Identity theft is number one threat for consumers, says report

The German Federal Office for Information Security BSI has published a report on The State of IT Security in Germany in 2023, and the number one threat for consumers is… identity theft. The thing is, you can protect your devices and your online privacy as much as possible, but what happens when...

Malwarebytes crushes malware all the time

About a month ago, The PC Security Channel TPSC ran a test to check out the detection capabilities of Malwarebytes. They tested Malwarebytes by executing a repository of 2015 “malicious” files to see how many Malwarebytes would detect. This YouTube video shows how a script executes the files and...

Clorox counts the cost of cyberattack

Cleaning products maker Clorox has reported losses of $49 million in connection to a cyberattack it suffered in August of last year. On Monday, August 14, 2023, Clorox disclosed it had identified unauthorized activity on some of its IT systems. Despite a business continuity plan, the incident...

A week in security (January 1 – January 7)

Last week on Malwarebytes Labs: Police investigate sexual assault on an avatar How AI hallucinations are making bug hunting harder Explained: SMTP smuggling Facebook introduces another way to track you – Link History 23andMe blames "negligent" breach victims, says it’s their own fault Microsoft...

US pharmacy Rite Aid banned from operating facial recognition systems

Pharmacy chain Rite Aid has been denied the right to run facial recognition systems in its stores for five years, by a Federal Trade Commission FTC ruling. The regulator found so many flaws in the retailers surveillance program that it concluded Rite Aid had failed to implement reasonable...

Mr. Cooper leaks personal data of 14 million loan and mortgage customers

A major mortgage and loan company based in Dallas, working under the name Mr. Cooper Group Inc. has released more information on a recent breach. In a data breach notification, the company didnt say what type of cyberattack caused the compromise of customer data, calling it a rather non-descripti...

The sound of you typing on your keyboard could reveal your password

As if password authentications coffin needed any more nails, researchers in the UK have discovered yet another way to hammer one in. The technique, developed at Durham University, the University of Surrey, and Royal Holloway University of London, builds on previous work to produce a more accurate...

Windows 10 gets its own extended security updates program

The day that Windows 10 machines will get their last security updates is set for October 14, 2025. So if you want to stay secure, you’d have to upgrade to a newer version. Either to Windows 11, which is not all that different, but more demanding when it comes to system requirements. Or to the...

Update your iPhones! Apple fixes two zero-days in iOS

Apple has released emergency security updates for iOS 17.1.2 and iPadOS 17.1.2 to patch for two zero-day vulnerabilities that may have been actively exploited. Apple said both vulnerabilities were in the WebKit component, which is the engine that powers Safari browser on Macs as well as all...

Ransomware gangs and Living Off the Land (LOTL) attacks: A deep dive

We’ve told you about ransomware-as-a-service RaaS gangs; we’ve told you about living off the Land LOTL attacks. What do you get when you bring the two together? Bad news. Our recent report, Threat Brief: Ransomware Gangs & Living Off the Land Attacks, takes a deep dive into why the intersection o...

Ransomware gang files SEC complaint about victim

In what seems to be a new twist on the ransomware theme, the notorious ALPHV/BlackCat ransomware group has filed a complaint with the US Securities and Exchange Commission SEC about the software company MeridianLink. ALPHV is one of the most active ransomware-as-a-service RaaS operators and...

1Password reports security incident after breach at Okta

Password manager 1Password says it’s been affected by a breach at Okta, but it reports no user data has been stolen. In a security incident report, 1Password says that a member of its IT team received an unexpected email suggesting they had initiated an Okta report of a list of admins. They hadnt...

Google Chrome wants to hide your IP address

Google is working out some kinks in the project formerly known as Gnatcatcher, which will now be known under the more descriptive name “IP Protection.” Which means that Chrome is reintroducing a proposal to hide users IP addresses, to make cross-site tracking more difficult. An Internet Protocol ...

MGM attack is too late a wake-up call for businesses, says James Fair: Lock and Code S04E22

This week on the Lock and Code podcast… In September, the Las Vegas casino and hotel operator MGM Resorts became a trending topic on social media… but for all the wrong reasons. A TikTok user posted a video taken from inside the casino floor of the MGM Grand—the companys flagship hotel complex ne...

A week in security (October 16 – October 22)

Last week on Malwarebytes Labs: Ragnar Locker ransomware group taken down IT administrators passwords are awful too The hot topics from Europes largest trade fair for IT security Clever malvertising attack uses Punycode to look like KeePasss official website 3 crucial security steps people should...

IT administrators’ passwords are awful too

The key is under the doormat by the front door. The administrator password is "admin". These are easy to remember clues when you are providing entrance to someone you trust. The problem is that they are also enormously easy to guess. It’s where we would expect an unwanted visitor to check first,...

