4707 matches found
The main causes of ransomware reinfection
A few months ago, we wrote about a ransomware reinfection incident. Ransomware reinfection arguably could be even worse than being a first time victim. Unfortunately it happens more often than you may think. Research shows that in 2022, more than a third 38% of surveyed organizations fell victim ...
Qakbot botnet infrastructure suffers major takedown
The Qakbot botnet has suffered a major setback after its infrastructure was heavily disrupted by US and European law enforcement agencies. Operation DuckHunt, as it was codenamed, is possibly the largest US-led financial and technical disruption of a botnet infrastructure. Not only did the agenci...
Social Security Numbers leaked in ransomware attack on Ohio History Connection
The Ohio History Connection OHC has posted a breach notification in which it discloses that a ransomware attack successfully encrypted internal data servers. During the attack, the cybercriminals may have had access to names, addresses, and Social Security Numbers SSNs of current and former OHC...
Old exploit kits still kicking around in 2023
The year is 2023 and there still are some people using Internet Explorer on planet Earth. More shocking perhaps, is the fact there are still threat actors maintaining exploit kit infrastructure and dropping new malware. In this quick blog post, we review two well-known toolkits from the past,...
60,000 Androids have stalkerware-type app Spyhide installed
Stalkerware-type app Spyhide is coded so badly that its possible to gain access to the back-end databases and retrieve data about everyone that has the app on their device. And it's not a small number. Hacktivist maia arson crimew told TechCrunch she'd found 60,000 compromised Android devices,...
How to set up computer security for your parents
Last Sunday July 23, 2023 was National Parents Day. And maybe you are wondering how you can repay your parents for turning you into the person you are today. And we have an idea that shouldn't cost you much more than some of your time. Help them to shore up their cybersecurity, if they need it. I...
Estée Lauder targeted by Cl0p and BlackCat ransomware groups
Estee Lauder is currently at the heart of a compromise storm, revealing a major security issue via a Security Exchange Commission SEC filing on Tuesday. Although no detailed explanation of what has taken place is given, there is confirmation that an attack allowed access to some systems and...
Brave browser will prevent websites from port scanning visitors
If you use Brave browser, then youre shortly going to find you have a new string added to your security bow. Websites performing port scanning will now be automatically blocked beginning with version 1.54 of the browsing tool. Port scanning, I hear you cry? Yes indeed. You may well not have even...
Edge browser feature sends images you view back to Microsoft
A relatively new service provided by Microsofts browser Edge sends images you've viewed online back to Microsoft. A new feature labelled Enhance images in Microsoft Edge has raised some privacy concerns. The feature is designed to upscale low resolution images, making them sharper, and improving...
Public and free WiFi: Can I safely use it?
We've got into the habit of expecting internet access wherever we go. But data costs can be expensive, and out of your own home often the only WiFi available is public, passwordless and free. In security, we've been trained to carefully contemplate anything that's free, because, well, often when...
Microsoft illegally collected and retained children's data, says FTC
Microsoft is counting the cost of privacy violations, with $20m in fines related to illegal data collection from childrens Xbox accounts. The Xbox manufacturer has reached a settlement with the Federal Trade Commision FTC, a result which promises to have other console developers looking closely a...
The 2023 State of Ransomware in Education: 84% increase in attacks over 6-month period
This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim didn't pay a ransom. This provides the best overall picture of...
Amazon's Ring cameras were used to spy on customers
Every single Amazon Ring employee was able to access every single customer video, even when it wasn't necessary for their jobs. Not only that, but the employees--along with workers from a third-party contractor in Ukraine--could also download any of those videos and then save and share them as th...
"Beautiful Cookie Consent Banner" WordPress plugin vulnerability: Update now!
WordPress plugins are under fire once more, and youre advised to update your version of Beautiful Cookie Consent Banner as soon as possible. The plugin, which is installed on more than 40,000 sites, has been impacted by a "bizarre campaign" being actively used since at least February 5 of this...
Google to pay $40m for "deceptive and unfair" location tracking practices
Google is going to pay $39.9 million to Washington State to put to rest a lawsuit about its location tracking practices which has been in play since last year. Google was accused of "misleading consumers" by State Attorney General Bob Ferguson. From the AG press release: Attorney General Bob...
Why we should be more open about ransomware attacks
The UKs National Cyber Security Centre NCSC has published an article that reflects on why its so concerning when cyberattacks go unreported, saying: ...we are increasingly concerned about what happens behind the scenes of the attacks we dont hear about, particularly the ransomware ones. One of th...
Google Passkeys: How to create one and when you shouldn't
Google has just brought users closer to a passwordless future. In a recent blog post, the tech giant introduced the option to create and use a safer, more convenient alternative to passwords: Passkeys, a form of digital credential. So, how do they work? Passkeys are generated using public-key...
