Lucene search
K
MalwarebytesMost viewed

4707 matches found

Malwarebytes
Malwarebytes
added 2023/09/11 2:0 a.m.14 views

The main causes of ransomware reinfection

A few months ago, we wrote about a ransomware reinfection incident. Ransomware reinfection arguably could be even worse than being a first time victim. Unfortunately it happens more often than you may think. Research shows that in 2022, more than a third 38% of surveyed organizations fell victim ...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/08/31 1:0 a.m.14 views

Qakbot botnet infrastructure suffers major takedown

The Qakbot botnet has suffered a major setback after its infrastructure was heavily disrupted by US and European law enforcement agencies. Operation DuckHunt, as it was codenamed, is possibly the largest US-led financial and technical disruption of a botnet infrastructure. Not only did the agenci...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/08/30 1:0 a.m.14 views

Social Security Numbers leaked in ransomware attack on Ohio History Connection

The Ohio History Connection OHC has posted a breach notification in which it discloses that a ransomware attack successfully encrypted internal data servers. During the attack, the cybercriminals may have had access to names, addresses, and Social Security Numbers SSNs of current and former OHC...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/08/11 10:0 a.m.14 views

Old exploit kits still kicking around in 2023

The year is 2023 and there still are some people using Internet Explorer on planet Earth. More shocking perhaps, is the fact there are still threat actors maintaining exploit kit infrastructure and dropping new malware. In this quick blog post, we review two well-known toolkits from the past,...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/26 2:0 a.m.14 views

60,000 Androids have stalkerware-type app Spyhide installed

Stalkerware-type app Spyhide is coded so badly that its possible to gain access to the back-end databases and retrieve data about everyone that has the app on their device. And it's not a small number. Hacktivist maia arson crimew told TechCrunch she'd found 60,000 compromised Android devices,...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/25 2:0 a.m.14 views

How to set up computer security for your parents

Last Sunday July 23, 2023 was National Parents Day. And maybe you are wondering how you can repay your parents for turning you into the person you are today. And we have an idea that shouldn't cost you much more than some of your time. Help them to shore up their cybersecurity, if they need it. I...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/21 2:0 p.m.14 views

Estée Lauder targeted by Cl0p and BlackCat ransomware groups

Estee Lauder is currently at the heart of a compromise storm, revealing a major security issue via a Security Exchange Commission SEC filing on Tuesday. Although no detailed explanation of what has taken place is given, there is confirmation that an attack allowed access to some systems and...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/03 2:0 a.m.14 views

Brave browser will prevent websites from port scanning visitors

If you use Brave browser, then youre shortly going to find you have a new string added to your security bow. Websites performing port scanning will now be automatically blocked beginning with version 1.54 of the browsing tool. Port scanning, I hear you cry? Yes indeed. You may well not have even...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/06/13 1:0 a.m.14 views

Edge browser feature sends images you view back to Microsoft

A relatively new service provided by Microsofts browser Edge sends images you've viewed online back to Microsoft. A new feature labelled Enhance images in Microsoft Edge has raised some privacy concerns. The feature is designed to upscale low resolution images, making them sharper, and improving...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/06/12 1:0 a.m.14 views

Public and free WiFi: Can I safely use it?

We've got into the habit of expecting internet access wherever we go. But data costs can be expensive, and out of your own home often the only WiFi available is public, passwordless and free. In security, we've been trained to carefully contemplate anything that's free, because, well, often when...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/06/07 1:0 a.m.14 views

Microsoft illegally collected and retained children's data, says FTC

Microsoft is counting the cost of privacy violations, with $20m in fines related to illegal data collection from childrens Xbox accounts. The Xbox manufacturer has reached a settlement with the Federal Trade Commision FTC, a result which promises to have other console developers looking closely a...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/06/05 11:0 a.m.14 views

The 2023 State of Ransomware in Education: 84% increase in attacks over 6-month period

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim didn't pay a ransom. This provides the best overall picture of...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/06/01 1:15 a.m.14 views

Amazon's Ring cameras were used to spy on customers

Every single Amazon Ring employee was able to access every single customer video, even when it wasn't necessary for their jobs. Not only that, but the employees--along with workers from a third-party contractor in Ukraine--could also download any of those videos and then save and share them as th...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/25 9:0 p.m.14 views

"Beautiful Cookie Consent Banner" WordPress plugin vulnerability: Update now!

