4707 matches found
Introducing Malwarebytes Mobile Security for Business: How to find malware and stop phishing attacks on smartphones and ChromeOS
Malwarebytes is excited to announce Malwarebytes Mobile Security for Business, which extends our award-winning endpoint protection to mobile devices. Dont get it twisted: mobile devices may be small, but they have huge implications for your security posture. In fact, 73% of organizations...
Microsoft to end direct sale of Windows 10 licenses at the end of January
Windows 10 is slowly coming to an end, with one more way to purchase the operating system riding off into the sunset. Microsoft is posting notices in a variety of locations to confirm it will no longer sell Windows 10 licenses directly. Support remains in place for the time being, as is the usual...
Software provider denied insurance payout after ransomware attack
The Supreme Court of Ohio issued a ruling days before the New Year that a software and service provider shouldn't be covered by insurance against a ransomware attack as it didn't cause direct or physical harm to tangible components of software, as it doesnt have any. "When insurance policy covers...
New streaming ad technology plays hide-and-seek with gamers
A new form of digital advertising is looking to make its way to you courtesy of video gaming. However, theres a rather peculiar twist involved. These ads wont appear in front of you while playing; in fact, theyre designed to trigger when someone else is in-game. The most baffling twist of all?...
Morgan Stanley's years-long "extensive failure" to protect customer data ends in huge fine
On Tuesday, the Securities and Exchange Commission SEC charged financial company Morgan Stanley a $35M fine for "the firm's extensive failures, over five years, to protect the personal identifying information, or PII, of approximately 15 million customers. The company agreed to settle the penalty...
[update] American Airlines suffers data breach after phishing incident
Major airline American Airlines has fallen victim to a data breach after a threat actor got access to the email accounts of several employees via a phishing attack. According to a published notice of a security incident, the data breach was discovered in July 2022. How it happened American Airlin...
Steam account credentials phished in browser-in-a-browser attack
Steam users are once again under threat from a particularly sneaky tactic used to steal account details. As with so many Steam attacks currently, it accommodates for the possibility of users relying on Steam Guard Mobile Authentication for additional protection. It also makes use of a recent...
Ransomware review: August 2022
Malwarebytes Threat Intelligence builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their Dark Web leak sites. This information represents victims who were successfully attacked but opted not to pay a ransom. As expected, LockBit remaine...
Warning issued about Vice Society ransomware targeting the education sector
The Federal Bureau of Investigation FBI, the Cybersecurity and Infrastructure Security Agency CISA, and the Multi-State Information Sharing and Analysis Center MS-ISAC have released a joint Cybersecurity Advisory CSA after observing Vice Society threat actors disproportionately targeting the...
Update now! QNAP warns users DeadBolt is exploiting Photo Station vulnerability
QNAP Quality Network Appliance Provider has warned users to update Photo Station to the latest available version. The warning comes after QNAP detected that cybercriminals known as DeadBolt have been exploiting a Photo Station vulnerability in order to encrypt QNAP NAS systems that are directly...
Chromium browsers can write to the system clipboard without your permission
If you are a user of Google Chrome or any other Chromium-based web browser, then websites may push anything they want to the operating system's clipboard without your permission or any user interaction. This means that by simply visiting a website, the data on your clipboard may be overwritten...
Source code of password manager LastPass stolen by attacker
In a security incident notice from LastPass the company informed the public know that an unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account. There is no evidence that this incident involved any access to customer dat...
Now it's BlenderBot's turn to make shocking, inappropriate, and untrue remarks
Last Friday, Meta unveiled its new BlenderBot 3 AI chatbot, a conversational AI prototype. The company said its chatbot is designed to learn by having natural conversations with people online. It also improves its skills via human feedback. Meta also asserts with confidence that the more the AI...
Wrestling star Mick Foley's Twitter compromised, selling PS5 consoles
One of the biggest wrestling stars around, Mick Foley, had his Twitter account hijacked in an attempt to legitimize a very popular scam. When a well known individual has their social media accounts compromised, disaster looms, as everything from phishing to malware distribution waits in the wings...
Firefox stops advertisers tracking you as you browse, calls itself the most “private and secure major browser”
Cookies are in the news as Mozilla rolls out significant privacy changes for Firefox. The idea is to dramatically lessen the risk of privacy-invading tracking across websites without your knowledge. Tracking cookies have been a hot topic in recent months, as advertisers try switching to other...
How iPhones can run malware even when they’re off
Most people think that turning off their iPhone - or letting the battery die - means that the phone is, well, off. The thing is, this isnt quite true. In reality, most of the phones functionality has ended, but there are components that mindlessly continue a zombie-like existence, for the most pa...
Beware Twitter Messages claiming “Your blue badge Twitter account has been reviewed as spam”
Twitter verification is a two-edged sword. According to Twitter, its supposed to let people know "that an account of public interest is authentic." Thats great, so long as the account is authentic, but what if, one day, it suddenly isnt? An attacker that can wrestle a verified account from its...
