4707 matches found
Vice Society: The #1 cyberthreat to schools, colleges, and universities
This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim didn't pay a ransom. This provides the best overall picture of...
Update now! MOVEit Transfer vulnerability actively exploited
On May 31, 2023, Progress Software released a security bulletin about a critical vulnerability in MOVEit Transfer. The security bulletin states: "a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an un-authenticated attacker to gain unauthorized...
US hospital forced to divert ambulances after cyberattack
The Idaho Falls Community Hospital fell victim to a cyberattack on Monday May 29, 2023. As a result, the hospital had to divert ambulances to other nearby hospitals and close some of its clinics. The hospital is keeping the public updated through its website and Facebook page. "Our commitment to...
Tracking down a trojan: An inside look at threat hunting in a corporate network
At Malwarebytes, we talk a lot about the importance of threat hunting for SMBs--and not for no good reason, either. Just consider the fact that, when a threat actor breaches a network, they dont attack right away. The median amount of time between system compromise and detection is 21 days. By th...
How to protect your small business from social engineering
When Alvin Staffin received an email from his boss, he didn't question it. In the email, Gary Bragg, then-president of Pennsylvania law firm O'Neill, Bragg & Staffin, asked Staffin to wire $580,000 to a Bank of China account. Staffin, who was VP and in charge of banking, sent the money through as...
Instagram scam promises money in exchange for your image
Were seeing a number of complaints on Reddit and elsewhere regarding a scam which flares up every so often. Its called the "Muse scam", and targets users of Instagram. Let's hear from one of the Reddit posters impacted: An artist approached me on Instagram asking if they could use one of my photo...
Spring cleaning tips for your browser
When you are resting up from the physical part of your spring cleaning and youre sitting behind your laptop or swiping left on your phone, why dont you speed up your browsing experience with a few simple actions? Lets start with your browser, as that usually has the most impact on your perception...
Beware: Fake IRS tax email wants your Microsoft account
Last week, the IRS reminded taxpayers that Tax Day, April 18, is Tuesday this week. However, in some states like Alabama, California, and New York, the federal office extended the filing deadlines due to natural disasters. This is an excellent reason for scammers to keep launching tax scam...
Massive malvertising campaign targets seniors via fake Weebly sites
Knowing their audience is something scammers excel at, and for very good reason. This is particularly true for tech support scammers whose prime targets are seniors. By understanding what retirees are searching for and abusing various online platforms, crooks can precisely go after the demographi...
Sextortion "assistance" scammers con victims further
The FBI is warning of a particular aspect of sextortion scams: Supposed organisations that offer "help" to remove stolen images, often at a significant financial cost and no guarantee of success. Sextortion, the act of blackmailing individuals for cash in return for not leaking sensitive imagery...
Ransomware in the UK, April 2022–March 2023
This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their dark web sites. In this report, "known attacks" are attacks where the victim opted not to pay a ransom. This provides the best overall picture ...
Pre-ransomware notifications are paying off right from the bat
CISA Cybersecurity and Infrastructure Security Agency has published the first results of its pre-ransomware notifications that were introduced at the start of 2023. Even though this initiative is relatively young, CISA says it has notified over 60 entities across the energy, healthcare,...
Solving the password’s hardest problem with passkeys, featuring Anna Pobletts
How many passwords do you have? If you're at all like our Lock and Code host David Ruiz, that number hovers around 200. But the important follow up question is: How many of those passwords can you actually remember on your own? Prior studies suggest a number that sounds nearly...
"Just awful" experiment points suicidal teens at chatbot
After getting in hot water for using an AI chatbot to provide mental health counseling, non-profit startup Koko has now been criticized for experimenting with young adults at risk of harming themselves. Worse, the young adults were unaware they were test subjects. Motherboard reports the experime...
WhatsApp refuses to weaken encryption, would rather leave UK
WhatsApp will not comply with the UK's Online Safety Bill when it passes legislation as is. In fact, WhatsApp would rather cease serving UK users, which make up 2% of its global market, than weaken its end-to-end encryption E2EE. Will Cathcart, head of WhatsApp at parent company Meta, made these...
Play ransomware gang leaks City of Oakland data
The Play ransomware gang has begun partially publishing data they stole from the City of Oakland, California. The data were in multiple archive files with a collective file size of 10GB. According to the ransomware gang, the files contain "private and personal information data, financial...
YouTube under fire for allegedly gathering children's data
The UKs childrens code, introduced three years ago by the Information Commissioner's Office ICO, is all about ensuring that companies make childrens privacy a primary consideration when creating sites and services, games, and toys. The code, also known as the Age Appropriate Design Code AADC, may...
US Marshals Service hit by ransomware and data breach
The US Marshals Service USMS says it's suffered a ransomware attack in which a threat actor managed to get hold of sensitive information about staff and fugitives. On February 17, 2023, the attacker infiltrated a system that held information about ongoing investigations, including personally...
