Lucene search
K
MalwarebytesMost viewed

4706 matches found

Malwarebytes
Malwarebytes
added 2018/03/02 7:26 p.m.117 views

Massive DDoS attack washes over GitHub

There's been some huge DDoS distributed denial of service attacks over the years, but we've been…lucky?…enough to witness the latest raising of the stakes in the last couple of days. GitHub, an incredibly important code resource for major organisations around the world, fell victim to a colossal...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/12/07 12:0 p.m.116 views

Update now! Google patches Android vulnerability that allows remote code execution over Bluetooth

In the Android security bulletin of December 5, 2022 you can find an overview of the security vulnerabilities affecting Android devices that are fixed in patch level 2022-12-05 or later. The most severe of these issues is a critical security vulnerability in the System component that could lead t...

8.3AI score0.08854EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2022/10/19 7:0 p.m.116 views

Why Log4Text is not another Log4Shell

The Apache Software Foundation has acknowledged a vulnerability in Apache Commons Text, a library focused on algorithms for string manipulation. The vulnerability has been assigned CVE-2022- 42889, but security researchers have dubbed it Log4Text. The name provides an immediate association with...

9.1AI score0.99931EPSS
Exploits41
Malwarebytes
Malwarebytes
added 2019/06/26 6:30 p.m.116 views

GreenFlash Sundown exploit kit expands via large malvertising campaign

Exploit kit activity has been relatively quiet for some time, with the occasional malvertising campaign reminding us that drive-by downloads are still a threat. However, during the past few days we noticed a spike in our telemetry for what appeared to be a new exploit kit. Upon closer inspection ...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/05/17 3:59 p.m.116 views

4 lessons to be learned from the DOE’s DDoS attack

Analysts, researchers, industry professionals, and pundits alike have all posited the dangers of the next-generation “smart grid,” particularly when it comes to cybersecurity. They warn that without the right measures in place, unscrupulous parties could essentially wreak havoc on the bulk of...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/12/07 12:7 p.m.115 views

Android phones can be taken over remotely – update when you can

Android phones are vulnerable to attacks that could allow someone to takeover a device remotely without the device owner needing to do anything. Updates for these vulnerabilities and more are included in Googles Android security bulletin for December. In total, there are patches for 94...

5.8CVSS8.4AI score0.1308EPSS
Exploits1
Malwarebytes
Malwarebytes
added 2023/01/17 7:0 a.m.115 views

Update now! Proof of concept code to be released for Zoho ManageEngine vulnerability

Users of multiple Zoho ManageEngine products are under urgent advice to install the patch issued October 27, 2022. The advice is urgent because on January 13, 2023 the Horizon3 Attack Team tweeted that Proof of Concept PoC code and a deep-dive blog will be released within a week. Mitigation A lon...

9.6AI score0.9994EPSS
Exploits20
Malwarebytes
Malwarebytes
added 2022/03/15 9:28 p.m.115 views

Update now! Apple fixes several serious vulnerabilities in iOS and macOS

Apple has released patches for macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4. In these security updates, released on March 14, 2022, Apple tackles 39 vulnerabilities, several of which could allow an attacker to execute arbitrary code on an affected device. One of the vulnerabilities can be...

9AI score0.01272EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2021/08/18 5:33 p.m.115 views

Cars and hospital equipment running Blackberry QNX may be affected by BadAlloc vulnerability

Following an announcement by Blackberry the U.S. Food & Drug Administration FDA and the Cybersecurity & Infrastructure Security Agency CISA have put out alerts that vulnerabilities found in the Blackberry QNX real-time operating system RTOS may introduce risks for certain medical devices...

