Data broker exposes 600,000 sensitive files including background checks

A researcher has discovered a data broker had stored 644,869 PDF files in a publicly accessible cloud storage container. The 713.1 GB container an Amazon S3 bucket did not have password-protection, and the data was left unencrypted, so anybody who stumbled on them could read the files. The files...

Air fryers are the latest surveillance threat you didn’t consider

Consumer group Which? has warned shoppers to be selective when it comes to buying smart air fryers from Xiaomi, Cosori, and Aigostar. We've learned to expect that “smart” appliances come with privacy risks—toothbrushes aside—but I really hadn’t given my air fryer any thought. Now things are about...

100 million US citizens officially impacted by Change Healthcare data breach

In April, we reported that a “substantial proportion” of Americans may have had their health and personal data stolen in the Change Healthcare breach. That was based on a report provided by the UnitedHealth Group after the February cyberattack on its subsidiary Change Healthcare. The attack on...

Internet Archive suffers data breach and DDoS

A non-profit that benefits millions of people has fallen victim to a data breach and a DDoS attack. Internet Archive, most known for its Wayback Machine, is a digital library that allows users to look at website snapshots from the past. It is often used for academic research and data analysis...

100 million+ US citizens have records leaked by background check service

A background check left a huge database unprotected online containing 2.2TB of people's data, according to research by Cybernews. The database was left passwordless and easily accessible to anyone on the internet by background check firm MC2 Data. MC2 Data gathers publicly available data to provi...

London’s city transport hit by cybersecurity incident [updated]

Transport for London TfL, the citys transport authority, is fighting through an ongoing cyberattack. TfL runs three separate units that arrange transports on Londons surface, underground, and Crossrail transportation systems. It serves some 8 million inhabitants of the London metropolitan area. I...

National Public Data leaked passwords online

Earlier this month, a huge trove of data from scraping service National Public Data was posted online. The dump made international headlines because it included data on hundreds of millions of people, and included Social Security Numbers. As if that wasnt bad enough, KrebsOnSecurity is now...

Data theft forum admins busted after flashing their cash in a life of luxury

Two men without a clear source of income landed cyberfraud charges after being so flash with their ill-gotten cash that it gained the attention of the authorities. In 2022, Russian national Pavel Kublitskii and Kazakhstan national Alexandr Khodyrev arrived in Florida and requested asylum, which w...

Windows update may present users with a BitLocker recovery screen

Some Windows users may see a BitLocker Recovery screen after applying the Microsoft patch Tuesday updates. BitLocker is a Windows security feature that encrypts entire drives. It prevents someone that has obtained a stolen or lost device from reading the files stored on that drive. Unfortunately,...

Gen Z breakups tainted by login abuse for spying and stalking, research shows

Breaking up is hard to do, but for younger Americans today, ending a romantic relationship requires more than a heart-to-heart conversation—it could also require protection against follow-on invasions of online privacy and security. According to a new analysis of research released earlier this...

Rite Aid says 2.2 million people affected in data breach

The US third-largest pharmacy chain Rite Aid has filed a data breach notification in which it reports that the data stolen during a June ransomware attack compromised the data of some 2.2 million people. Ransomware group RansomHub claimed responsibility for the attack that took place on June 6,...

How an AI “artist” stole a woman’s face, with Ali Diamond (Lock and Code S05E15)

This week on the Lock and Code podcast… Full-time software engineer and part-time Twitch streamer Ali Diamond is used to seeing herself on screen, probably because she’s the one who turns the camera on. But when Diamond received a Direct Message DM on Twitter earlier this year, she learned that h...

Shopify says stolen customer data was taken in third-party breach

Shopify has denied a breach of its systems after a cybercriminal posted alleged Shopify customer details online. Shopify told BleepingComputer and other publications that the incident happened at a third party: "Shopify systems have not experienced a security incident. The data loss reported was...

Busted for book club? Why cops want to see what you’re reading, with Sarah Lamdan (Lock and Code S05E14)

This week on the Lock and Code podcast… More than 20 years ago, a law that the United States would eventually use to justify the warrantless collection of Americans phone call records actually started out as a warning sign against an entirely different target: Libraries. Not two months after...

First million breached Ticketmaster records released for free

The cybercriminal acting under the name "Sp1d3r" gave away the first 1 million records that are part of the data set that they claimed to have stolen from Ticketmaster/Live Nation. The files were released without a price, for free. When Malwarebytes Labs first learned about this data breach, it...

US bans Kaspersky, warns: “Immediately stop using that software”

The US government will ban the sale of Kaspersky antivirus products to new customers in the United States starting July 20, with a follow-on deadline to prohibit the cybersecurity company from providing users with software updates after September 29. The move follows years of allegations that the...

TikTok facing fresh lawsuit in US over children’s privacy

The Federal Trade Commission FTC has announced its referred a complaint against TikTok and parent company ByteDance to the Department of Justice. The investigation originally focused on Musical.ly which was acquired by ByteDance on November 10, 2017, and merged it into TikTok. The FTC started a...