How to work from home securely, the NSA way
People working remotely is no longer unusual, so the National Security Agency NSA has produced a short Best Practices PDF document detailing how remote workers can keep themselves safe from harm. In fact, the guide can also be applied to people using computers at home generally and is written in ...
DNA testing company fined after customer data theft
DNA Diagnostics Center DDC, an Ohio-based private DNA testing company, last week reached a settlement deal with the Ohio and Pennsylvania state attorneys general in relation to a 2021 breach that saw the theft of 45,000 residents' personal details. Overall the attack compromised over 2.1 million...
HardBit ransomware tailors ransom to fit your cyber insurance payout
Ransomware authors are wading into the cybersecurity insurance debate in a somewhat peculiar way. Specifically: urging victims to disclose details of their insurance contract, in order to tailor a ransom which will be beneficial to the company under attack. HardBit 2.0: dismantling a device piece...
CISA issues alert with South Korean government about DPRK's ransomware antics
CISA and other federal agencies were joined by the National Intelligence Service NIS and the Defense Security Agency of the Republic of Korea ROK in releasing the latest cybersecurity advisory in the US government's ongoing StopRansomware effort. This alert highlights continuous state-sponsored...
Reddit breached, here's what you need to know
On Thursday, February 9, 2023, Reddit reported that it had experienced a security incident as a result of an employee being phished. What happened? According to Reddit, it "became aware of a sophisticated phishing campaign" late on February 5, 2023, that attempted to steal credentials and...
Beware fake Facebook emails saying "your page has been disabled"
Facebook users need to be on their guard for bogus emails claiming to be from Facebook, that tell users their account has been disabled. The emails make use of the classic "apply some pressure" tactics so beloved of scammers everywhere. A missive that makes you shrug wont get you clicking bogus...
Identity thieves bypass security questions to access Experian credit reports
After a tip from a Telegram user who frequented identity theft channels, Brian Krebs tested and confirmed that anyone who knew your name, address, social security number SSN, and birthday could view your full credit report at Experian. Skipping security questions The method to get access did not...
Okta breached last month, no customers compromised
Some of Oktas source code fell into the hands of an unauthorized party. The code was stolen from GitHub in the first part of December, according to a statement issued by the company. In the same statement the company reassured users that there was no impact to any customers. Okta Okta is an acces...
Play ransomware group claims to have stolen hotel chain data
H-Hotels, a large hospitality chain with 60 hotels across several countries including Germany and Switzerland has announced it has fallen victim to a ransomware attack. The incident, which took place on December 11, is allegedly a double whammy of hijacked devices and data theft…if a ransomware...
Chasing cryptocurrency through cyberspace, with Brian Carter: Lock and Code S03E26
On June 7, 2021, the US Department of Justice announced a breakthrough: Less than one month after the oil and gas pipeline company Colonial Pipeline had paid its ransomware attackers roughly $4.4 million in bitcoin in exchange for a decryption key that would help the company get its systems back ...
Is Apple about to embrace third-party app stores?
On Tuesday, Bloomberg reported that Apple is preparing to allow access to third-party app stores on all iPhone and iPad devices owned by EU users, in anticipation of a new EU competition law coming into force in mid-2024. If the reporting is correct, then in future users in the EU will no longer ...
iPhone user watches as stolen phone travels from UK to China
Have you ever wondered what happens to your phone if its stolen while on vacation or a business trip? The answer may surprise you, as it did one Mastodon user who graciously shared a tale of a smartphone gaining some serious air miles. Our intrepid business traveller was in London when their phon...
Epic Games introduces safer accounts for kids
Epic have made some alterations to how accounts for kids work, with multiple features disabled for what are now known as "Cabined Accounts". If your children are big fans of Epic games like Fortnite and Rocket League, you may well have worried about their gaming interactions with other players at...
Watch out for this triple threat PayPal phish
ZDNet reports an interesting form of PayPal scam sent to one of their own writers. The scam is a so-called "triple threat" phish, in that it gives the scammer three different ways to potentially collect some ill gotten gains from potential victims. The idea is that if one of the three tactics...
"Baby dumped at the gate" post is a Facebook hoax
Every so often, bizarre but oddly believable scams do the rounds on Facebook. And so we have the latest: A tragic tale of a lost baby left outside the gate of someones house. The abandoned baby Facebook hoax springs into action A post made to Facebook December 1st by someone claiming to be in the...
Chrome users, you have 3 months to say goodbye to Windows 7 and 8.1
After keeping Chrome running on early Windows versions for two extra years, giving IT administrators time to update, Google has decided it won't delay any further: Unless organizations upgrade to Windows 10 or 11 next year, they won't be able to use Chrome. Browsers based on Chrome, such as Brave...