6.8CVSS0.4AI score0.018EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2019/02/26 4:0 p.m.115 views

New Golang brute forcer discovered amid rise in e-commerce attacks

E-commerce websites continue to be targeted by online criminals looking to steal personal and payment information directly from unaware shoppers. Recently, attacks have been conducted via skimmer, which is a piece of code that is either directly injected into a hacked site or referenced externall...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/04/20 3:19 p.m.114 views

The fake Elon Musk Bitcoin giveaway marathon will NOT make you rich

Today we look at a fakeout which begins with Elon Musk, and ends with a trip to Mars or, if youre really lucky, the Sun. One of the most annoying “features” of Twitter is being added to lists without permission. Its a theoretically useful way to keep track of certain topics. It’s often also used...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/03/09 7:35 p.m.114 views

FormBook spam campaign targets citizens of Ukraine️

Our Threat Intelligence team has been closely monitoring cyber threats related to the war in Ukraine. Today, we discovered a malicious spam campaign dropping the Formbook stealer specifically targeting Ukrainians. Formbook is part of a long-running malspam operation that we observe on a regular...

9.3CVSS0.7AI score0.99945EPSS
Exploits33
Malwarebytes
Malwarebytes
added 2022/08/03 1:27 p.m.113 views

Update now! VMWare patches critical vulnerabilities in several products

In a new critical security advisory, VMSA-2022-0021, VMWare describes multiple vulnerabilities in several of its products, one of which has a CVSS score of 9.8. Exploiting these vulnerabilities would enable a threat actor with network access to bypass authentication and execute code remotely...

9.5AI score0.18994EPSS
Exploits6
Malwarebytes
Malwarebytes
added 2019/08/14 1:0 p.m.113 views

Trojans, ransomware dominate 2018–2019 education threat landscape

Heading into the new school year, we know educational institutions have a lot to worry about. Teacher assignments. Syllabus development. Gathering supplies. Readying classrooms. But one issue should be worrying school administrators and boards of education more than most: securing their networks...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/07/17 2:17 p.m.113 views

Compromising vital infrastructure: problems in education security continue

The educational system and many of its elements are targets for cybercriminals on a regular basis. While education is a fundamental human right recognized by the United Nations, the financial means of many schools and other entities in the global educational system are often limited. These limite...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/06/18 5:17 p.m.113 views

Smart cities, difficult choices: privacy and security on the grid

All is not well in the land of smart city planning, as the latest major planned development from Google's sister company Sidewalk Labs continues to run into problems in Toronto, Canada. A groundswell of support? Building a city “From the ground up” is apparently no longer a thing: at least some...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/02/01 3:22 p.m.112 views

Samba patches critical vulnerability that allows remote code execution as root

Samba developers have patched a vulnerability that allows remote attackers to execute arbitrary code as root on affected Samba installations that use the VFS module vfsfruit. Samba is a free software re-implementation of the SMB networking protocol that provides file and print services for variou...

8.2AI score0.7372EPSS
Exploits1
Malwarebytes
Malwarebytes
added 2021/06/28 2:30 p.m.112 views

Is it game over for VR advergaming?

We’ve been warning about advergaming—the combination of virtual reality VR and ads—for years on the Labs Blog. I’ve given a few talks on the subject too, and how ad networks will slowly work their way into enclosed spaces formerly reserved for your head. They still might, but thanks to a recent...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/09/03 3:15 p.m.112 views

New social engineering toolkit draws inspiration from previous web campaigns

Some of the most common web threats we track have a social engineering component. Perhaps the more popular ones are those encountered via malvertising, or hacked websites that push fraudulent updates. We recently identified a website compromise with a scheme we had not seen before; it's part of a...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/06/24 4:29 p.m.112 views

A week in security (June 17 – 23)

Last week on the Malwarebytes Labs blog, we took a look at the growing pains of smart cities, took a deep dive into AI, jammed along to Radiohead, and looked at the lessons learned from Chernobyl in relation to critical infrastructure. We also explored a new Steam phish attack, and pulled apart a...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/06/12 4:3 p.m.112 views