Hospitals taken offline after cyberattack
The GHT Coeur Grand Est has become a victim of a cyberattack on the hospital centers of Vitry-le-François and Saint-Dizier. The hospital’s administration has warned French that data have been exfiltrated and might be used for phishing in the future. As a consequence, the GHT Cœur Grand Est has cu...
Why MITRE matters to SMBs
Running a small- to medium-sized business SMB requires expertise in everything, from marketing and sales to management and hiring, but in the ever-expanding list of executive responsibilities, one particular item demands attention: Cybersecurity. Cyberattacks can—and have—shuttered entire...
Filing your taxes? Be wary of help found through search engines
The deadline for filing your taxes in the US is nearly upon us. April 18 is the very last date that you can afford to hand your tax returns in to the IRS. People will naturally gravitate toward all manner of filing tools to get the job done. But it’s worth noting that sites are lurking in search...
Phishers make a date with your calendar apps
Calendars are a rich source of bad behaviour for scammers and spammers. They’re one of the most prolific tools the workplace has for collaborative actions and general cross-purpose messaging. They’ve been misused by bad actors for many years now, most commonly spamming unwary potential victims an...
Satellites are critical infrastructure and need to be cybersecured
In the context of this article we will use the term satellite for a machine that is launched into space and moves around Earth. And there might be a lot more of them than you would expect—this live map tracks a huge number of satellites. Originally most of earth’s satellites were launched for...
TrickBot takes down server infrastructure after months of inactivity
The king of tricks is dead. Long live the new king. Or will it make a comeback? While we already assumed TrickBot was dead in the water, the shutdown of the server infrastructure on February 24, 2022, did not go unnoticed. Is this really the end of one of the most active botnets in the last decad...
Microsoft takes macros out of the equation for five Office apps
Microsoft says it is going to disable macros in five Office apps by default. Besides Excel 4.0 macros, which were disabled by default last month, now VBA macros obtained from the Internet will be blocked by default as well. The change will begin rolling out in Version 2203, starting with Current...
A week in security (January 17 – 23)
Last week on Malwarebytes Labs: CISA calls for urgent action against critical threats Red Cross begs attackers to “Do the right thing” after family reunion service compromised Update now! Chrome patches critical RCE vulnerability in Safe Browsing Combatting SMS and phone fraud: UK government issu...
Open Subtitles breach: The dangers of password reuse
Popular website Open Subtitles has been breached. The impact so far: almost seven million accounts “breached and ransomed” back in August. New breach: Open Subtitles had almost 7M accounts breached and ransomed in Aug. Data included email and IP addresses, usernames and unsalted MD5 password...
Browsers on iOS, iPadOS and Mac leak your browsing activity and personal identifiers
Researchers at FingerprintJS, a Chicago-based firm that specializes in online fraud prevention, have published a software bug introduced in Safari 15’s implementation of the IndexedDB API that lets any website track your internet activity and may even reveal your identity. They found that in Safa...
Grindr fined for selling user data to advertisers
Dating network Grindr has been slapped with a US$7.7 million fine by Norwegian regulator Datatilsynet for sharing data with advertisers. Grindr—which call itself the worlds largest social networking app for gay, bi, trans, and queer people—sold data which includes GPS, IP address, age, and gender...
Kronos crippled by ransomware, service may be out for weeks
Human resources platform provider UKG has put out a statement saying its fallen prey to ransomware that has disrupted the Kronos Private Cloud. It expects the service to be out for several weeks. The statement came after the company posted a message on the Kronos community message board, explaini...
Watch out for the Steam skin “free knife” scam
Have you ever had someone run up to you in the street and insist you take their free knife? I hope not, because that’s a good way to wind up in a 60-minute police procedural drama. In video game land, however, anything goes. A certain type of scam is showing signs of activity at the moment and it...
Boomerang spam bombs Malwarebytes forum—not a smart move
Tech support scammers are generally not the best and brightest. As such, they will occasionally post ads for their fake companies in the comment sections here or on the Malwarebytes forums. Last week, however, scammers struggled with configuring their spambots, resulting in spam bombs on the foru...
Tech support scammers make browser lockers more resilient
Tech support scammers have been relying on fraudulent pop-ups for many years in order to scare potential victims into calling for remote assistance. These so-called browser lockers or browlocks typically originate from malicious ads malvertising that can appear on any website, including trusted...
WinRAR flaw could allow attackers to take control of your computer
Rarlab has released a new version of the popular WinRAR tool to patch a vulnerability that can be abused in remote code execution attacks. The issue is fixed in WinRAR 7.23, but users must install the new version manually because WinRAR still does not offer automatic updates. They also need to ma...
This pay gap is programmed (Lock and Code S07E13)
This week on the Lock and Code podcast… Pay is personal for plenty of Americans, but a new distribution model that consumes vast quantities of worker data is turning pay into something else: personalized. For an increasing number of workers in America, the money they can expect to be paid on any...
