4706 matches found
Toyota confirms customer and employee data stolen, says breach at third party to blame
Last week, a cybercriminal using the handle ZeroSevenGroup dumped 240GB of data on the infamous stolen data site BreachForums, that they said came from a hack on the US branch of car manufacturer Toyota. ZeroSevenGroup claims the dump includes customer and employee data. ZeroSevenGroup posted the...
Magniber ransomware targets home users
If you’ve been following any news about ransomware, you may be under the impression that ransomware groups are only after organizations rather than individual people, and for the most part that’s true. However, Magniber is one ransomware that does target home users. And its back, with full force,...
Rite Aid says 2.2 million people affected in data breach
The US third-largest pharmacy chain Rite Aid has filed a data breach notification in which it reports that the data stolen during a June ransomware attack compromised the data of some 2.2 million people. Ransomware group RansomHub claimed responsibility for the attack that took place on June 6,...
How an AI “artist” stole a woman’s face, with Ali Diamond (Lock and Code S05E15)
This week on the Lock and Code podcast… Full-time software engineer and part-time Twitch streamer Ali Diamond is used to seeing herself on screen, probably because she’s the one who turns the camera on. But when Diamond received a Direct Message DM on Twitter earlier this year, she learned that h...
iPhone users in 98 countries warned about spyware by Apple
In April 2024, we reported how Apple was warning people of mercenary attacks via its threat notification system. At the time it warned users in 92 countries. In a new round, Apple is now warning users in 98 countries of potential mercenary spyware attacks. The message sent to the affected users...
(Almost) everything you always wanted to know about cybersecurity, but were too afraid to ask, with Tjitske de Vries: Lock and Code S05E13
This week on the Lock and Code podcast… Ready to know what Malwarebytes knows? Ask us your questions and get some answers. What is a passphrase and what makes it—what’s the word? Strong? Every day, countless readers, listeners, posters, and users ask us questions about some of the most commonly...
“No social media ’til 16,” and other fixes for a teen mental health crisis, with Dr. Jean Twenge: Lock and Code S04E10
This week on the Lock and Code podcast… You’ve likely felt it: The dull pull downwards of a smartphone scroll. The “five more minutes” just before bed. The sleep still there after waking. The edges of your calm slowly fraying. After more than a decade of our most recent technological experiment, ...
A week in security (April 1 – April 7)
A list of topics we covered in the week of April 1 to April 7 of 2024 Last week on Malwarebytes Labs: 60% of small businesses are concerned about cybersecurity threats Cookie consent choices are just being ignored by some websites Bing ad for NordVPN leads to SecTopRAT Jackson County hit by...
Malwarebytes crushes malware all the time
About a month ago, The PC Security Channel TPSC ran a test to check out the detection capabilities of Malwarebytes. They tested Malwarebytes by executing a repository of 2015 “malicious” files to see how many Malwarebytes would detect. This YouTube video shows how a script executes the files and...
Coldriver threat group targets high-ranking officials to obtain credentials
Researchers at Google’s Threat Analysis Group TAG have published their findings about a group they have dubbed Coldriver. The main targets of the Coldriver group are high-profile individuals in non-governmental organizations NGOs, former intelligence and military officials, and NATO governments...
Comcast’s Xfinity breached by Citrix Bleed; 36 million customer’s data accessed
In a notice for its customers, Xfinity acknowledges it recently fell victim to a data security incident. Xfinity is Comcasts brand for TV, internet, and home phone services, sometimes referred to as Comcast Cable Communications. During the data breach the attackers were able to access 35.8 millio...
Update your iPhones! Apple fixes two zero-days in iOS
Apple has released emergency security updates for iOS 17.1.2 and iPadOS 17.1.2 to patch for two zero-day vulnerabilities that may have been actively exploited. Apple said both vulnerabilities were in the WebKit component, which is the engine that powers Safari browser on Macs as well as all...
Many major websites allow users to have weak passwords
A new study that examines the current state of password policies across the internet shows that many of the most popular websites allow users to create weak passwords. For the Georgia Tech study, the researchers designed an algorithm that automatically determined a website’s password policy. With...
A week in security (November 13 – November 19)
Last week on Malwarebytes Labs: Signal is testing usernames so you don’t have to share your phone number State of Maine data breach impacts 1.3 million people Credit card skimming on the rise for the holiday shopping season Update now! Microsoft patches 3 actively exploited zero-days Ransomware...
SolarWinds and its CISO accused of misleading investors before major cyberattack
The Securities and Exchange Commission SEC has announced charges against software company SolarWinds Corporation and its chief information security officer CISO, Timothy G. Brown, for “fraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities.” In 202...
A week in security (October 23 – October 29)
Last week on Malwarebytes Labs: Malvertising via Dynamic Search Ads delivers malware bonanza Octo Tempest cybercriminal group is "a growing concern"—Microsoft Update now! Apple patches a raft of vulnerabilities Patch…later? Safari iLeakage bug not fixed Update vCenter Server now! VMWare fixes...