MegaCortex continues trend of targeted ransomware attacks

MegaCortex is a relatively new ransomware family that continues the 2019 trend of threat actors developing ransomware specifically for targeted attacks on enterprises. While GandCrab apparently shut its doors, several other bespoke, artisanal ransomware families have taken its place, including...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/09/04 5:0 p.m.112 views

A week in security (August 28 – September 3)

Last week, we looked at what actions Kronos can perform in the final installment of a 2-part post. We also dived into Locky, again, a ransomware that just made a comeback, and found that its latest variant as of this writing has anti-sandboxing capabilities. This means that once Locky has...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/11/03 1:35 a.m.111 views

This Steam phish baits you with free Discord Nitro

Weeks ago, we talked about the one effective lure that could get a Discord user to consider clicking on a scam link they were generously given, either by a random user or a legitimate contact who also happened to have fallen for the same ploy: free Discord Nitro subscriptions. And similar to how...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/08 12:57 p.m.111 views

Zoom zero-day discovery makes calls safer, hackers $200,000 richer

Two Dutch white-hat security specialists entered the annual computer hacking contest Pwn2Own, managed to find a Remote Code Execution RCE flaw in Zoom and are $200,000 USD better off than they were before. Pwn2Own Pwn2Own is a high profile event organized by the Zero Day Initiative that challenge...

7.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/02/18 4:0 p.m.111 views

Crack hunting: not all it’s cracked up to be

People sometimes ask us in the forums if a keygen or software crack is safe to use. Sometimes, these programs do what they say on the tin. Other times, they’re not what they say they are. In this post, I’ll describe what happened when I went crack hunting, and why it is often unsafe to carry out...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/08/23 7:4 p.m.111 views

4 steps for improving employee trust while securing them

Earlier this month we held our quarterly Cybercrime Tactics and Techniques Q2 2017 webinar. This event gave thousands of security practitioners and leaders a chance to learn about the latest analysis of threats Malwarebytes Labs has seen around the globe. In case you missed it, you can watch an...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/10 4:0 a.m.110 views

MOVEit Transfer fixes three new vulnerabilities

The Cybersecurity and Infrastructure Security Agency CISA has warned about three new vulnerabilities in Progress Software's MOVEit software. A cybercriminal could exploit some of these vulnerabilities to obtain sensitive information. In the advisory, CISA encouraged users to review Progress MOVEi...

6.4CVSS8.2AI score0.95EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2022/05/11 2:36 p.m.110 views

Update now! Microsoft releases patches, including one for actively exploited zero-day

Microsoft has released patches for 74 security problems, including fixes for seven “critical” vulnerabilities, and an actively exploited zero-day vulnerability that affects all supported versions of Windows. First, well look at the actively exploited zero-day. Then well discuss two zero-days that...

9.3CVSS2AI score0.80933EPSS
Exploits3
Malwarebytes
Malwarebytes
added 2021/09/22 11:27 a.m.110 views

Patch vCenter Server “right now”, VMWare expects CVE-2021-22005 exploitation within minutes of disclosure

VMware is urging users of vCenter server to patch no fewer than 19 problems affecting its products. These updates fix a variety of security vulnerabilities, but and one of them is particularly nasty. That would be CVE-2021-22005, a critical file upload vulnerability with a CVSS score of 9.8 out o...

7.5CVSS9.2AI score0.99999EPSS
Exploits11
Malwarebytes
Malwarebytes
added 2021/05/31 6:15 p.m.110 views

Revisiting the NSIS-based crypter

This blog post was authored by hasherezade NSIS Nullsoft Scriptable Install System is a framework dedicated to creating software installers. It allows to bundle various elements of an application together i.e. the main executable, used DLLs, configs, along with a script that controls where are th...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/06/04 3:0 p.m.110 views

New LNK attack tied to Higaisa APT discovered

This post was authored by Hossein Jazi and Jérôme Segura On May 29th, we identified an attack that we believe is part of a new campaign from an Advanced Persistent Threat actor known as Higaisa. The Higaisa APT is believed to be tied to the Korean peninsula, and was first disclosed by Tencent...