Dependabot impersonators cause trouble on GitHub

GitHub is experiencing issues of the "breached account and malicious code" variety. ITPro reports that unnamed individuals have been compromising accounts and using them to install malware capable of password theft. Its a fairly elaborate scam which even includes imitation of GitHubs popular...

Xenomorph hunts cryptocurrency logins on Android

Cryptocurrency owners should take heed of warnings related to Xenomorph malware--Bleeping Computer reports that the most recent version of Xenomorph now targets various cryptocurrency wallets using fake browser update messaging as bait. Xenomorph is roughly a year old, first springing to prominen...

A week in security (September 11 - September 17)

Last week on Malwarebytes Labs: Europol lifts the lid on cybercrime tactics Malwarebytes wins every Q2 MRG Effitas award & scores 100% on new phishing test Watch out, this LastPass email with "Important information about your account" is a phish iPhone 15 launch: Wonderlust scammers rear their...

Upgrading your iPhone? Read this first

Apple's Wonderlust event on Tuesday saw the launch of the company's top-of-the-line iPhone 15 Pro Max with a titanium chassis and an improved telephoto camera, as well as other iPhone 15 models and new Apple Watches. Also this week, Apple was reportedly banned from selling the iPhone 12 in France...

A week in security (July 31 - August 6)

Last week on Malwarebytes Labs: The end looms for Meta's behavioural advertising in Europe Microsoft Teams used in phishing campaign to bypass multi-factor authentication Film companies lose battle to unmask Reddit users FAQ: How does Malwarebytes ransomware rollback work? How to protect your...

Supply chain attacks disrupt emergency services communications

A supply chain attack rendered two ambulance trusts incapable of accessing electronic patient records in the UK. The two services, which operate in a region of 12 million people, were not targeted directly. Instead, the attack was aimed at a third-party technology provider used by both the South...

How to set up computer security for your parents

Last Sunday July 23, 2023 was National Parents Day. And maybe you are wondering how you can repay your parents for turning you into the person you are today. And we have an idea that shouldn't cost you much more than some of your time. Help them to shore up their cybersecurity, if they need it. I...

Spy vs. spy: Exploring the LetMeSpy hack, with maia arson crimew

The language of a data breach, no matter what company gets hit, is largely the same. There's the stolen data--be it email addresses, credit card numbers, or even medical records. There are the users--unsuspecting, everyday people who, through no fault of their own, mistakenly put their trust into...

A week in security (July 3 - 9)

Last week on Malwarebytes Labs: How kids pay the price for ransomware attacks on education Solar monitoring systems exposed: Secure your devices Warning issued over vulnerability in cardiac device monitoring software Update Android now! Google patches three actively exploited zero-days Malicious ...

Fake reviewers face big fines

The FTC is cracking down on fake reviews. Under the new proposed rules, organisations involved in the buying, selling, and manipulation of reviews could be very much out of pocket. Every time a consumer sees a fake review, it will carry a fine of "up to $50,000" per viewing. From the FTC release:...

Of sharks, surveillance, and spied-on emails: This is Section 702, with Matthew Guariglia

In the United States, when the police want to conduct a search on a suspected criminal, they must first obtain a search warrant. It is one of the foundational rights given to US persons under the Constitution, and a concept that has helped create the very idea of a right to privacy at home and...

Brave browser will prevent websites from port scanning visitors

If you use Brave browser, then youre shortly going to find you have a new string added to your security bow. Websites performing port scanning will now be automatically blocked beginning with version 1.54 of the browsing tool. Port scanning, I hear you cry? Yes indeed. You may well not have even...

Top contenders in Endpoint Security revealed: G2 Summer 2023 results

Navigating the world of endpoint security is challenging, with numerous vendors stoking "Fear, Uncertainty, and Doubt" FUD and making bold claims that are difficult to verify. In times like these, the honest opinions of real users are invaluable for busy IT teams. Enter G2, an industry-leading...

Company finds lost SSD—and confidential data—for sale on eBay

Major software company SAP is putting the pieces of a story involving missing SSD disks back together. Four SSD disks are alleged to have gone on an adventure last November, making their way out of a Walldorf, Germany, datacenter with one of them ending up on eBay. An investigation revealed that...

Malvertising: A stealthy precursor to infostealers and ransomware attacks

This article is based on research by Jerome Segura, Senior Director of Threat Intelligence at Malwarebytes, who oversees data collection from spam feeds and telemetry to identify the most relevant threats. Malvertising, the practice of using online ads to spread malware, can have dire...

UPS warns customers of phishing attempts after data accessed

UPS Canada is warning customers in Canada of potential data exposure and the risk of phishing. People have started to receive letters like the one below from UPS, which some have assumed were "just" regular phishing alerts. As it turns out, the letter is specifically about the potential exposure ...

Public and free WiFi: Can I safely use it?