Google Chrome wants to hide your IP address
Google is working out some kinks in the project formerly known as Gnatcatcher, which will now be known under the more descriptive name “IP Protection.” Which means that Chrome is reintroducing a proposal to hide users IP addresses, to make cross-site tracking more difficult. An Internet Protocol ...
A week in security (October 16 - October 22)
Last week on Malwarebytes Labs: Ragnar Locker ransomware group taken down IT administrators' passwords are awful too The hot topics from Europe's largest trade fair for IT security Clever malvertising attack uses Punycode to look like KeePass's official website 3 crucial security steps people...
Clever malvertising attack uses Punycode to look like KeePass’s official website
Threat actors are known for impersonating popular brands in order to trick users. In a recent malvertising campaign, we observed a malicious Google ad for KeePass, the open-source password manager which was extremely deceiving. We previously reported on how brand impersonations are a common...
A week in security (October 2 - October 8)
Last week on Malwarebytes Labs: Multi-factor authentication has proven it works, so what are we waiting for? Amazon Prime email scammer snatches defeat from the jaws of victory 2023 MITRE ATT&CK® Evaluation results: Malwarebytes earns high marks for detection, blocks initial malware executions...
Dependabot impersonators cause trouble on GitHub
GitHub is experiencing issues of the "breached account and malicious code" variety. ITPro reports that unnamed individuals have been compromising accounts and using them to install malware capable of password theft. Its a fairly elaborate scam which even includes imitation of GitHubs popular...
Microsoft AI researchers accidentally exposed terabytes of sensitive data
Warnings about including credentials, keys, and tokens when sharing code on publicly accessible repositories shouldnt be necessary. It should speak for itself that you dont just hand over the keys to your data. But what if a misconfiguration ends in a supposed internal storage account becoming...
3 reasons why your endpoint security is not enough
Despite widespread deployment of endpoint protection solutions, cyberattacks continue to make headlines, affecting organizations of all sizes and sectors. Recent statistics reveal that 70% of companies were impacted by ransomware last year State of Malware Report 2023, Malwarebytes, and 83%...
Supply chain related security risks, and how to protect against them
By definition, a supply chain is the network of all the individuals, organizations, resources, activities and technology involved in the creation and sale of a product. In only a few rare cases does one organization have full control over every step in the entire process. The links in such a supp...
"An influx of Elons," a hospital visit, and magic men: Becky Holmes shares more romance scams: Lock and Code S04E18
Becky Holmes is a big deal online. Hugh Jackman has invited her to dinner. Prince William has told her she has "such a beautiful name." Once, Ricky Gervais simply needed her photos "I want you to take a snap of yourself and then send it to me on here...Send it to me on here!" he messaged on...
Facial recognition tech lands innocent woman with bogus carjacking charge
Detroit law enforcement wrongly arrested a 32 year old woman for a robbery and carjacking she did not commit. She was detained for 11 hours and had her phone taken as evidence before finally being allowed to leave. The reason for the false arrest is down to a facial recognition error, the kind th...
Digital assets continue to be prime target for malvertisers
Cyber-criminals continue to impersonate brands via well-crafted phishing websites. We previously covered attacks on both consumers and businesses via online searches for popular brands leading to scams or malware. Digital assets such as cryptocurrencies or NFTs are highly coveted by threat actors...
Hey, are you REALLY ready to go on vacation? (No, you aren't)
Are you ready for a challenge? A real challenge? Do you laugh in the face of shark cages, scoff at the Marathon des Sables, and waft a dismissive finger in the direction of the Everest ascent? Are you ready to conquer the impossible? If so, then you might be ready for the ultimate challenge--taki...
Amazon in-van delivery driver footage makes its way online
Footage from technology used to monitor Amazon delivery drivers is leaking onto the internet. AI-enabled equipment which keeps an eye on the drivers speed, location, and other activities is part of the growing trend of workplace surveillance. In theory where drivers are concerned it could flag a...
A week in security (July 10 - 16)
Last week on Malwarebytes Labs: Tax preparation firms shared sensitive information with Meta Ransomware making big money through "big game hunting" Malwarebytes stops 100% of Advanced Threats in latest AV-Test assessment From Malvertising to Ransomware: A ThreatDown webinar recap Ransomware revie...
How to secure your business before going on vacation
For many, the summer months should be a time of peace: Maybe taking some vacation, maybe strolling across warm, soft sands as sapphire waves lap up against your feet, maybe even spending time with family that you like. But for determined cybercriminals, these periods of near-universal rest and...
A week in security (July 3 - 9)
Last week on Malwarebytes Labs: How kids pay the price for ransomware attacks on education Solar monitoring systems exposed: Secure your devices Warning issued over vulnerability in cardiac device monitoring software Update Android now! Google patches three actively exploited zero-days Malicious ...
Self-driving cars are a privacy issue, says security expert
Self-driving cars peel off an extra layer from our privacy, says security expert Bruce Schneier. Theoretically, if you know the location of all the closed-circuit television CCTV cameras in a neighborhood, you might be able to move around without one of them ever catching a glimpse of your face...