Exploits0
Malwarebytes
Malwarebytes
added 2019/07/24 6:9 p.m.110 views

A deep dive into Phobos ransomware

Phobos ransomware appeared at the beginning of 2019. It has been noted that this new strain of ransomware is strongly based on the previously known family: Dharma a.k.a. CrySis, and probably distributed by the same group as Dharma. While attribution is by no means conclusive, you can read more...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/06/17 5:9 p.m.110 views

A week in security (June 10 – 16)

Last week on Malwarebytes Labs, we revealed to readers the mindset of security pros as to why they lack confidence in their ability to prevent their organizations getting breached. We also reported on Maine Governor Janet Mills implementing the state’s own privacy protections, how Apple can bette...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/10/13 3:41 p.m.109 views

Patch now! Microsoft fixes 71 Windows vulnerabilities in October Patch Tuesday

Yesterday we told you about Apple’s latest patches. Today we turn to Microsoft and its Patch Tuesday. Microsoft tends to provide a lot of information around its patches and, so, theres a lot to digest and piece together to give you an overview of the most important ones. In total, Microsoft has...

6.8CVSS8.9AI score0.73381EPSS
Exploits11
Malwarebytes
Malwarebytes
added 2020/01/17 6:58 p.m.109 views

Business in the front, party in the back: backdoors in elastic servers expose private data

It seems like every day we read another article about a data breach or leak of cloud storage exposing millions of users' data. The unfortunate truth is that the majority of these leaks require no actual "hacking" on the part of the attacker. Most of the time, this highly confidential data is just...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/12/26 7:15 p.m.109 views

Assessing the security of a portable router: a look inside its hardware, part deux

In part two of our blog assessing the security of a portable router, we will acquire the tools and equipment to make a copy of the firmware on our target router so that we can assess the full firmware. Sometimes, the manufacturer has an updated firmware that is available on their website. It coul...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/08/10 1:0 a.m.108 views

August Patch Tuesday stops actively exploited attack chain and more

Augusts Patch Tuesday is a lot quieter than it was last month, when Microsoft patched a whopping 130 vulnerabilities. That number went down to 87 this month but it does include two actively exploited vulnerabilities. Lets start by looking at those two: CVE-2023-38180 CVSS score 7.5 out of 10: a...

7.5CVSS7.9AI score0.98998EPSS
Exploits3
Malwarebytes
Malwarebytes
added 2023/04/05 5:0 a.m.108 views

Update Android now! Google patches three important vulnerabilities

In the April 2023 Android security bulletin, Google announced security updates which include fixes for two critical remote code execution RCE vulnerabilities and one vulnerability that has been exploited in the wild. The vulnerabilities are impacting Android systems running versions 11, 12, 12L,...

9.5AI score0.12588EPSS
Exploits4
Malwarebytes
Malwarebytes
added 2022/07/21 9:57 a.m.108 views

Vulnerabilities in GPS tracker could have “life-threatening” implications

Researchers at BitSight have discovered six vulnerabilities in the MiCODUS MV720 GPS tracker, a popular vehicle tracking device. The vulnerabilities are severe enough for the Cybersecurity & Infrastructure Security Agency CISA to publish a Security Advisory titled ICSA-22-200-01: MiCODUS MV720 GP...

4.6CVSS8.1AI score0.41683EPSS
Exploits4
Malwarebytes
Malwarebytes
added 2021/05/04 5:8 p.m.108 views

Spectre attacks come back from the dead

Spectre is the name for a whole class of vulnerabilities discovered in January 2018 that affected huge numbers of modern computer processors that rely on a performance feature called speculative execution. Since then, some of the world’s most talented computer scientists from industry and academi...

