4707 matches found
Fake DocuSign email hides tricky phishing attempt
On my daily rounds, I encountered a phishing attempt that used a not completely unusual, yet clever delivery method. What began as a seemingly routine DocuSign notification turned into a multi-layered deception involving Webflow, a shady redirect, and a legitimate Google login page. Webflow is a...
Pornhub, RedTube, and YouPorn block access in France, VPN use set to soar
VPNs Virtual Private Networks are suddenly popular in France. Not because France has suddenly become super privacy conscious, but because Pornhub, RedTube, and YouPorn, have blocked access in France. But why? Last year, France enacted a law mandating that pornographic sites implement stricter...
Porn sites probed for allegedly failing to prevent minors from accessing content
Four porn sites are being investigated by the European Commission under its Digital Services Act DSA for allegedly failing to verify its users' ages properly. The Commission, which drafts and enforces the European Union's laws, is focusing the lens on Pornhub, Stripchat, XNXX, and XVideos with th...
Deepfake-posting man faces huge $450,000 fine
A man is facing a $450,000 AU fine after he published deepfake images of prominent Australian women on the now-defunct MrDeepfakes web site. That's if Australia's online safety regulator gets its way. Anthony Rotondo faces charges of posting these and other explicit deepfake images to the...
Fake AI video generator tools lure in Facebook and LinkedIn users to deliver malware
Cybercriminals are taking advantage of the public’s interest in Artificial Intelligence AI and delivering malware via text-to-video tools. According to researchers at Mandiant, the criminals are setting up websites claiming to offer “AI video generator” services, and then using those fake tools t...
Employee monitoring app exposes users, leaks 21+ million screenshots
Unfortunately, spyware apps with poor reputations and even weaker security practices are all too common. I’ve lost count of how many blogs I’ve written about stalkerware-type apps that not only exposed the people they spied on but also ended up exposing the spies themselves. However, perhaps one...
Tax deadline threat: QuickBooks phishing scam exploits Google Ads
The pressure of the looming tax filing deadline April 15th in the US can make anyone rush online tasks. Cybercriminals are acutely aware of this increased activity and are exploiting trusted platforms like Google to target Intuit QuickBooks users. By purchasing prominent Google Ads, they are...
A week in security (March 10 – March 16)
Last week on Malwarebytes Labs: Research on iOS apps shows widespread exposure of secrets Don’t let your kids on Roblox if you’re not comfortable, says Roblox CEO Update your iPhone now: Apple patches vulnerability used in "extremely sophisticated attacks" The dark side of sports betting: How...
Reddit will start warning users that upvote violent content
In a post on r/RedditSafety by a Reddit administrator, the platform announced that it will start sending warnings to users that upvote violent content. Reddit is a social media platform and online forum where users can share and discuss content across a wide range of topics. The platform's...
I spoke to a task scammer. Here’s how it went
Tasks scam are surging, with a year over year increase of 400%. So I guess it should have been no surprise when I was contacted by a task scammer on X recently. Task scammers prey on people looking for remote jobs by offering them simple repetitive tasks such as liking videos, optimizing apps,...
Google now allows digital fingerprinting of its users
In the ongoing saga that is Google’s struggle to replace tracking cookies, we have entered a new phase. But whether that’s good news is another matter. For years, Google has been saying it will phase out the third-party tracking cookies that power much of its advertising business online, proposin...
Fake Etsy invoice scam tricks sellers into sharing credit card information
This article was researched and written by Stefan Dasic, manager, research and response forThreatDown, powered by Malwarebytes. As an online seller, you’re already juggling product listings, customer service and marketing—so the last thing you need is to be targeted by scammers. Unfortunately, a...
Phishing evolves beyond email to become latest Android app threat
There are plenty of phish in the sea, and the latest ones have little interest in your email inbox. In 2024, Malwarebytes detected more than 22,800 phishing apps on Android, according to the recent 2025 State of Malware report. Of those malicious apps, 5,200 could subvert one of the strongest...
ClickFix vs. traditional download in new DarkGate campaign
During the past several months there have been numerous malware campaigns that use a technique something referred to as "ClickFix". It often consists of a fake CAPTCHA or similar traffic validation page where visitors are instructed to paste and execute code in order to proceed. We have started t...
Three privacy rules for 2025 (Lock and Code S06E02)
This week on the Lock and Code podcast… It’s Data Privacy Week right now, and that means, for the most part, that you’re going to see a lot of well-intentioned but clumsy information online about how to protect your data privacy. You’ll see articles about iPhone settings. You’ll hear acronyms for...
Warning: Don’t sell or buy a second hand iPhone with TikTok already installed
After TikTok was briefly banned in the US last weekend, an unusual phenomenon unearthed. Reportedly, people are selling iPhones that have TikTok installed for up to $25,000. This may require some explanation, so bear with me. TikTok has had a rough time in the US the last weeks. The ban we...
PlugX malware deleted from thousands of systems by FBI
The FBI says it has removed PlugX malware from thousands of infected computers worldwide. The move came after suspicion that cybercriminals groups under control of the People’s Republic of China PRC used a version of PlugX malware to control, and steal information from victims' computers. PlugX h...
