5:30 p.m.17 views

Smart lightbulb and app vulnerability puts your Wi-Fi password at risk

New research highlights another potential danger from IoT devices, with a popular make of smart light bulbs placing your Wi-Fi network password at risk. Researchers from the University of London and Universita di Catania produced a paper explaining the dangers of common IoT products. In this case...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/08/07 9:45 p.m.17 views

TikTok facing fines for violating children’s privacy

The European Data Protection Board is expected to fine TikTok for violating the privacy of young children within the next four weeks. The European Data Protection Board said a binding decision has been reached over TikTok's processing of childrens data, after the ByteDance-owned app submitted leg...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/08/07 9:30 p.m.17 views

FCC comes down hard on robocallers with record $300m fine

Robocallers are in the news after the FCC issued a $300 million forfeiture to a persistent offender and shut down their operation. A robocall network makes use of automated software diallers to spam out large numbers of cold calls to unsuspecting recipients. These calls promise much but give very...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/30 11:0 p.m.17 views

A week in security (July 24 - July 30)

Last week on Malwarebytes Labs: Zimbra issues awaited patch for actively exploited vulnerability Patch now! Ivanti Endpoint Manager Mobile Authentication vulnerability used in the wild 60,000 Androids have stalkerware-type app Spyhide installed Ransomware groups claim responsibility for...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/28 8:30 a.m.17 views

How Apple fixed what Microsoft hasn't, with Thomas Reed: Lock and Code S04E16

Earlier this month, a group of hackers was spotted using a set of malicious tools--that originally gained popularity with online video game cheaters--to hide their Windows-based malware from being detected. Sounds unique, right? Frustratingly, it isn't, as the specific security loophole that was...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/04 1:0 a.m.17 views

Elderly targeted in car accident scam, kingpin arrested

The head of a criminal network responsible for defrauding hundreds of elderly people has been arrested, Europol has announced. After a joint operation in Germany, Poland, and the UK, Europol says the suspect was arrested in London from where he ran a network of fraudsters targeting mainly German...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/03 2:0 a.m.17 views

A week in security (June 26 - July 2)

Last week on Malwarebytes Labs: A proxyjacking campaign is looking for vulnerable SSH servers New technique can defeat voice authentication "after only six tries" "Free" Evil Dead Rise movie scam lurks in Amazon listings Spyware app LetMeSpy hacked, tracked user data posted online Online safety...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/06/30 11:30 a.m.17 views

New technique can defeat voice authentication "after only six tries"

Voice authentication is back in the news with another tale of how easy it might be to compromise. University of Waterloo scientists have discovered a technique which they claim can bypass voice authentication with "up to a 99% success rate after only six tries". In fact this method is apparently ...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/06/30 2:0 a.m.17 views

Spyware app LetMeSpy hacked, tracked user data posted online

Stalkerware-type app LetMeSpy says it has been hacked, with the attacker taking user data with it. From the message posted to the login screen on the LetMeSpy website: On June 21, 2023, a security incident occurred involving obtaining unauthorized access to the data of website users. As a result ...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/06/27 8:0 a.m.17 views

Understanding ransomware reinfection: An MDR case study

Ransomware is like that stubborn cold that you thought you kicked, but creeps back up determined to run amok again. The question is what medicine is available to kick this nasty infection for good. In this post, we'll break down the idea of ransomware reinfection and share a real-life episode whe...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/06/27 2:0 a.m.17 views

81% concerned about ChatGPT security and safety risks, Malwarebytes survey shows

Seven months after ChatGPT burst into our lives, it seems the lustre of the chatbot-that's-going-to-change-everything is starting to fade. A new survey by Malwarebytes exposes deep reservations about ChatGPT, with optimism in startlingly short supply. Of the respondents familiar with ChatGPT: 81%...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/06/14 1:0 a.m.17 views

Ticket scammers target Taylor Swift tour

Taylor Swift fans are being warned to be cautious when buying tickets for her current "Eras" tour, with scammers waiting in the wings to trick would-be gig goers. The Better Business Bureau says it has received somewhere in the region of 200 complaints from residents of Michigan, and theres bound...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/06/08 1:30 p.m.17 views

Unveiling Nebula's Report 2.0: A new approach to security reporting

We're excited to announce Report 2.0, a major upgrade to our report system in Nebula. Report 2.0 is not just a cosmetic touch up--it's a completely revamped security reporting solution designed to cater to your diverse business requirements, allowing for a more dynamic, data-driven approach to IT...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/06/07 2:0 a.m.17 views

Facebook clickbait leads to money scam for users

Online criminals are notorious for lurking on social media sites and tricking users into visiting malicious links. We recently observed a scheme where Facebook users are clicking on posts that lead to external websites set up for the sole purpose of scamming them out of hundreds of dollars via fa...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/18 3:0 a.m.17 views

Child safety app riddled with vulnerabilities: Update now!