Brave browser will prevent websites from port scanning visitors
If you use Brave browser, then youre shortly going to find you have a new string added to your security bow. Websites performing port scanning will now be automatically blocked beginning with version 1.54 of the browsing tool. Port scanning, I hear you cry? Yes indeed. You may well not have even...
A week in security (May 29 - June 4)
Last week on Malwarebytes Labs: Barracuda Networks patches zero-day vulnerability in Email Security Gateway CISA issues warning to US businesses: Beware of China's state-sponsored cyber actor Microsoft gives Apple a migraine Financial services company OneMain fined $4.25 million for security laps...
"Beautiful Cookie Consent Banner" WordPress plugin vulnerability: Update now!
WordPress plugins are under fire once more, and youre advised to update your version of Beautiful Cookie Consent Banner as soon as possible. The plugin, which is installed on more than 40,000 sites, has been impacted by a "bizarre campaign" being actively used since at least February 5 of this...
AI generated Pentagon explosion photograph goes viral on Twitter
Twitters recent changes to checkmark verification continue to cause chaos, this time in the realm of potentially dangerous misinformation. A checkmarked account claimed to show images of explosions close to important landmarks like the Pentagon. These images quickly went viral despite being AI...
Google to pay $40m for "deceptive and unfair" location tracking practices
Google is going to pay $39.9 million to Washington State to put to rest a lawsuit about its location tracking practices which has been in play since last year. Google was accused of "misleading consumers" by State Attorney General Bob Ferguson. From the AG press release: Attorney General Bob...
Webinar recap: EDR vs MDR for business success
Did you miss our recent webinar on EDR vs. MDR? Don't worry, we've got you covered! In this blog post, we'll be recapping the highlights and key takeaways from the webinar hosted by Marcin Kleczynski, CEO and co-founder of Malwarebytes, and featuring guest speaker Joseph Blankenship, Vice Preside...
Brightline breach hits at least 964,000 people, US records show
A pediatric behavioral health startup called Brightline informed its customers that their protected health data may have been stolen as part of a separate ransomware attack on a Brightline third-party service provider. "Based on the investigation, we identified a limited amount of protected healt...
Microsoft vs Google spat sees users rolling back security updates to fix browser issues
We like to imagine were in total control of our desktop experience, carefully curated to look and work the way we want it to. However, every so often a story comes along which reminds us how little control we have when the big players notice one another's existence. A recent Windows update really...
A week in security (April 24 -30)
Last week on Malwarebytes Labs: LockBit and Cl0p ransomware gangs actively exploiting Papercut vulnerabilities Update now: Critical flaw in VMWare Fusion and VMWare Workstation Magecart threat actor rolls out convincing modal forms Fileless attacks: How attackers evade traditional AV and how to...
A week in security (April 17 - 23)
Last week on Malwarebytes Labs: Fake Chrome updates spread malware Woman tracks down and turns table on Airbnb scammer Update Chrome now! Google patches actively exploited flaw Beware: Fake IRS tax email wants your Microsoft account Ransomware in Germany, April 2022 - March 2023 Living Off the La...
A week in security (April 3 - 9)
Last week on Malwarebytes Labs: TikTok: Whats going on and should I be worried? Super FabriXss: an RCE vulnerability in Azure Service Fabric Explorer Big changes to Twitter verification: How to spot a verified account New macOS malware steals sensitive info, including a user's entire Keychain...
Visitors of tax return e-file service may have downloaded malware
The IRS-authorized electronic filing service for tax returns, eFile.com, has been caught serving a couple of malicious JavaScript JS files these past few weeks, according to several security researchers and corroborated by BleepingComputer. Note this security incident only concerns eFile.com, not...
A week in security (February 27 - March 5)
Last week on Malwarebytes Labs: Fighting online censorship, or, encryption's latest surprise use-case, with Mallory Knodel: Lock and Code S04E05 How to work from home securely, the NSA way TikTok probed over child privacy practices iPhone users targeted in phone AND data theft campaign US Marshal...
LastPass was undone by an attack on a remote employee
Last August, LastPass suffered a well publicised breach: Developer systems were compromised and source code stolen. This resulted in a second breach in November, which was revealed by LastPass in December. The company has now revealed that the individuals responsible for the attack also compromis...
Four EU telco giants will start asking users if they want personalized targeted ads
They say you can't have too much of a good thing. Unfortunately, this applies to ads, too, whether you think they're a good thing or not. Soon, Europes four biggest telecommunication companies--Germany's Deutsche Telekom DK, France's Orange, Spain's Telefonica, and the UK's Vodafone Group--will...
$800,000 recovered from Business Email Compromise attack
We continue to see the damaging repercussions of business email compromise BEC impacting organisations across the US and elsewhere. The Houston Chronicle reports that law enforcement seized $800,000 from a bank account used for pillaging funds from a construction management company. The attack BE...
Encrypted messaging service eavesdropped on by police, users arrested
After eavesdropping on yet another encrypted messaging service for five months, law enforcement agencies decided to shut down the service that was popular among members of organized crime groups. The service called Exclu claims to use the "most secure encryption protocols", as well as end-to-end...