WordPress plugins are under fire once more, and youre advised to update your version of Beautiful Cookie Consent Banner as soon as possible. The plugin, which is installed on more than 40,000 sites, has been impacted by a "bizarre campaign" being actively used since at least February 5 of this...

5.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/23 12:0 p.m.14 views

Google to pay $40m for "deceptive and unfair" location tracking practices

Google is going to pay $39.9 million to Washington State to put to rest a lawsuit about its location tracking practices which has been in play since last year. Google was accused of "misleading consumers" by State Attorney General Bob Ferguson. From the AG press release: Attorney General Bob...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/15 1:45 p.m.14 views

Why we should be more open about ransomware attacks

The UKs National Cyber Security Centre NCSC has published an article that reflects on why its so concerning when cyberattacks go unreported, saying: ...we are increasingly concerned about what happens behind the scenes of the attacks we dont hear about, particularly the ransomware ones. One of th...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/11 1:0 a.m.14 views

Google Passkeys: How to create one and when you shouldn't

Google has just brought users closer to a passwordless future. In a recent blog post, the tech giant introduced the option to create and use a safer, more convenient alternative to passwords: Passkeys, a form of digital credential. So, how do they work? Passkeys are generated using public-key...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/09 1:0 a.m.14 views

Ransomware attack on MSI led to compromised Intel Boot Guard private keys

On April 7, 2023 MSI Micro-Star International released a statement confirming a cyberattack on part of its information systems. While the statement does not reveal a lot of tangible information, this snippet is important: "MSI urges users to obtain firmware/BIOS updates only from its official...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/03 12:15 p.m.14 views

Google Authenticator WILL get end-to-end encryption. Eventually.

Following criticism, Google has decided to bring end-to-end encryption E2EE to its Google Authenticator cloud backups. The search giant recently introduced a feature that allows users back up two-factor authentication 2FA tokens to the cloud, but the lack of encryption caused some commentators to...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/25 1:0 a.m.14 views

Black Basta ransomware attacks Yellow Pages Canada

The Canadian Yellow Pages Group has confirmed it recently became victim of a cyberattack. The Black Basta ransomware group has claimed responsibility for this attack by posting about Yellow Pages on the "Basta News" leak site. When such a post shows up, it usually means that negotiations with the...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/18 5:0 a.m.14 views

LockBit ransomware on Mac: Should we worry?

One of the big headlines over the weekend is LockBit, the high-profile Russian ransomware gang, decided to expand its portfolio of potential victims by creating and releasing its first macOS payload, potentially triggering members of the Apple community to panic. But have no fear: Apple security...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/17 2:0 p.m.14 views

Living Off the Land (LOTL) attacks: Detecting ransomware gangs hiding in plain sight

Regular readers of our monthly ransomware review read our April edition here know that Ransomware-as-a-Service RaaS gangs have been making headlines globally with their disruptive attacks on organizations. Sometimes, though, its not enough to merely know about of the problem. In order to truly...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/17 9:0 a.m.14 views

Ransomware in Germany, April 2022 – March 2023

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are attacks where the victim opted not to pay a ransom. This provides the best overall picture ...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/13 2:0 a.m.14 views

Google Pay accidentally handed out free money, bug now fixed

Days ago, several Google Pay users in the US received some unexpected cashback from Google, congratulating them "for dogfooding the Google Pay Remittance experience". Confused and a tad happy, some looked to Twitter for answers, while others aired their experiences on the /r/googlepay/ Reddit pag...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/06 11:0 a.m.14 views

Visitors of tax return e-file service may have downloaded malware

The IRS-authorized electronic filing service for tax returns, eFile.com, has been caught serving a couple of malicious JavaScript JS files these past few weeks, according to several security researchers and corroborated by BleepingComputer. Note this security incident only concerns eFile.com, not...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/03/31 9:0 a.m.14 views