A cyber threat hunter talks about what he’s learned in his 16+ year cybersecurity career
Hiep Hinh is a Principal MDR Analyst at Malwarebytes, where he supports 24/7/365 Managed Detection and Response MDR efforts. Hiep has over 16 years of experience in the cybersecurity and intelligence fields, including for the US Army as an intelligence analyst and for the Airforce Computer...
A gym heist in London goes cyber
A thief has been stalking London. This past summer, multiple women reported similar crimes to the police: While working out at their local gyms, someone snuck into the locker rooms, busted open their locks, stole their rucksacks and gym bags, and then, within hours, purchased thousands of pounds ...
UK government sounds alarm on tax scams
The UK government has issued a warning for people to be on their guard against fake tax rebate scams as they gearing up to fill out their 2021/22 tax returns. Ensuring your self-employed documents are correct and accurate can be a complicated business at the best of times. Having to worry about...
Court rules webcam monitoring of remote employee was an invasion of privacy
A Dutch court has ruled that the decision to fire a remote employee because he refused to keep his webcam on during working hours was unjustified. The employee worked remotely for a Florida-based software development company with a Dutch office. The court ruled that the request to keep the webcam...
Credential stuffers take aim at Final Fantasy XIV players
Square Enix, the company behind video games like Final Fantasy XIV, reports that a third party is attempting to gain access to its Account Management System. How is this happening, and what are the risks? More importantly, what do you need to do to ensure your accounts are safe from harm?...
Meta accuses apps of stealing WhatsApp accounts
Meta is attempting to clamp down on rogue WhatsApp-styled applications which originate from China. Bleeping Computer reports that no fewer than one million WhatsApp accounts have been compromised, allegedly as a result of using these apps which are claimed to bundle malware. Dubious apps The apps...
A week in security (October 3 – 9)
Last week on Malwarebytes Labs: Romance scammer deepfakes Mark Ruffalo to con elderly artist Actively exploited vulnerability in Bitbucket Server and Data Center Ransomware-affected school district refuses to pay, gets stolen data released Ransomware review: September 2022 Huge increase in smishi...
Cyberstalking, pig masks, and cockroaches: Former eBay execs are sentenced
The former Senior Director of Safety & Security at eBay, and the companys former Director of Global Resiliency, have been sentenced to prison for their roles in a cyberstalking campaign. The targets of the campaign were the editor and publisher of a newsletter that eBay executives viewed as...
Huge increase in smishing scams, warns IRS
The Internal Revenue Service IRS has issued a warning for taxpayers about a recent increase in IRS-themed smishing scams aimed at stealing personal and financial information. Smishing is short for SMS phishing, where the phishes are sent via text message. The IRS has identified and reported...
Ransomware-affected school district refuses to pay, gets stolen data released
Data stolen from Los Angeles Unified School District has been leaked online, after staff refused to pay the ransom related to a ransomware attack. The attackers threatened to release the data if the ransom wasn't paid, and so release it they did. The double extortion tactic Threatening to release...
A week in security (September 26 – October 2)
Last week on Malwarebytes Labs: Why almost everything we told you about passwords was wrong Two new Exchange Server zero-days in the wild Local government cybersecurity: 5 best practices Optus data breach "attacker" says sorry, it was a mistake Fast Company hacked to send obscene and racist...
TikTok faces $28m fine for failing to protect children's privacy
TikTok is no stranger to controversy where data usage is concerned. Back in 2021, the social media dance extravaganza platform agreed to pay $92m to settle dozens of lawsuits alleging harvesting of personal data. There has also been concern with regard to whether or not settings were enough to ke...
InterContinental Hotels' booking systems disrupted by cyberattack
In a statement filed at the London Stock Exchange, InterContinental Hotels Group PLC reports that parts of the company's technology systems have been subject to unauthorized activity. The activity significantly disrupted IHG's booking channels and other applications. The InterContinental Hotels...
Malwarebytes receives highest rankings in recent third-party tests
Malwarebytes Endpoint Protection continues to receive outstanding results in third-party testing. Our recent participation in two highly-regarded industry evaluations, namely MRG-Effitas and Info-Techs Data Quadrant Report, reflects our belief that continual testing and unbiased validation are...
Twilio data breach turns out to be more elaborate than suspected
Earlier this month, messaging service Twilio got compromised by a sophisticated social engineering attack. After deploying phishing attacks against company employees, hackers were able to access user data, but now it seems that the impact of the hack was more elaborate than originally assumed. In...
Anti-tracking tool tells you if you're being followed
If there is one thing we know about the people around us, even the perfect strangers, it's that they almost all have smartphones. And those smartphones aren't merely passive receivers, they're broadcasting constantly, looking for things you might want to connect to. Advertisers have exploited the...