0.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/06/12 4:42 p.m.108 views

Apple iOS 13 will better protect user privacy, but more could be done

Last week, Apple introduced several new privacy features to its latest mobile operating system, iOS 13. The Internet, predictably, expressed doubt, questioning Apple’s oversized influence, its exclusive pricing model that puts privacy out of reach for anyone who can’t drop hundreds of dollars on ...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/02/06 5:16 p.m.108 views

New critical vulnerability discovered in open-source office suites

A great number of attack techniques these days are using Microsoft Office documents to distribute malware. In recent years, there has been serious development on document exploit kit builders, not to mention the myriad of tricks that red-teamers have come up with to bypass security solutions. In...

0.7AI score0.67321EPSS
Exploits10
Malwarebytes
Malwarebytes
added 2022/06/27 9:54 a.m.107 views

CISA Log4Shell warning: Patch VMware Horizon installations immediately

CISA and the United States Coast Guard Cyber Command CGCYBER are warning that the threat of Log4Shell hasnt gone away. Its being actively exploited and used to target organisations using VMware Horizon and Unified Access Gateway servers. Log4Shell: what is it? Log4Shell was a zero-day vulnerabili...

9.3CVSS0.2AI score0.99999EPSS
Exploits354
Malwarebytes
Malwarebytes
added 2018/07/09 3:0 p.m.107 views

Everybody and their mother is blocking ads, so why aren’t you?

This post may ruffle a few feathers. But we’re not here to offer advice to publishers on how to best generate revenue for their brand. Rather, we’re here to offer the best advice on how to maintain a safe and secure environment. If you’re not blocking advertisements on your PC and mobile device,...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/05/28 10:18 a.m.106 views

Fake ChatGPT download site infects Windows and Mac users with malware

A convincing fake website is impersonating OpenAI’s ChatGPT download page and infecting visitors with malware designed to steal passwords, browser data, cryptocurrency wallets, and other sensitive information. The site, openew.app, closely mimics OpenAI’s real ChatGPT download experience and offe...

5.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/20 2:0 a.m.106 views

GoAnywhere zero-day opened door to Clop ransomware

A semi-active ransomware group has claimed it is behind a string of attacks which have taken advantage of a zero-day vulnerability in GoAywhere MFT. The Russian-linked Clop ransomware group says it was able to remotely attack private systems using exposed GoAnywhere MFT administration consoles...

0.3AI score0.99999EPSS
Exploits12
Malwarebytes
Malwarebytes
added 2021/09/22 7:16 p.m.106 views

MSHTML attack targets Russian state rocket centre and interior ministry

Malwarebytes has reason to believe that the MSHTML vulnerability listed under CVE-2021-40444 is being used to target Russian entities. The Malwarebytes Intelligence team has intercepted email attachments that are specifically targeting Russian organizations. The first template we found is designe...

6.8CVSS0.96843EPSS
Exploits38
Malwarebytes
Malwarebytes
added 2019/06/05 7:21 p.m.106 views

Malwarebytes Labs wins best cybersecurity vendor blog at InfoSec’s European Security Blogger Awards

Infosec Europe is now well underway, and last night was the annual EU Security Blogger Awards, where InfoSecurity Magazine: …recognises the best blogs in the industry as first nominated by peers and then judged by a panel of mostly respected industry experts. Malwarebytes Labs was announced as...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/03/08 4:0 p.m.106 views

Zombie email rises from grave after eight years of radio silence

In a novel twist on “What happens to our accounts when we die,” we have “what happens to our abandoned accounts while we're still alive”. In this case, UK ISP TalkTalk kept an old customer’s email account alive some eight years after she closed it—which left it wide open for takeover by spammers...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/10/31 5:27 p.m.106 views

Tomorrowland festival goers affected by data breach

Tomorrowland, a major international music festival, has revealed a data breach potentially affecting around 60,000 attendees. This one is a little different though, as the data accessed without permission isn't recent. In fact, it dates back four years to an event long since come and gone...

0.1AI score
Exploits0
Total number of security vulnerabilities4706