Steer clear of this EE phish that wants your card details

Watch out for this piece of spam lurking in mail boxes and claiming to be from the EE mobile network. The mail, titled "We were unable to renew your monthly plan" with a likely random reference number alongside it, reads as follows: Due to a problem with your card, we were unable to charge your...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/03/20 1:0 a.m.14 views

A week in security (March 13 - 19)

Last week on Malwarebytes Labs: "Brad Pitt," a still body, ketchup, and a knife, or the best trick ever played on a romance scammer, with Becky Holmes: Lock and Code S04E06 Breast cancer photos published by ransomware gang WhatsApp refuses to weaken encryption, would rather leave UK "Just awful"...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/13 8:45 a.m.14 views

A week in security (February 6 - 12)

Last week on Malwarebytes Labs: Two year old vulnerability used in ransomware attack against VMware ESXi On the 20th Safer Internet Day, what was security like back in 2004? Florida hospital takes entire IT systems offline after 'ransomware attack' Introducing Malwarebytes Mobile Security for...

0.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/29 5:0 p.m.14 views

A week in security (January 23—29)

Last week on Malwarebytes Labs: T-Mobile reports data theft of 37 million customers in the US Ransomware revenue significantly down over 2022 Microsoft to end direct sale of Windows 10 licenses at the end of January TikTok CEO told to "step up efforts to comply" with digital laws 4 ways to protec...

0.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/27 11:0 a.m.14 views

What happened in privacy in 2022

Annual reviews of any years developments in privacy rarely lend themselves to pithy wrap-ups, but 2022 was different, providing the clearest example yet for so many people--American women in particular--that their privacy was not theirs to determine, and that the often-repeated refrain that priva...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/12 6:0 a.m.14 views

WhatsApp lawsuit against NSO Group greenlit by Supreme Court

On Monday, the US Supreme Court denied the NSO Group's petition for a writ of certiorari, a request to the high court to review its case, signaling that Meta's WhatsApp can go ahead with its case against the Israeli-based company behind the Pegasus spyware. The court didn't explain why it refused...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/10 3:0 p.m.14 views

US school district sues Facebook, Instagram, Snapchat, TikTok over harm to kids

Public schools in a Seattle district filed a lawsuit on Friday against parent companies of the biggest social networks on the internet, alleging social media is to blame for "a youth mental health crisis", and saying these companies have purposefully designed, refined, and operated their platform...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/09 11:0 a.m.14 views

Louisiana wants your ID if you're looking at adult-only websites

The state of Louisiana introduced a law on January 1, 2023, that holds sites that specialize in pornographic content accountable if they do not check their visitors' ages. A website is obliged to check whether a visitor is of the legal age required to access pornographic content if a substantial...

Exploits0
Malwarebytes
Malwarebytes
added 2022/12/01 9:30 p.m.14 views

Google sues "harassing and deceptive" impersonator

After receiving many complaints, Google has announced it has filed a lawsuit against a company that has made it its business to impersonate Google. The company going by the name of "G Verifier" deployed telemarketing and website tactics that were intended to persuade people they were doing busine...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/10/21 3:30 p.m.14 views

Looking for student debt relief? Watch out for scammers says the FBI

The FBI believes that scammers may be after people applying for the One-Time Federal Student Loan Debt Relief, a program announced by the Biden-Harris Administration in August 2022 that provides up to $20,000 in student loan debt relief. In a recent public service announcement, the agency warned ...

1.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/10/20 11:0 a.m.14 views

Microsoft fixes driver blocklist placing users at risk from BYOVD attacks

There may be an all-new acronym for you to try and remember, as a result of Microsoft fixing a lingering issue. This issue is called Bring Your Own Vulnerable Driver BYOVD, and BYOVD has been popping up in various forms for the last few months. These attacks may have been less impactful if a...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/10/10 3:0 p.m.14 views

Teen talk: What it's like to grow up online, and the role of parents: Lock and Code S03E21

Growing up is different for teens today. Issues with identity, self-expression, bullying, fitting in, and trusting your friends and family--while all those certainly existed decades ago, they were never magnified in quite the same way that they are today, and that's largely because of one enormou...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/10/04 11:0 a.m.14 views

Ransomware review: September 2022

Malwarebytes Threat Intelligence builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their Dark Web leak sites. This information represents victims who were successfully attacked but opted not to pay a ransom. This article is also availab...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/09/27 12:15 p.m.14 views

Facebook users sue Meta for allegedly building "secret workaround" to Apple privacy safeguards

Last week, two Facebook users filed a class-action complaint against Meta in San Francisco's federal court, alleging the company built a "secret workaround" to Apple's safeguards that protect iPhone users from tracking. Facebook circumvents Apple's privacy rules by opening in-app browsers within...

