4706 matches found
Ransomware negotiator investigated over criminal gang kickbacks
If someone is going to negotiate with criminals for you, that person should at least be on your side. That might not have been the case at Digital Mint, a ransomware negotiation company where one worker allegedly went rogue. According to Bloomberg, Digital Mint is cooperating with the US Departme...
Free certificates for IP addresses: security problem or solution?
Let’s Encrypt has announced its issued its first certificate for an IP address. Why that’s significant deserves a little explanation. You may have run into Let’s Encrypt certificates many times without realizing it. When you see a padlock icon in your browser’s address bar, it means the site is...
A week in security (June 30 – July 6)
Last week on Malwarebytes Labs: Drug cartel hacked cameras and phones to spy on FBI and identify witnesses Catwatchful "child monitoring" app exposes victims’ data Microsoft, PayPal, DocuSign, and Geek Squad faked in callback phishing scams Qantas: Breach affects 6 million people, "significant"...
Drug cartel hacked cameras and phones to spy on FBI and identify witnesses
The "El Chapo" Mexican drug cartel snooped on FBI personnel through hacked cameras, and listened in on their phone calls to identify and kill potential witnesses, the US Department of Justice has said. And seven years on, the Bureau's defenses against this kind of surveillance are still inadequat...
Bluetooth vulnerability in audio devices can be exploited to spy on users
Researchers have found vulnerabilities in 29 Bluetooth devices like speakers, earbuds, headphones, and wireless microphones from reputable companies including Sony, Bose, and JBL. The vulnerabilities could be exploited to spy on users, and even steal information from the device. The researchers w...
Facebook wants to look at your entire camera roll for “AI restyling” suggestions, and more
Facebook's pursuit of your personal data continues apace, and now it has a new target: photos on your phone that you haven't shared with it yet. Techcrunch reports that the social media giant is now asking its users to peek at the photos on their phones' camera rolls. In return it will give them...
Why the Do Not Call Registry doesn’t work
The “Do Not Call Registry” receives a lot of hate online for failing to do its job: Stop calls. “What’s the point of being on the Do Not Call list?” wrote one user on Reddit who shared a screenshot of ten declined phone calls received across one week. Though already registered with the Do Not Cal...
Many data brokers are failing to register with state consumer protection agencies
Hundreds of data brokers haven't registered with state consumer protection agencies, according to The Electronic Frontier Foundation EFF and Privacy Rights Clearinghouse PRC. There are different kinds of data brokers, but what they all have in common is that they gather personally identifiable...
Thousands of private camera feeds found online. Make sure yours isn’t one of them
If you have internet-connected cameras in or around your home, be sure to check their settings. Researchers just discovered 40,000 of them serving up images of homes and businesses to the internet. Bitsight's TRACE research team revealed the issue in a report released this month. The cameras were...
A week in security (June 15 – June 21)
Last week on Malwarebytes Labs: The data on denying social media for kids re-air Lock and Code S06E12 Reddit’s new AI-powered tools scan your posts to serve you better ads Smart air fryers ordered to stop invading our digital privacy WhatsApp to start targeting you with ads Scammers hijack websit...
OpenAI forced to preserve ChatGPT chats
OpenAI has protested a court order that forces it to retain its users' conversations. The creator of the ChatGPT AI model objected to the order, which is part of a copyright infringement case against it by The New York Times and other publishers. The news organizations argued that ChatGPT was...
Scammers are using AI to impersonate senior officials, warns FBI
The FBI has issued a warning about an ongoing malicious text and voice messaging campaign that impersonates senior US officials. The targets are predominantly current or former US federal or state government officials and their contacts. In the course of this campaign, the cybercriminals have use...
Digital rampage saw ex-Disney employee remove nut allergy info from menus, dox co-workers, and more
A former Disney employee, Michael Scheuer, will serve three years in prison for computer fraud and aggravated identity theft after a digital sabotage campaign against his ex-employer. In addition to his sentence, he must pay nearly US$688,000 in restitution. Scheuer, a former menu production...
Location, name, and photos of random kids shown to parents in child tracker mix up
Not one but several worried parents that tracked their children by using T-Mobile tracking devices suddenly found that they were looking at the location of random other children. And could not locate their own. T-Mobile sells a small GPS tracker called SyncUP, which can be used to track, among...
Sperm bank breach deposits data into hands of cybercriminals
Sperm donor giant California Cryobank has announced it has suffered a data breach that exposed customers' personal information. California Cryobank CCB is a sperm donation and cryopreservation firm and one of the US’ top sperm banks. As such, it services all US states and over 30 countries...
Background check provider data breach affects 3 million people who may not have heard of the company
Employment screening company DISA Global Solutions has filed a data breach notification after a cyber incident on their network. DISA says a third party had access to its environment between February 9, 2024, and April 22, 2024. The attacker may have accessed over three million files containing...