We've got into the habit of expecting internet access wherever we go. But data costs can be expensive, and out of your own home often the only WiFi available is public, passwordless and free. In security, we've been trained to carefully contemplate anything that's free, because, well, often when...

Unveiling Nebula's Report 2.0: A new approach to security reporting

We're excited to announce Report 2.0, a major upgrade to our report system in Nebula. Report 2.0 is not just a cosmetic touch up--it's a completely revamped security reporting solution designed to cater to your diverse business requirements, allowing for a more dynamic, data-driven approach to IT...

Vice Society: The #1 cyberthreat to schools, colleges, and universities

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim didn't pay a ransom. This provides the best overall picture of...

Amazon's Ring cameras were used to spy on customers

Every single Amazon Ring employee was able to access every single customer video, even when it wasn't necessary for their jobs. Not only that, but the employees--along with workers from a third-party contractor in Ukraine--could also download any of those videos and then save and share them as th...

"Beautiful Cookie Consent Banner" WordPress plugin vulnerability: Update now!

WordPress plugins are under fire once more, and youre advised to update your version of Beautiful Cookie Consent Banner as soon as possible. The plugin, which is installed on more than 40,000 sites, has been impacted by a "bizarre campaign" being actively used since at least February 5 of this...

CISA updates ransomware guidance

The Cybersecurity and Infrastructure Security Agency CISA has updated its StopRansomware guide to account for the fact that ransomware actors have accelerated their tactics and techniques since the original guide was released in September of 2020. The StopRansomware guide is set up as a one-stop...

ChatGPT: Cybersecurity friend or foe?

If you havent heard about ChatGPT yet, perhaps youve just been thawed from cryogenic slumber or returned from six months off the grid. ChatGPT--the much-hyped, artificial intelligence AI chatbot that provides human-like responses from an enormous knowledge base--has been embraced practically...

World Password Day must die

The continued existence of World Password Day is a tell that something has gone badly wrong in cybersecurity. Now in its tenth year, the day is supposed to act as an annual reminder for people to follow good password hygiene: Dont reuse passwords; use long passwords; no, longer passwords than tha...

How to protect your small business from social engineering

When Alvin Staffin received an email from his boss, he didn't question it. In the email, Gary Bragg, then-president of Pennsylvania law firm O'Neill, Bragg & Staffin, asked Staffin to wire $580,000 to a Bank of China account. Staffin, who was VP and in charge of banking, sent the money through as...

Black Basta ransomware attacks Yellow Pages Canada

The Canadian Yellow Pages Group has confirmed it recently became victim of a cyberattack. The Black Basta ransomware group has claimed responsibility for this attack by posting about Yellow Pages on the "Basta News" leak site. When such a post shows up, it usually means that negotiations with the...

Spring cleaning tips for your browser

When you are resting up from the physical part of your spring cleaning and youre sitting behind your laptop or swiping left on your phone, why dont you speed up your browsing experience with a few simple actions? Lets start with your browser, as that usually has the most impact on your perception...

Ransomware in Germany, April 2022 – March 2023

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are attacks where the victim opted not to pay a ransom. This provides the best overall picture ...

Beware: Fake IRS tax email wants your Microsoft account

Last week, the IRS reminded taxpayers that Tax Day, April 18, is Tuesday this week. However, in some states like Alabama, California, and New York, the federal office extended the filing deadlines due to natural disasters. This is an excellent reason for scammers to keep launching tax scam...

Google Pay accidentally handed out free money, bug now fixed

Days ago, several Google Pay users in the US received some unexpected cashback from Google, congratulating them "for dogfooding the Google Pay Remittance experience". Confused and a tad happy, some looked to Twitter for answers, while others aired their experiences on the /r/googlepay/ Reddit pag...

Visitors of tax return e-file service may have downloaded malware

The IRS-authorized electronic filing service for tax returns, eFile.com, has been caught serving a couple of malicious JavaScript JS files these past few weeks, according to several security researchers and corroborated by BleepingComputer. Note this security incident only concerns eFile.com, not...

Steer clear of this EE phish that wants your card details

Watch out for this piece of spam lurking in mail boxes and claiming to be from the EE mobile network. The mail, titled "We were unable to renew your monthly plan" with a likely random reference number alongside it, reads as follows: Due to a problem with your card, we were unable to charge your...

ChatGPT helps both criminals and law enforcement, says Europol report

In a report, Europol says that ChatGPT and other large language models LLMs can help criminals with little technical knowledge to perpetrate criminal activities, but it can also assist law enforcement with investigating and anticipating criminal activities. The report aims to provide an overview ...

Facebook illegally processed user data, says court

The Amsterdam court has ruled that Facebook illegally processed user data in a case started by the Dutch Data Privacy Stichting DPS, a foundation that acts on behalf of victims of privacy violations in the Netherlands. According to the ruling, Facebook used personal data for advertising purposes ...