Malware steals Chrome session cookies to take over your accounts
An email attachment leads to the installation of a malicious Chrome extension. Researchers say it is part of a Windows backdoor delivered via a phishing email. The malware abuses Chrome Native Messaging to move control from the browser into the host system. Its most notable trick isn't the phishi...
Hackers steal passport and driver’s license data of 3 million Texans
You can change a password and cancel a card. But replacing a passport or driver's license number every time someone leaves yours unsecured in a vendor database isn't so easy. More than three million Texans are facing that problem after a data breach involving a vendor used by the Texas Parks and...
Nearly 15,000 infected websites cleaned in SocGholish crackdown
We’re always happy to end the week with some positive news. A law enforcement action called Operation Endgame just delivered a major win against the long‑running SocGholish aka FakeUpdates operation. SocGholish is a malware framework that has been active since at least 2017 and is best known for...
Malwarebytes earns AV-TEST Top Product award, aces other third-party tests
Our job is to protect people from online threats, and independent testing is one of the best ways to measure how well we’re doing. Malwarebytes nabbed AV-TEST's Top Product award after scoring 17.5 points out of a possible 18 in the research organization's most recent Windows security test. The...
Cardiac patients’ medical data stolen and held to ransom
Cardiac monitoring provider iRhythm has been hit by a data theft followed by an extortion attempt. In a filing with the Securities and Exchange Commission SEC, iRhythm revealed it was contacted by someone on June 9 who claimed to have stolen sensitive information, including proprietary data,...
Texas sued Netflix over claims it secretly collected and sold users’ data
Attorney General AG of Texas Ken Paxton announced that he sued Netflix for spying on Texans, including children, and collecting users’ data without their knowledge or consent. The suit alleges Netflix secretly tracks and monetizes detailed viewing behavior of users, including children, while...
A week in security (May 4 – May 10)
Last week on Malwarebytes Labs: Microsoft says Edge’s plaintext password behavior is "by design" ShinyHunters escalates Canvas attacks with school login defacements Massive AI investment scam network spans 15,500 domains If a fake moustache can fool age checks, is the Online Safety Act working?...
Update WhatsApp now: Two new flaws could expose you to malicious files
Meta has published a new security advisory for messaging app WhatsApp, announcing patches for two vulnerabilities. WhatsApp has fixed two security flaws that could be abused to interfere with how media and attachments are handled on your device. There is no evidence that either bug has been...
Hackers stole hundreds of thousands of Roblox accounts: Here’s what to do
More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child's among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date. Between October 2025 and January 2026, the hacking group is sa...
Roblox clamps down on chats and age checks as legal pressure builds
Roblox has long faced criticism over child safety on its platform. Now it has started settling with state attorneys over the issue, and the total is climbing fast. On April 21, Alabama Attorney General Steve Marshall announced a $12.2 million settlement with the child-focused online gaming...
Mythos: An AI tool too powerful for public release
Anthropic’s most capable model to date, Claude Mythos Preview aka Mythos, has been described as a “step change” in AI performance, especially on cybersecurity tasks. Anthropic tried to keep Mythos a secret until a few weeks ago, when a data leak revealed the existence of what the company said was...
April Patch Tuesday fixes two zero-days, including one under active attack
This month’s patch Tuesday looks to remediate 167 security vulnerabilities including two zero-day vulnerabilities, one of which is known to be actively exploited in the wild. This makes April one of those months where “Patch Tuesday” looks more like “patch the entire stack,” from servers and...
Omnistealer uses the blockchain to steal everything it can
A new infostealer dubbed Omnistealer is turning the blockchain into a permanent malware hosting platform, which is bad news for both companies and everyday users. It’s pretty common for malware to store its payload on a public platform, ideally one that adds some trustworthiness to the download...
Simply opening a PDF could trigger this Adobe Reader zero-day
Opening the wrong PDF in Adobe Reader was enough to let criminals quietly spy on your computer and unleash more attacks, even though everything looked normal. A researcher analyzed a malicious PDF and found that it abused a previously unknown flaw a “zero‑day” in Adobe Acrobat Reader. When a vict...
Wikipedia’s AI agent row likely just the beginning of the bot-ocalypse
The Internet is filled with people who insist on being right. In the past, at least they could be reasonably sure that they were arguing with other humans. Those days are gone, apparently. Wikipedia just had to ban an AI that was making edits on its own. Apparently, the AI took it personally. The...
Researchers found font-rendering trick to hide malicious commands
Researchers have published a proof-of-concept PoC that uses custom fonts to fool many popular Artificial Intelligence AI assistants, including ChatGPT, Claude, Copilot, Gemini, Leo, Grok, Perplexity, Sigma, Dia, Fellou, and Genspark. Imagine a book where the visible text is harmless, but hidden...