4706 matches found
Data theft forum admins busted after flashing their cash in a life of luxury
Two men without a clear source of income landed cyberfraud charges after being so flash with their ill-gotten cash that it gained the attention of the authorities. In 2022, Russian national Pavel Kublitskii and Kazakhstan national Alexandr Khodyrev arrived in Florida and requested asylum, which w...
Stolen data from scraping service National Public Data leaked online
Cybercriminals are offering a large database for sale that may include your data without you even being aware of its existence. The stolen data comes from a data scraping service trading under the name “National Public Data” which was allegedly breached by a cybercriminal group by the name of...
A week in security (July 29 – August 4)
Last week on Malwarebytes Labs: Threat actor impersonates Google via fake ad for Authenticator Scammers are impersonating cryptocurrency exchanges, FBI warns Meta to pay $1.4 billion over unauthorized facial recognition image capture Apple fixes Siri vulnerabilities that could have allowed...
Threat actor impersonates Google via fake ad for Authenticator
We have previously reported on the brand impersonation issue with Google ads: users who search for popular keywords are shown malicious ads that purport to be from an official vendor. Not only does this trick innocent victims into downloading malware or losing their data to phishing sites, it als...
US senators ask FTC to investigate car makers’ privacy practices
An ongoing US Senate investigation indicated that connected car makers violate consumer privacy by sharing and selling drivers’ data, including their location, on a vast scale, and that the same car makers often obtain consumer consent through deception. Based on this investigation, senators have...
Google admits it can’t quite quit third-party cookies
For more than a year, Google has said it would phase out the third-party tracking cookies that power much of its advertising business online, proposing new ideas that would allegedly preserve user privacy while still providing businesses with steady revenue streams. This week, Google tossed much ...
Heritage Foundation data breach containing personal data is available online
The Heritage Foundation this month denied that it had suffered an earlier system breach and the subsequent leaking of internal data. But the organization had to admit that cybercriminals gained access to an archive of Heritages affiliated media site, The Daily Signal, dating back to 2022. That...
Number of data breach victims goes up 1,000%
Nope, that headlines not a typo. Over one thousand percent. The Identity Theft Resource Center ITRC tracked 1,041,312,601 data breach victims in Q2 2024, an increase of 1,170% over Q2 2023 81,958,874 victims. The ITRC is a national non-profit organization set up with the goal of minimizing the ri...
“Nearly all” AT&T customers had phone records stolen in new data breach disclosure
In a déjà -vu nightmare, US phone giant AT&T has notified customers that cybercriminals managed to download phone call and text message records of "nearly all of AT&T cellular customers from May 1, 2022 to October 31, 2022 as well as on January 2, 2023". In a filing with the Securities and Exchang...
Ticketmaster says stolen Taylor Swift Eras Tour tickets are useless
While cybercriminals are offering free tickets to Taylor Swift Eras Tour and other events, Ticketmaster is telling would-be purchasers that these tickets will prove to be worthless. Those who have claimed responsibility for the Ticketmaster data breach say they’ve stolen 440,000 tickets for Taylo...
Prudential Financial data breach impacts 2.5 million people, not 36,000 as first thought
In February 2024, Prudential Financial reported it had fallen victim to a ransomware attack. The attack was discovered one day after it started, but not before some 2.5 million people had been impacted by the resulting data breach. As one of the largest insurance companies in the US, Prudential...
[updated] Federal Reserve “breached” data may actually belong to Evolve Bank
A shockwave went through the financial world when ransomware group LockBit claimed to have breached the US Federal Reserve, the central banking system of the United States. On LockBits dark web leak site, the group threatened to release over 30 TB of banking information containing Americans banki...
First million breached Ticketmaster records released for free
The cybercriminal acting under the name "Sp1d3r" gave away the first 1 million records that are part of the data set that they claimed to have stolen from Ticketmaster/Live Nation. The files were released without a price, for free. When Malwarebytes Labs first learned about this data breach, it...
“Substantial proportion” of Americans may have had health and personal data stolen in Change Healthcare breach
UnitedHealth Group has given an update on the February cyberattack on Change Healthcare, one of its subsidiaries. In the update, the company revealed the scale of the breach, saying: “Based on initial targeted data sampling to date, the company has found files containing protected health...
ALPHV ransomware gang fakes own death, fools no one
For the second time in only four months, all is not well on the ALPHV aka BlackCat ransomware gangs dark web site. Gone are the lists of compromised victims. In their place, a veritable garden of law enforcement badges has sprouted beneath the ominous message "THIS WEBSITE HAS BEEN SEIZED." The...
If only you had to worry about malware, with Jason Haddix: Lock and Code S05E04
Today on the Lock and Code podcast… If your IT and security teams think malware is bad, wait until they learn about everything else. In 2024, the modern cyberattack is a segmented, prolonged, and professional effort, in which specialists create strictly financial alliances to plant malware on...