Some weeks in security (December 16 – January 5)
During the holiday period on Malwarebytes Labs we covered: A day in the life of a privacy pro, with Ron de Jesus Lock and Code S05E26 Task scams surge by 400%, but what are they? 5 million payment card details stolen in painful reminder to monitor Christmas spending AI-generated malvertising "whi...
A week in security (December 9 – December 15)
Last week on Malwarebytes Labs: Encrypted messaging service intercepted, 2.3 million messages read by law enforcement TikTok ban in US: Company seeks emergency injunction to prevent it Data brokers should stop trading health and location data, new bill proposes Update now! Apple releases new...
No company too small for Phobos ransomware gang, indictment reveals
The US Department of Justice has charged a Russian national named Evgenii Ptitsyn with selling, operating, and distributing a ransomware variant known as “Phobos” during a four-year cybercriminal campaign that extorted at least $16 million from victims across the world. The government’s indictmen...
A week in security (November 18 – November 24)
Last week on Malwarebytes Labs: Meta takes down more than 2 million accounts in fight against pig butchering "Sad announcement" email implies your friend has died Update now! Apple confirms vulnerabilities are already being exploited AI Granny Daisy takes up scammers’ time so they can’t bother yo...
Scammer robs homebuyers of life savings in $20 million theft spree
A 33-year-old Nigerian man living in the UK and his co-conspirators defrauded over 400 would-be home buyers in the US. In the initial phase, Babatunde Francis Ayeni and his criminal gang targeted US title companies, real estate agents, and real estate attorneys. Employees of these companies were...
TikTok ordered to close Canada offices following “national security review”
The Government of Canada ordered the TikTok Technology Canada Inc. to close its offices in the country following a national security review. This decision was made in accordance with the Investment Canada Act, which allows for the review of foreign investments that may be injurious to Canada’s...
1,000+ web shops infected by “Phish ‘n Ships” criminals who create fake product listings for in-demand products
Researchers at the Satori Threat Intelligence and Research team have published their findings about a group of cybercriminals that infect legitimate web shops to create and promote fake product listings. The threat, dubbed "Phish ‘n Ships" by the researchers, reportedly infected more than 1,000...
MoneyGram confirms customer data breach
Money transfer company MoneyGram has notified its customers of a data breach in which it says certain customers had their personal information taken between September 20 and 22, 2024. The investigation into the incident that was discovered on September 27 is still ongoing, and the number of...
Radiology provider exposed tens of thousands of patient files
An anonymous person has disclosed that they gained online access to a radiologist's platform that hosted patient information using stolen credentials. I-MED Radiology is Australia’s leading medical imaging provider. Their clinics offer a range of imaging procedures including MRI, CT, x-ray,...
Fake Disney+ activation page redirects to pornographic scam
A common way to activate digital subscriptions such as Netflix, Prime or Disney+ on a new TV is to visit a website and enter the code seen on your screen. It's much easier than having to authenticate using a remote and typing a username and password. Scammers are creating fake activation pages th...
Privacy watchdog files complaint over Firefox quietly enabling its Privacy Preserving Attribution
A European privacy watchdog has filed a complaint against Mozilla for quietly enabling Privacy Preserving Attribution PPA in its Firefox browser. Noyb none of your business argues that despite its reassuring name, the feature allows the browser to track your online behavior. By design, Privacy...
Telegram will hand over user details to law enforcement
Last month we reported how Telegram CEO Pavel Durov was indicted on charges of complicity in the distribution of child sex abuse images, aiding organized crime, drug trafficking, fraud, and refusing lawful orders to give information to law enforcement. Now, in a potentially related development,...
What the arrest of Telegram’s CEO means, with Eva Galperin (Lock and Code S05E19)
This week on the Lock and Code podcast… On August 24, at an airport just outside of Paris, a man named Pavel Durov was detained for questioning by French investigators. Just days later, the same man was charged in crimes related to the distribution of child pornography and illicit transactions,...
CODAC Behavioral Healthcare, US Marshalls are latest ransomware targets
The Qilin ransomware group listed CODAC Behavioral Healthcare, a nonprofit health care treatment organization, as one of their latest victims. Qilin seems to have a preference for healthcare and support organizations. One of their most well-known victims was the pathology lab services provider...
A week in security (August 19 – August 25)
Last week on Malwarebytes Labs: Millennials’ sense of privacy uniquely tested in romantic relationships Hacked GPS tracker reveals location data of customers "We will hold them accountable": General Motors sued for selling customer driving data to third parties Why you need to know about ransomwa...
“We will hold them accountable”: General Motors sued for selling customer driving data to third parties
Texas Attorney General Ken Paxton has sued General Motors GM for the unlawful collection and sale of over 1.5 million Texans’ private driving data to insurance companies without their knowledge or consent. In June, the Attorney General AG announced he had opened an investigation into several car...