An app designed to restrict screen time and add a "kids' mode" for children on smart devices has been found to have a broad range of security issues. The app, "Parental Control - Kids Place" is an Android app which is incredibly popular, sporting 5M+ downloads on its Google Play page. In terms of...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/05 5:15 p.m.17 views

Apple releases first Rapid Security Response update for iOS, iPadOS, and macOS users

On Monday, Apple released its first batch of Rapid Security Response RSR patches, iOS 16.4.1 a, iPadOS 16.4.1 a, and macOS 13.3.1 a, for iPhone and iPad, and macOS devices, respectively. RSR is a new type of software patch delivered between Apple's regular, scheduled software updates. Previously,...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/19 11:0 a.m.17 views

Introducing the Malwarebytes Admin app: Endpoint security at your fingertips

If youre on the beach sipping piña coladas, the last thing you probably want to do is rush to your desktop and address a critical security issue. And yet, this is the reality for many IT security professionals today. Regardless of the time or current location, security pros are expected to drop...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/03 12:0 a.m.17 views

A week in security (March 27 - April 2)

Last week on Malwarebytes Labs: Solving the passwords hardest problem with passkeys, featuring Anna Pobletts Food giant Dole reveals more about ransomware attack Bogus Chat GPT extension takes over Facebook accounts Ransomware gunning for transport sector's OT systems next GitHub accidentally...

6.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/03/31 1:30 p.m.17 views

3 tips for creating backups your organization can rely on when ransomware strikes

Backups are an organization's last line of defense against ransomware, because comprehensive, offline, offsite backups give you a chance to restore or rebuild your computers without paying a criminal for a decryption key. Unfortunately, many organizations don't realize how important it is to make...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/03/24 12:30 p.m.17 views

ChatGPT leaks bits of users' chat history

New gadgets and software come with new bugs, especially if they're rushed. We can see this very clearly in the race between tech giants to push large language models LLMs like ChatGPT and its competitors out the door. In the most recently revealed LLM bug, ChatGPT allowed some users to see the...

6.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/03/06 2:0 a.m.17 views

8 cybersecurity tips to keep you safe when travelling

The best way to keep your devices safe when you're travelling is to be unplugged. If you don't need it, don't take it with you. But since that is not always an option, here are some tips to keep you safe while you travel. 1. Backup before you go The consequences of losing your device or having it...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/27 8:0 a.m.17 views

Fighting online censorship, or, encryption's latest surprise use-case, with Mallory Knodel: Lock and Code S04E05

Government threats to end-to-end encryption--the technology that secures your messages and shared photos and videos--have been around for decades, but the most recent threats to this technology are unique in how they intersect with a broader, sometimes-global effort to control information on the...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/24 7:45 p.m.17 views

Arrested: Fearmongering data thieves who victimized thousands of businesses

The Dutch police have announced the arrest of three more suspects in one of the biggest data extortion cases to date. The men, all aged between 18 and 21, were allegedly involved in extorting businesses and selling stolen data to other criminals. During a two-year investigation the police learned...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/02 9:30 a.m.17 views

Cybersecurity and privacy tips you can teach your 5+-year-old

Everything we teach our kids starts at home--we parents are their first teachers, after all. So, why wait for them to start going to school to start learning about cybersecurity and online privacy? Though it's hardly news that more and more children are being introduced to mobile computing device...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/31 4:30 p.m.17 views

40% of online shops tricking users with “dark patterns”

The European Commission has been looking at retail websites to see if they're misleading consumers with "dark patterns". Spoiler: Yes, they are. The Commission, along with the national consumer protection authorities of 23 EU member states, plus Norway and Iceland, have released the results of...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/16 9:0 a.m.17 views

Accountant ordered to pay ex-employer after bossware shows "time theft"

The case of Karlee Besse, an accountant in British Colombia, was recently dismissed by the Civil Resolution Tribunal CRT in Canada, with a judge ordering her to pay back her former employer, Reach CPA, for "engaging in time theft"--a revelation that wouldn't have been possible if not for software...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/16 1:0 a.m.18 views

A week in security (January 9—15)

Last week on Malwarebytes Labs: Slack private code on GitHub stolen Crypto-inspired Magecart skimmer surfaces via digital crime haven Security vulnerabilities in major car brands revealed Microsoft ends extended support for Windows 7 and Windows Server 2008 today Pokemon NFT card game malware...

1.4AI score
Exploits0
Total number of security vulnerabilities4709