Deepfake Taylor Swift images circulate online, politicians call for laws to ban deepfake creation
Deepfake images of Taylor Swift have really made some serious waves. Explicit images of the popstar, generated by Artificial Intelligence AI were posted on social media and Telegram. The images were viewed millions of times. The impact of the deepfake was enormous. Social media platform X formerl...
Healthcare giant Norton breach leads to theft of millions of patient records
Healthcare company Norton says a May breach led to the theft of data of around 2.5 million of its patients, as well as employees and their dependents. Norton has more than 40 clinics and hospitals in and around Louisville, Kentucky. In a filing with Maine’s attorney general on Friday, Norton said...
Cyberattack hits 5 hospitals
Canadian health service provider TransForm has published an update about the cyberattack at its member hospitals. TransForm is a not-for-profit, shared service organization founded by the five hospitals in Erie St. Clair to manage their hospital IT, supply chain, and accounts payable needs. The...
Hong Kong residents targeted in malvertising campaigns for WhatsApp, Telegram
Malvertising is a powerful malware or scam delivery mechanism that makes it easy to target specific geographies or even users. A recent article from the South China Morning Post discussed an increase in malicious webpages for the popular WhatsApp communication tool, driven via malicious Google ad...
The hot topics from Europe’s largest trade fair for IT security
IT-SA Expo & Congress claims to be Europes largest trade fair for IT security. And it really covers a wide range of security and security-related products and services. The event takes place in Nuremberg, Germany and provides an opportunity for vendors to show themselves to the public, create new...
[updated] 23andMe user data stolen, offered for sale
Information belonging to as many as seven million 23andMe customers has been put up for sale on criminal forums following a credential stuffing attack against the genomics company. On Friday October 6, 2023, 23andMe confirmed via a somewhat opaque blog post that threat actors had "obtained...
FBI warns of multiple ransomware attacks on same victim
The Federal Bureau of Investigation FBI has released a notification that highlights two trends emerging across the ransomware environment. The trends the FBI says it's noticed since July 2023 are: Multiple ransomware attacks on the same victim in close date proximity. New data destruction tactics...
Involved in a data breach? Here’s what you need to know
If you've received a message from a company saying your data has been caught up in a breach, you might be unsure what to do next. We've put together some tips which should help you when the more or less inevitable happens. 1. Check the companys advice Every breach is different, so check the...
DoppelPaymer ransomware group suspects identified
The German police in cooperation with the US Secret Service have executed search warrants against suspected members of the DoppelPaymer ransomware group in Germany and Ukraine. In March of 2023, we reported how the German Regional Police and the Ukrainian National Police, with support from Europo...
Malwarebytes wins every Q2 MRG Effitas award & scores 100% on new phishing test
MRG Effitas, a world leader in independent IT research, published their anti-malware efficacy assessment results for Q2 2023. Malwarebytes Endpoint Protection EP achieved the highest possible score 100% and received certifications for Level 1, Exploit, Online Banking, and Ransomware. These result...
A week in security (September 4 - September 10)
Last week on Malwarebytes Labs: Supply chain related security risks, and how to protect against them Password-stealing Chrome extension smuggled on to Web Store Smart chastity device exposes sensitive user data X wants your biometric data Mac users targeted in new malvertising campaign delivering...
How “EDR Extra Strength” simplifies traditional EDR complexity
Traditional Endpoint Detection and Response EDR today has a three-fold complexity problem--with big consequences. First, complexity in EDR deployment causes long delays, directly impacting ROI and leaving organizations vulnerable to breaches. In fact, almost 10 percent of small security teams cit...
Victim records deleted after spyware vendor compromised
Anonymous hackers have breached the servers of spyware app "WebDetetive", accessing the user database. However, this doesnt appear to be a typical compromise along the lines of stealing the data, according to Tech Crunch. Instead, its part of a slow move toward "spying" apps being attacked and...
A week in security (August 14 - August 20)
Last week on Malwarebytes Labs: Attackers demand ransoms for stolen LinkedIn accounts Patch now! Citrix Sharefile joins the list of actively exploited file sharing software Exchange Server security updates updated Catching up with WoofLocker, the most elaborate traffic redirection scheme to tech...
How to protect your child's identity
As we have mentioned before, identity theft is a serious problem, especially when it affects children. Identity thieves love preying on minors, simply because it usually takes longer before the theft is noticed. A persons identity represents a certain value. If it is stolen and abused, it can cau...
Ransomware groups claim responsibility for double-attack on Yamaha
Music giant Yamahas Canadian division has experienced a compromise on two different fronts, both related to ransomware. In an attack which has worrying echoes of the recent Estee Lauder attack, multiple attackers have claimed to breach the organisation. Yamaha Canada Music had the following to sa...
Accidental VirusTotal upload is a valuable reminder to double check what you share
A document accidentally uploaded to Googles VirusTotal service has resulted in the potential exposure of defence and intelligence agency names and email addresses. The service, used to scan files for signs of potential malicious activity, is used by security professionals and folks just intereste...