AI girlfriends want to know all about you. So might ChatGPT (Lock and Code S05E17)
This week on the Lock and Code podcast… Somewhere out there is a romantic AI chatbot that wants to know everything about you. But in a revealing overlap, other AI tools—which are developed and popularized by far larger companies in technology—could crave the very same thing. For AI tools of any...
Scammers are impersonating cryptocurrency exchanges, FBI warns
The Federal Bureau of Investigation FBI issued a public service announcement warning the public about scammers impersonating cryptocurrency exchange employees to steal funds. There are many types of crypto related scams, but in this case, the FBI provided an advisory about scammers that contact t...
A week in security (July 22 – July 28)
Last week on Malwarebytes Labs: Meta takes down 63,000 sextortion-related accounts on Instagram Windows update may present users with a BitLocker recovery screen TracFone will pay $16 million to settle FCC data breach investigation Google admits it can’t quite quit third-party cookies Heritage...
Fidelity National Financial acknowledges data breach affecting 1.3 million customers
In November 2023, real estate services company Fidelity National Financial FNF got its systems knocked offline for a week after a cyberincident. As is often the case these days, it turns out that the cyberincident was very likely a ransomware attack that included a data breach. Ransomware operato...
MongoDB warns customers about data breach after cyberattack
Database provider MongoDB has posted a security notice about a security incident in which attackers obtained unauthorized access to some of its corporate systems. The targeted system contained customer names, phone numbers, and email addresses among other customer account metadata, including syst...
23andMe says, er, actually some genetic and health data might have been accessed in recent breach
In October we reported that the data of as many as seven million 23andMe customers were for sale on criminal forums following a password attack against the genomics company. Now, a filing with the US Securities and Exchange Commission SEC has provided some more insight into the data theft. The...
A week in security (November 27 – December 3)
Last week on Malwarebytes Labs: Explained: Domain fronting Will ChatGPT write ransomware? Yes. Associated Press, ESPN, CBS among top sites serving fake virus alerts Meta sued over forcing users to pay to stop tracking Update now! Chrome fixes actively exploited zero-day vulnerability Many major...
Child health data stolen in registry breach
Canadian healthcare organization Better Outcomes Registry & Network BORN has disclosed a data breach affecting client data. BORN--an Ontario perinatal and child registry that collects, interprets, shares, and protects critical data about pregnancy, birth, and childhood--says it was attacked on Ma...
The end looms for Meta's behavioural advertising in Europe
The EU is going toe to toe with Meta once more, with the social network giant conceding defeat yet again. After having taken Meta to task for various privacy violations and data breaches, Meta is now having to provide European users with a way to opt out of behavioural advertising. The threat of...
How small businesses can secure employees' mobile devices
Fact: 77% of organizations are convinced they're capable of protecting their mobile devices--smartphones, tablets, and laptops including Chromebooks--from cybersecurity threats. Another fact: A third of those organizations aren't protecting their mobile devices at all. And that matters--in its...
Woman tracks down and turns table on Airbnb scammer
The internet is full of Airbnb scams and accounts told by victims. But there is a twist in this latest story-gone-viral that is usually lacking in most narratives: The victim evens the score. Airbnb host and scammer "Mr. Tyler" met his match when his would-be guest, TikTok user Olivia @livvoogus,...
Don't plug your phone into a free charging station, warns FBI
In a recent tweet, the FBI office in Denver warned consumers against using free public charging stations, stating that criminals have managed to hijack public chargers with the objective of infecting devices with malware or other software that can give hackers access to your phone, tablet or...
2023 State of Malware Report: What the channel needs to know to stay ahead of threats
The channel, comprising managed service providers MSPs, Systems Integrators SIs, value-added resellers VARs, and more, plays a vital role in providing cybersecurity for companies around the globe today. But as malware evolves and cyberattacks become more common, keeping up with the top threats to...
iPhone calendar spam: What it is, and how to remove it
If you open up your iPhone and see a variety of messages claiming that youve been hacked, your phone is not protected, that viruses have damaged your phone, or, my personal favourite, "Click to get rid of annoying ads", fear not. Its quite possible youve accidentally wandered into a common form o...
How the CISA catalog of vulnerabilities can help your organization
The Cybersecurity and Infrastructure Security Agency CISA maintains a "known exploited vulnerabilities catalog" which can be useful if you need help prioritizing the patching of vulnerabilities. In essence it is a long list of vulnerabilities that are actually being used by criminals to do harm,...
Vehicle Identification Numbers reveal driver data via telematics
There are many ways that data collection, and data availability, make less sense as the years pass by. This is frequently accompanied by a resistance to change, to improve these processes, because "thats how weve always done it". Sadly this is often the case even when those data collectors have...
BOD 23-01: Improving asset visibility and vulnerability detection on federal networks
On October 3, 2022, the Cybersecurity and Infrastructure Security Agency CISA issued Binding Operational Directive 23-01 BOD 23-10. This directive requires all Federal Civilian Executive Branch FCEB entities to maintain an inventory of all IPv4- and IPv6-networked assets, perform regular, periodi...