Microsoft Recall snapshots can be easily grabbed with TotalRecall tool

Microsofts Recall feature has been criticized heavily by pretty much everyone since it was announced last month. Now, researchers have demonstrated the risks by creating a tool that can find, extract, and display everything Recall has stored on a device. For those unaware, Recall is a feature...

The Ticketmaster “breach”—what you need to know

Earlier this week, a cybercriminal group posted an alleged database up for sale online which, it says, contains customer and card details of 560 million Live Nation/Ticketmaster users. The data was offered for sale on one forum under the name "Shiny Hunters". ShinyHunters is the online handle for...

Notorious data leak site BreachForums seized by law enforcement

BreachForums—probably the largest dark web marketplace for stolen data to be leaked and sold—has been seized by law enforcement. Now, both the regular and the TOR domain of BreachForums are plastered with a message telling visitors the site is now under control of the FBI. The FBI said BreachForu...

“Substantial proportion” of Americans may have had health and personal data stolen in Change Healthcare breach

UnitedHealth Group has given an update on the February cyberattack on Change Healthcare, one of its subsidiaries. In the update, the company revealed the scale of the breach, saying: “Based on initial targeted data sampling to date, the company has found files containing protected health...

Law enforcement reels in phishing-as-a-service whopper

A major international law enforcement effort involving agencies from 19 countries has disrupted the notorious LabHost phishing-as-a-service platform. Europol reports that the organizations infrastructure has been compromised, its website shut down, and 37 suspects arrested, including four people ...

Mental health company Cerebral failed to protect sensitive personal data, must pay $7 million

The Federal Trade Commission FTC has reached a settlement with online mental health services company Cerebral after the company was charged with failing to secure and protect sensitive health data. Cerebral has agreed to an order that will restrict how the company can use or disclose sensitive...

How to change your Social Security Number

After seeing their Social Security Number SSN leaked in the AT&T breach, some US citizens are wondering if and how they can change their SSN. The good news is that even though it’s a challenging process, it is possible. But if youve ever had to abandon an email address that you used for years,...

Porn panic imperils privacy online, with Alec Muffett (re-air): Lock and Code S05E08

This week on the Lock and Code podcast… A digital form of protest could become the go-to response for the world’s largest porn website as it faces increased regulations: Not letting people access the site. In March, PornHub blocked access to visitors connecting to its website from Texas. It marke...

ALPHV ransomware gang fakes own death, fools no one

For the second time in only four months, all is not well on the ALPHV aka BlackCat ransomware gangs dark web site. Gone are the lists of compromised victims. In their place, a veritable garden of law enforcement badges has sprouted beneath the ominous message "THIS WEBSITE HAS BEEN SEIZED." The...

If only you had to worry about malware, with Jason Haddix: Lock and Code S05E04

Today on the Lock and Code podcast… If your IT and security teams think malware is bad, wait until they learn about everything else. In 2024, the modern cyberattack is a segmented, prolonged, and professional effort, in which specialists create strictly financial alliances to plant malware on...

Coldriver threat group targets high-ranking officials to obtain credentials

Researchers at Google’s Threat Analysis Group TAG have published their findings about a group they have dubbed Coldriver. The main targets of the Coldriver group are high-profile individuals in non-governmental organizations NGOs, former intelligence and military officials, and NATO governments...

How ransomware operators try to stay under the radar

An often heard remark is that when your security solution notices a ransomware attack, it’s already too late. Theres a lot of truth in that, if you consider the encryption process to be the ransomware attack. However, these days encryption is just a part of many ransomware attacks. Some of the...

Comcast’s Xfinity breached by Citrix Bleed; 36 million customer’s data accessed

In a notice for its customers, Xfinity acknowledges it recently fell victim to a data security incident. Xfinity is Comcasts brand for TV, internet, and home phone services, sometimes referred to as Comcast Cable Communications. During the data breach the attackers were able to access 35.8 millio...

SolarWinds and its CISO accused of misleading investors before major cyberattack

The Securities and Exchange Commission SEC has announced charges against software company SolarWinds Corporation and its chief information security officer CISO, Timothy G. Brown, for “fraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities.” In 202...

Patch…later? Safari iLeakage bug not fixed

Apple has released updates for its phones, Macs, iPads, watches, and TV streaming devices, fixing a bunch of security problems. But amid all that activity, one fix is notably absent—there is nothing to address the vulnerability dubbed iLeakage. iLeakage is a side-channel attack that can force the...

Battling a new DarkGate malware campaign with Malwarebytes MDR

First publicly reported in 2018, DarkGate is a Windows-based malware with a wide-range of capabilities including credential stealing and remote access to victim endpoints. Until recently, it was only seen being delivered through traditional email malspam campaigns. In late August 2023, however,...