LockBit ransomware advisory from CISA provides interesting insights
The US Cybersecurity and Infrastructure Security Agency CISA, Federal Bureau of Investigation FBI, Multi-State Information Sharing and Analysis Center MS-ISAC, and the cybersecurity authorities of Australia, Canada, United Kingdom, Germany, France, and New Zealand CERT NZ, NCSC-NZ have all...
A week in security (May 22-28)
Last week on Malwarebytes Labs: Update now: 9 vulnerabilities impact Cisco Small Business Series ChatGPT: Cybersecurity friend or foe? Webinar recap: EDR vs MDR for business success Identity crisis: How an anti-porn crusade could jam the Internet, featuring Alec Muffett: Lock and Code S04E11...
Windows 11 is showing its first signs of Rust
Some important changes are heading to Windows which should make the operating system quite a bit more secure than it is now. At the end of April, Microsofts VP of OS Security and Enterprise referenced upcoming changes to Windows involving the programming language Rust. Rust matches the performanc...
Google and Apple cooperate to address unwanted tracking
Google and Apple have announced that they are looking for input from industry participants and advocacy groups on a draft specification to alert users in the event of suspected unwanted tracking. Samsung, Tile, Chipolo, eufy Security, and Pebblebee have stated that they will support the...
A week in security (April 10 - 16)
Last week on Malwarebytes Labs: How the cops buy a "God view" of your location data, with Bennett Cyphers: Lock and Code S04E09 Apple releases emergency updates for two known-to-be-exploited vulnerabilities Don't plug your phone into a free charging station, warns FBI KFC, Pizza Hut owner employe...
IoT garage door exploit allows for remote opening attack
A popular and reasonably cheap garage door controller is making waves in the news, and not in a good way. Ars Technica reports that the $80 devices created by Nexx are suffering from a number of security issues which could compromise the safety of your home. A Medium post by researcher Sam Sabeta...
BlackCat ransomware targets another healthcare facility
In a statement issued Monday morning, Lehigh Valley Health Network said it had been the target of a cyberattack attributed to a ransomware gang known as BlackCat. The Network is made up of 13 hospital campuses, as well as other health facilities, and is based in Pennsylvania. BlackCat The...
Should you share passwords with your partner?
To share or not to share? When it comes to love and romance, that is the password question, isn't it? This Valentine's Day, we attempt to lift the lid on this steamy cybersecurity subject to see if two people in a romantic relationship are both on board on the matter of exchanging passwords with...
Grand Theft Auto 5 exploit allows cheaters to tamper with your data
Yesterday I spent some time helping to fix a relatives gaming PC. Their gaming data tied to Rockstars Grand Theft Auto 5 GTAV had somehow become corrupted and was no longer functional. I managed to repair the account and restore everything back to the way it was, but this isnt the end of the stor...
Maternal & Family Health Services discloses ransomware attack months after discovery
Maternal & Family Health Services MFHS, a nonprofit healthcare giant based in Pennsylvania, said in an advisory and press release that it has suffered a ransomware attack which led to the potential exposure of sensitive data of patients, employees, and vendors. That data includes names, addresses...
LastPass updates security notice with information about a recent incident
The password management company LastPasss notified customers in late December about a recent security incident. The notice was posted as an update of the security incident previously reported in August of 2022, which also was updated and covered on November 30, 2022. According to LastPass, an...
The weirdest security stories of 2022
Theres been a lot of weird and frankly bizarre attacks over the course of 2022, nestled in amongst the usual ransomware outbreaks and data breaches. Whether were talking social media, email, or even malware, theres been a mind bending tale of tall behaviour in almost every corner. Its time to...
5 SaaS security best practices
Just about anywhere you look, organizations are relying on Software-as-a-Service SaaS apps like Dropbox and Hubspot to help power their businesses. With more SaaS apps, however, comes increased security risks. While SaaS is without a doubt the easiest and most accessible way for businesses to rea...
A week in security (November 28 - December 4)
Last week on Malwarebytes Labs: Fraudster site iSpoof shut down, 142 arrested internationally 3 threats to watch out for this Cyber Monday Twitter user data leaks continue to drip from the faucet China-made equipment banned by FCC due to national security threat Sensitive police records stolen an...
5 essential security tips for SMBs
In any business, the security of each computer is intimately connected to the security of every other computer. Interconnectedness allows attackers to turn a breach, a fault, or an oversight on one machine into access on all the machines its connected to. That means any attack on any computer is ...
Criminal group busted after stealing hundreds of keyless cars
Europol has disclosed an international operation in which 31 suspects were arrested, 22 locations were searched, and over one million Euros in criminal assets were seized. The organized criminal gang specialized in stealing French keyless cars. Among the arrested were the software developers that...
Romance scammer given 25 years of alone time
Romance scams are often low risk, high reward strategies for ciminals, who use them to steal large sums of money from vulnerable people in the cruellest ways possible. Once the victim wires the cash, theres a good chance that its never coming back. The perpetrator has almost certainly covered the...