Surveillance pricing is “evil and sinister,” explains Justin Kloczko (Lock and Code S06E04)
This week on the Lock and Code podcast … Insurance pricing in America makes a lot of sense so long as you’re one of the insurance companies. Drivers are charged more for traveling long distances, having low credit, owning a two-seater instead of a four, being on the receiving end of a car crash,...
Gambling firms are secretly sharing your data with Facebook
While you might think you’re hitting the jackpot, whether you’ve consented to it or not, online gambling sites are playing with your data. Users’ data, including details of webpages they visited and buttons they clicked, are being shared with Meta, Facebook’s parent company. The Observer reports...
Small business owners, secure your web shop
An online shop is more than just another way to sell your products. It comes with a responsibility to keep the web shop secure. Cybercriminals are looking to steal your customers’ credit card details, their personal data, and even your revenue. And it’s not as if using a platform that is used by...
The DeepSeek controversy: Authorities ask where does the data come from and how safe is it?
The sudden rise of DeepSeek has raised concerns and questions, especially about the origin and destination of the training data, as well as the security of the data. For those returning from a short holiday away from the news, DeepSeek is a new player on the Artificial Intelligence AI field. The...
The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads
Table of contents Overview Criminals impersonate Google Ads Lures hosted on Google Sites Phishing for Google account credentials Victimology Who is behind these campaigns? Fuel for other malware and scam campaigns Indicators of Compromise Overview Online criminals are targeting individuals and...
Massive breach at location data seller: “Millions” of users affected
Like many other data brokers, Gravy is a company you may never have heard of, but it almost certainly knows a lot about you if you’re a US citizen. Data brokers come in different shapes and sizes. What they have in common is that they gather personally identifiable data from various sources—from...
AI-supported spear phishing fools more than 50% of targets
One of the first things everyone predicted when artificial intelligence AI became more commonplace was that it would assist cybercriminals in making their phishing campaigns more effective. Now, researchers have conducted a scientific study into the effectiveness of AI supported spear phishing, a...
A day in the life of a privacy pro, with Ron de Jesus (Lock and Code S05E26)
This week on the Lock and Code podcast… Privacy is many things for many people. For the teenager suffering from a bad breakup, privacy is the ability to stop sharing her location and to block her ex on social media. For the political dissident advocating against an oppressive government, privacy ...
These cars want to know about your sex life (re-air) (Lock and Code S05E25)
This week on the Lock and Code podcast … Two weeks ago, the Lock and Code podcast shared three stories about home products that requested, collected, or exposed sensitive data online. There were the air fryers that asked users to record audio through their smartphones. There was the smart ring...
A week in security (November 25 – December 1)
Last week on Malwarebytes Labs: Printer problems? Beware the bogus help Data broker exposes 600,000 sensitive files including background checks Medical testing company LifeLabs failed to protect customer data, report finds Explained: the Microsoft connected experiences controversy Spotify, Audibl...
Medical testing company LifeLabs failed to protect customer data, report finds
In 2019, a ransomware attack hit LifeLabs, a Canadian medical testing company. The ransomware encrypted the lab results of 15 million Canadians, and personally identifiable information PII of 8.6 million people was stolen. After noticing the attack, LifeLabs informed its customers and the Canadia...
AI is everywhere, and Boomers don’t trust it
Artificial intelligence tools like ChatGPT, Claude, Google Gemini, and Meta AI represent a stronger threat to data privacy than the social media juggernauts that cemented themselves in the past two decades, according to new research on the sentiments of older individuals from Malwarebytes. A...
After concerns of handing Facebook taxpayer info, four companies found to have improperly shared data
Four tax preparation software companies failed to comply with government rules that require the sharing of tax-related info to be done only with specific disclosures and full tax-payer consent, according to an audit released by the Treasure Inspector General for Tax Administration TIGTA in the...
This industry profits from knowing you have cancer, explains Cody Venzke (Lock and Code S05E22)
This week on the Lock and Code podcast … On the internet, you can be shown an online ad because of your age, your address, your purchase history, your politics, your religion, and even your likelihood of having cancer. This is because of the largely unchecked “data broker” industry. Data brokers...
Internet Archive attackers email support users: “Your data is now in the hands of some random guy”
Those who hacked the Internet Archive haven't gone away. Users of the Internet Archive who have submitted helpdesk tickets are reporting replies to the tickets from the hackers themselves. Internet Archive, most known for its Wayback Machine, is a digital library that allows users to look at...
Large scale Google Ads campaign targets utility software
After what seemed like a long hiatus, we've observed threat actors returning to malvertising to drop malware disguised as software downloads. The campaign we identified is high-impact, going after utility software such as Slack, Notion, Calendly, Odoo, Basecamp, and others. For this blog, we...
Facebook scrapes photos of kids from Australian user profiles to train its AI
Facebook has admitted that it scrapes the public photos, posts and other data from the accounts of Australian adult users to train its AI models. Unlike citizens of the European Union EU, Australians are not offered an opt-out option to refuse consent. At an inquiry as to whether the social media...