Ransomware attack on MSI led to compromised Intel Boot Guard private keys
On April 7, 2023 MSI Micro-Star International released a statement confirming a cyberattack on part of its information systems. While the statement does not reveal a lot of tangible information, this snippet is important: "MSI urges users to obtain firmware/BIOS updates only from its official...
Google Authenticator WILL get end-to-end encryption. Eventually.
Following criticism, Google has decided to bring end-to-end encryption E2EE to its Google Authenticator cloud backups. The search giant recently introduced a feature that allows users back up two-factor authentication 2FA tokens to the cloud, but the lack of encryption caused some commentators to...
Black Basta ransomware attacks Yellow Pages Canada
The Canadian Yellow Pages Group has confirmed it recently became victim of a cyberattack. The Black Basta ransomware group has claimed responsibility for this attack by posting about Yellow Pages on the "Basta News" leak site. When such a post shows up, it usually means that negotiations with the...
LockBit ransomware on Mac: Should we worry?
One of the big headlines over the weekend is LockBit, the high-profile Russian ransomware gang, decided to expand its portfolio of potential victims by creating and releasing its first macOS payload, potentially triggering members of the Apple community to panic. But have no fear: Apple security...
Living Off the Land (LOTL) attacks: Detecting ransomware gangs hiding in plain sight
Regular readers of our monthly ransomware review read our April edition here know that Ransomware-as-a-Service RaaS gangs have been making headlines globally with their disruptive attacks on organizations. Sometimes, though, its not enough to merely know about of the problem. In order to truly...
Ransomware in Germany, April 2022 – March 2023
This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are attacks where the victim opted not to pay a ransom. This provides the best overall picture ...
Google Pay accidentally handed out free money, bug now fixed
Days ago, several Google Pay users in the US received some unexpected cashback from Google, congratulating them "for dogfooding the Google Pay Remittance experience". Confused and a tad happy, some looked to Twitter for answers, while others aired their experiences on the /r/googlepay/ Reddit pag...
Visitors of tax return e-file service may have downloaded malware
The IRS-authorized electronic filing service for tax returns, eFile.com, has been caught serving a couple of malicious JavaScript JS files these past few weeks, according to several security researchers and corroborated by BleepingComputer. Note this security incident only concerns eFile.com, not...
Steer clear of this EE phish that wants your card details
Watch out for this piece of spam lurking in mail boxes and claiming to be from the EE mobile network. The mail, titled "We were unable to renew your monthly plan" with a likely random reference number alongside it, reads as follows: Due to a problem with your card, we were unable to charge your...
A week in security (March 13 - 19)
Last week on Malwarebytes Labs: "Brad Pitt," a still body, ketchup, and a knife, or the best trick ever played on a romance scammer, with Becky Holmes: Lock and Code S04E06 Breast cancer photos published by ransomware gang WhatsApp refuses to weaken encryption, would rather leave UK "Just awful"...
A week in security (February 6 - 12)
Last week on Malwarebytes Labs: Two year old vulnerability used in ransomware attack against VMware ESXi On the 20th Safer Internet Day, what was security like back in 2004? Florida hospital takes entire IT systems offline after 'ransomware attack' Introducing Malwarebytes Mobile Security for...
A week in security (January 23—29)
Last week on Malwarebytes Labs: T-Mobile reports data theft of 37 million customers in the US Ransomware revenue significantly down over 2022 Microsoft to end direct sale of Windows 10 licenses at the end of January TikTok CEO told to "step up efforts to comply" with digital laws 4 ways to protec...
What happened in privacy in 2022
Annual reviews of any years developments in privacy rarely lend themselves to pithy wrap-ups, but 2022 was different, providing the clearest example yet for so many people--American women in particular--that their privacy was not theirs to determine, and that the often-repeated refrain that priva...
WhatsApp lawsuit against NSO Group greenlit by Supreme Court
On Monday, the US Supreme Court denied the NSO Group's petition for a writ of certiorari, a request to the high court to review its case, signaling that Meta's WhatsApp can go ahead with its case against the Israeli-based company behind the Pegasus spyware. The court didn't explain why it refused...
US school district sues Facebook, Instagram, Snapchat, TikTok over harm to kids
Public schools in a Seattle district filed a lawsuit on Friday against parent companies of the biggest social networks on the internet, alleging social media is to blame for "a youth mental health crisis", and saying these companies have purposefully designed, refined, and operated their platform...
Louisiana wants your ID if you're looking at adult-only websites
The state of Louisiana introduced a law on January 1, 2023, that holds sites that specialize in pornographic content accountable if they do not check their visitors' ages. A website is obliged to check whether a visitor is of the legal age required to access pornographic content if a substantial...