3 crucial security steps people should do, but don't

Cybersecurity could be as easy as 1-2-3. The problem, though, is that people have to want it. In new research conducted by Malwarebytes, internet users across the United States and Canada admitted to dismal cybersecurity practices, failing to adopt some of the most basic defenses for staying safe...

Customer data stolen from gaming cloud host Shadow

Cloud infrastructure provider Shadow has warned of the data theft of over 500,000 customers. The customers were informed by a breach notification which was posted online. Cloud is known in the gaming world and, among other things, allows gamers to play resource heavy games on lower-end devices, T...

[updated] 23andMe user data stolen, offered for sale

Information belonging to as many as seven million 23andMe customers has been put up for sale on criminal forums following a credential stuffing attack against the genomics company. On Friday October 6, 2023, 23andMe confirmed via a somewhat opaque blog post that threat actors had "obtained...

Upgrading your Android device? Read this first

Last month, we wrote an article about what to do when upgrading your iPhone. Since then, we've received several requests to do a similar post about Android devices. Providing uniform and easy to follow instructions is a bit harder to do for Android, because there are many differences between make...

A week in security (October 2 - October 8)

Last week on Malwarebytes Labs: Multi-factor authentication has proven it works, so what are we waiting for? Amazon Prime email scammer snatches defeat from the jaws of victory 2023 MITRE ATT&CK® Evaluation results: Malwarebytes earns high marks for detection, blocks initial malware executions...

Sony was attacked by two ransomware operators

On September 25, newcomer ransomware group RansomedVC claimed to have successfully compromised the computer systems of entertainment giant Sony. Then, on October 4, news leaked that Sony had told current and former employees and their family members about another cybersecurity breach that exposed...

Meta and TikTok consider charging users for ad-free experience

According to a report from the Wall Street Journal, Meta is considering charging its European users around $14 a month if they don't agree to personalized ads on Facebook and Instagram. On mobile devices, the price for a single account would be higher because Meta would factor in commissions...

Malwarebytes Admin update: New Detection screens to manage threats!

We released version 1.2 of the Malwarebytes Admin app for iOS and Android last week, adding new Detection features make it easier to see and manage threats. Designed as a companion to the Nebula console, Malwarebytes Admin allows administrators to quickly review, investigate, and resolve security...

T-Mobile spills billing information to other customers

Some T-Mobile customers logged into their accounts on Wednesday to find another customers billing and account information showing on their online dashboards. T-Mobile denied there was an attack, but confirmed there had been a data leak. It said a "temporary system glitch" had misplaced some...

A week in security (September 11 - September 17)

Last week on Malwarebytes Labs: Europol lifts the lid on cybercrime tactics Malwarebytes wins every Q2 MRG Effitas award & scores 100% on new phishing test Watch out, this LastPass email with "Important information about your account" is a phish iPhone 15 launch: Wonderlust scammers rear their...

Malwarebytes wins every Q2 MRG Effitas award & scores 100% on new phishing test

MRG Effitas, a world leader in independent IT research, published their anti-malware efficacy assessment results for Q2 2023. Malwarebytes Endpoint Protection EP achieved the highest possible score 100% and received certifications for Level 1, Exploit, Online Banking, and Ransomware. These result...

Supply chain related security risks, and how to protect against them

By definition, a supply chain is the network of all the individuals, organizations, resources, activities and technology involved in the creation and sale of a product. In only a few rare cases does one organization have full control over every step in the entire process. The links in such a supp...

A week in security (August 28 - September 3)

Last week on Malwarebytes Labs: 2.6 million DuoLingo users have scraped data released Google strengthens its Workplace suite protection Meal delivery service PurFoods announces major data breach Cisco VPNs without MFA are under attack by ransomware operator "An influx of Elons," a hospital visit,...

Qakbot botnet infrastructure suffers major takedown

The Qakbot botnet has suffered a major setback after its infrastructure was heavily disrupted by US and European law enforcement agencies. Operation DuckHunt, as it was codenamed, is possibly the largest US-led financial and technical disruption of a botnet infrastructure. Not only did the agenci...

How “EDR Extra Strength” simplifies traditional EDR complexity

Traditional Endpoint Detection and Response EDR today has a three-fold complexity problem--with big consequences. First, complexity in EDR deployment causes long delays, directly impacting ROI and leaving organizations vulnerable to breaches. In fact, almost 10 percent of small security teams cit...

Social Security Numbers leaked in ransomware attack on Ohio History Connection

The Ohio History Connection OHC has posted a breach notification in which it discloses that a ransomware attack successfully encrypted internal data servers. During the attack, the cybercriminals may have had access to names, addresses, and Social Security Numbers SSNs of current and former OHC...

A week in security (August 14 - August 20)

Last week on Malwarebytes Labs: Attackers demand ransoms for stolen LinkedIn accounts Patch now! Citrix Sharefile joins the list of actively exploited file sharing software Exchange Server security updates updated Catching up with WoofLocker, the most elaborate traffic redirection scheme to tech...