City of Columbus tries to silence security researcher
The City of Columbus, Ohio is suing a security researcher for sharing stolen data. All the complaint will accomplish, we imagine, is spotlight the ignorance of certain city officials in handling a common security matter. What happened is that the City of Columbus was attacked by a ransomware grou...
PSA: These ‘Microsoft Support’ ploys may just fool you
Many people turn to their favorite search engine when they are facing an issue with their computer. One common search query is to look for the telephone number or contact form for Microsoft, Apple or one of many other brands. Scammers have long been interested in pretending to be Microsoft...
My child had her data stolen—here’s how to protect your kids from identity theft
Recently, I received a letter in the mail from a company about a data breach. The letter said that the company had been a victim of a cyberattack back in March in which files were scrambled what we know as ransomware. The attacker had also accessed sensitive files and customer health data. Sadly,...
A week in security (July 15 – July 21)
Last week on Malwarebytes Labs: CrowdStrike update at center of Windows "Blue Screen of Death" outage Number of data breach victims goes up 1,000% Gen Z breakups tainted by login abuse for spying and stalking, research shows Rite Aid says 2.2 million people affected in data breach AI device Rabbi...
A week in security (July 1 – July 7)
Last week on Malwarebytes Labs: Ticketmaster hackers release stolen ticket barcodes for Taylor Swift Eras Tour Authy phone numbers accessed by cybercriminals, warns Twilio Affirm says Evolve Bank data breach also compromised some of its customers Prudential Financial data breach impacts 2.5 milli...
Tampa General Hospital half thwarts ransomware attack, but still loses patient data
The Tampa General Hospital TGH has promised to reach out to individuals whose information has been stolen by a ransomware group. In a cybersecurity notice, TGH said it noticed unusual activity on its computer systems on May 31, 2023. "Fortunately, TGHs monitoring systems and experienced technolog...
Google delays Chrome third party cookie sunsetting...again
We've seen many examples of third-party cookies being tackled by browsers recently. It's not so long ago that Firefox effectively locked down third-party tracking by isolating cookies into so-called jars. By doing so, their "Total Cookie Protection" seeks to prevent all those cookies on your PC...
Trusting your kids online isn’t enough (Lock and Code S07E14)
This week on the Lock and Code podcast … There is a lot going on right now regarding the safety of kids online. In the United States, the majority of state legislatures have passed age verification laws requiring a variety of websites to more rigorously verify the age of their visitors. In the...
Fake crypto gift card sites are getting harder to spot
You want to turn some crypto into a gift card. You search, click a promising result, and land on a site that looks polished and legitimate: a dark theme, trust badges, and promises of instant delivery and no ID checks. You wouldn't think to question it. But a professional-looking website isn't...
Microsoft fixes RoguePlanet zero-day in Defender
Microsoft issued a security update that fixes the zero-day vulnerability known as RoguePlanet in Microsoft Defender. RoguePlanet is tracked as CVE-2026-50656, a Microsoft Defender elevation of privilege EoP vulnerability. As we reported last month, if successfully exploited, RoguePlanet can allow...
Chrome needs another whopper update to fix 382 security bugs
If there was ever a time when it dawned on users how full of holes the software they’ve been using is, it’s now. Last month Microsoft pushed out its biggest patch Tuesday update ever. And yesterday, on the last day of June, Google published an update which included a whopping 382 security fixes...
PixelSmash flaw turns video files into attack tools
A newly discovered vulnerability in FFmpeg’s MagicYUV decoder can turn a tiny, malformed video into a foothold for attackers. Researchers have disclosed PixelSmash, a critical vulnerability tracked as CVE-2026-8461, in FFmpeg’s MagicYUV video decoder with a CVSS score of 8.8. By crafting a...
Researchers built a chatbot that only knows the world before 1931
The internet's chatbots have read every forum rant, leaked Slack log, and confident blog post your uncle ever wrote about chemtrails. The results are predictable: they reflect the state of the internet, and it isn't pretty. That, along with some questionable design decisions, is partly why Elon...
Android 17 ends all-or-nothing access to your contacts
Some of the apps on your phone want your contacts. Most don't need them all, but have been happily slurping up the lot for years. Google has decided to do something about that with the next version of Android. Android 17 currently in preview is introducing a new Contact Picker that lets users gra...
This old-school scam is still working
When we read about this new malware tactic, or that novel social engineering approach, it’s easy to forget that there are scammers out there making a living from ancient methods. Recently, one of our researchers received this variation on the good old Nigerian advance-fee scam. From: Mrs.Inga-Bri...
“iCloud storage is full” scam is back, and now it wants your payment details
A few months ago, we reported on a fake cloud storage alert that triggered a redirect chain to an app that has since been delisted from the Apple Store. The threat of losing your photos is a powerful lure, so scammers are now using it to steal personal and financial details. The Guardian warns...
Russian hacking group targets home and small office routers to spy on users
British security officials found that a group linked to the Russian military is spying on users of compromised Small Office/Home Office SOHO routers in a broad cyber espionage campaign. A Microsoft blog goes into the technical details of these attacks. The group, which we’ll refer to as APT28, bu...