Google sues "harassing and deceptive" impersonator
After receiving many complaints, Google has announced it has filed a lawsuit against a company that has made it its business to impersonate Google. The company going by the name of "G Verifier" deployed telemarketing and website tactics that were intended to persuade people they were doing busine...
Looking for student debt relief? Watch out for scammers says the FBI
The FBI believes that scammers may be after people applying for the One-Time Federal Student Loan Debt Relief, a program announced by the Biden-Harris Administration in August 2022 that provides up to $20,000 in student loan debt relief. In a recent public service announcement, the agency warned ...
Microsoft fixes driver blocklist placing users at risk from BYOVD attacks
There may be an all-new acronym for you to try and remember, as a result of Microsoft fixing a lingering issue. This issue is called Bring Your Own Vulnerable Driver BYOVD, and BYOVD has been popping up in various forms for the last few months. These attacks may have been less impactful if a...
Teen talk: What it's like to grow up online, and the role of parents: Lock and Code S03E21
Growing up is different for teens today. Issues with identity, self-expression, bullying, fitting in, and trusting your friends and family--while all those certainly existed decades ago, they were never magnified in quite the same way that they are today, and that's largely because of one enormou...
Ransomware review: September 2022
Malwarebytes Threat Intelligence builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their Dark Web leak sites. This information represents victims who were successfully attacked but opted not to pay a ransom. This article is also availab...
Facebook users sue Meta for allegedly building "secret workaround" to Apple privacy safeguards
Last week, two Facebook users filed a class-action complaint against Meta in San Francisco's federal court, alleging the company built a "secret workaround" to Apple's safeguards that protect iPhone users from tracking. Facebook circumvents Apple's privacy rules by opening in-app browsers within...
The privacy concerns of tying SIM cards to real identities
The registration of SIM cards tied to a verified identity is back in the news, off the back of large-scale phone fraud. In what some may call a knee-jerk response to a problem, there are calls to revive a legal bill and make it law. Whats happening, and what are the potential ramifications? Hitti...
How to help your child manage their online reputation
Whether your child has been socially active online for a while now or you just handed your young one their first ever smartphone, now is an excellent time to think about managing their online reputation. The concept may sound overwhelming, but doing it is easy. Since you're no doubt talking to yo...
6 patch management best practices for businesses
Patching is a thorn in the side of many businesses today: Everything from keeping up with the volume of patches to prioritizing what needs to be patched first can cause major delays in a business's patching process. Needless to say, businesses are looking to streamline their patch management...
Google flags man as sex abuser after he sends photos of child to doctor
Mark noticed something was wrong with his son. His penis was hurting and appeared to be swollen. Since it was a Saturday during the pandemic, an emergency consultation was scheduled by video. So the doctor could assess the problem ahead of time, the parents were advised to send photos of their...
Donut breach: Lessons from pen-tester Mike Miller: Lock and Code S03E17
When Mike Miller was hired by a client to run a penetration test on one of their offices, he knew exactly where to start: Krispy Kreme. Equipped with five dozen donuts the boxes stacked just high enough to partially obscure his face, Miller said, Miller walked briskly into a side-door of his...
NetStandard attack should make Managed Service Providers sit up and take notice
Managed Service Providers MSPs, organizations that allow companies to outsource a variety of IT and security functions, are a growing market. Because they are a potential gateway to lots of company networks they make a very attractive target for cybercriminals. In a recent threat advisory Huntres...
Another ransomware payment recovered by the Justice Department
The Justice Department today announced a complaint filed in the District of Kansas to forfeit cryptocurrency paid as ransom to North Korean hackers or otherwise used to launder such ransom payments. The seized funds amounting to half a million US dollars, include ransoms paid by health care...
The FTC will go after companies misusing location, health, and other sensitive data
After the overturning of Roe V Wade, many feared that using, having access to, and sharing reproductive and sexual health data—once done freely—would be outlawed with the practice of abortion in many states. To protect such data from falling into the wrong hands, Congresswoman Sara Jacobs D-CA...
YouTube AI wrongfully flags horror short “Show for Children” as suitable for children
When content creators flag one of their own videos as inappropriate for children, we expect YouTubes AI moderator to accept this and move on. But the video streaming bot doesnt seem to get it. Not only can it prevent creators from correcting a miscategorization, its synthetic will is also final—n...
Google to delete location data of trips to abortion clinics
The historical overturning of Roe v. Wade in June prompted lawmakers and technology companies to respond with deep concern over the future of data. Google is one of those companies. In a post to "The Keyword" blog last week, Google said it will act further in protecting its users privacy by...
The Quad commits to strengthening cybersecurity in software, supply chains
The United States, Australia, and its Asian partners—India and Japan—have agreed to work on several cybersecurity initiatives on software, supply chain, and user data. The countries leaders, who convened in Tokyo on May 24, 2022, have met annually four times since the revival of the...