1.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/09/14 1:0 p.m.14 views

The privacy concerns of tying SIM cards to real identities

The registration of SIM cards tied to a verified identity is back in the news, off the back of large-scale phone fraud. In what some may call a knee-jerk response to a problem, there are calls to revive a legal bill and make it law. Whats happening, and what are the potential ramifications? Hitti...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/09/14 9:0 a.m.14 views

How to help your child manage their online reputation

Whether your child has been socially active online for a while now or you just handed your young one their first ever smartphone, now is an excellent time to think about managing their online reputation. The concept may sound overwhelming, but doing it is easy. Since you're no doubt talking to yo...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/09/12 2:30 p.m.14 views

6 patch management best practices for businesses

Patching is a thorn in the side of many businesses today: Everything from keeping up with the volume of patches to prioritizing what needs to be patched first can cause major delays in a business's patching process. Needless to say, businesses are looking to streamline their patch management...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/23 11:0 a.m.14 views

Google flags man as sex abuser after he sends photos of child to doctor

Mark noticed something was wrong with his son. His penis was hurting and appeared to be swollen. Since it was a Saturday during the pandemic, an emergency consultation was scheduled by video. So the doctor could assess the problem ahead of time, the parents were advised to send photos of their...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/15 5:0 a.m.14 views

Donut breach: Lessons from pen-tester Mike Miller: Lock and Code S03E17

When Mike Miller was hired by a client to run a penetration test on one of their offices, he knew exactly where to start: Krispy Kreme. Equipped with five dozen donuts the boxes stacked just high enough to partially obscure his face, Miller said, Miller walked briskly into a side-door of his...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/03 4:0 p.m.14 views

NetStandard attack should make Managed Service Providers sit up and take notice

Managed Service Providers MSPs, organizations that allow companies to outsource a variety of IT and security functions, are a growing market. Because they are a potential gateway to lots of company networks they make a very attractive target for cybercriminals. In a recent threat advisory Huntres...

0.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/07/20 3:50 p.m.14 views

Another ransomware payment recovered by the Justice Department

The Justice Department today announced a complaint filed in the District of Kansas to forfeit cryptocurrency paid as ransom to North Korean hackers or otherwise used to launder such ransom payments. The seized funds amounting to half a million US dollars, include ransoms paid by health care...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/07/18 3:55 p.m.14 views

The FTC will go after companies misusing location, health, and other sensitive data

After the overturning of Roe V Wade, many feared that using, having access to, and sharing reproductive and sexual health data—once done freely—would be outlawed with the practice of abortion in many states. To protect such data from falling into the wrong hands, Congresswoman Sara Jacobs D-CA...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/07/08 3:57 p.m.14 views

YouTube AI wrongfully flags horror short “Show for Children” as suitable for children

When content creators flag one of their own videos as inappropriate for children, we expect YouTubes AI moderator to accept this and move on. But the video streaming bot doesnt seem to get it. Not only can it prevent creators from correcting a miscategorization, its synthetic will is also final—n...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/07/06 1:39 p.m.14 views

Google to delete location data of trips to abortion clinics

The historical overturning of Roe v. Wade in June prompted lawmakers and technology companies to respond with deep concern over the future of data. Google is one of those companies. In a post to "The Keyword" blog last week, Google said it will act further in protecting its users privacy by...

0.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/05/30 2:50 p.m.14 views

The Quad commits to strengthening cybersecurity in software, supply chains

The United States, Australia, and its Asian partners—India and Japan—have agreed to work on several cybersecurity initiatives on software, supply chain, and user data. The countries leaders, who convened in Tokyo on May 24, 2022, have met annually four times since the revival of the...

0.7AI score
Exploits0
Total number of security vulnerabilities4707