4665 matches found
Security vulnerabilities in major car brands revealed
Your car potentially hasnt "just" been a car for a long time. With multiple digital systems, vehicles are increasingly plugged into web applications and digital processes. These systems tie into everything from passwords and web chat systems for car company employees, to file repositories and oth...
Louisiana wants your ID if you're looking at adult-only websites
The state of Louisiana introduced a law on January 1, 2023, that holds sites that specialize in pornographic content accountable if they do not check their visitors' ages. A website is obliged to check whether a visitor is of the legal age required to access pornographic content if a substantial...
Crypto-inspired Magecart skimmer surfaces via digital crime haven
This blog post was authored by Jerome Segura Online criminals rarely reinvent the wheel, especially when they don't have to. From ransomware to password stealers, there are a number of toolkits available for purchase on various underground markets that allow just about anyone to get a jumpstart...
Slack private code on GitHub stolen
Online collaboration platform Slack reported on New Year's Eve it had suffered a "security incident" where some of its code stored on GitHub was stolen. According to the post from the company's security team, Slack's private code repositories were accessed using swiped employee tokens. No custome...
A week in security (January 1 - 8)
Last week on Malwarebytes Labs: Why does technology no longer excite us? Lock and Code S04E01 New device? Here's how to safely dispose of your old one LastPass updates security notice with information about a recent incident Okta breached last month, no customers compromised Update VPN Plus Serve...
New Twitter data dump is a cleaned up version of old Twitter dump
News of data dumps is often scary as the possibilities of identity theft, account takeovers, user de-anonymization, and other online data-driven threats rear their ugly heads. Reading about the latest reports of a new Twitter dump, however, is like opening up an already-healed wound, as the dump...
LA housing authority is latest LockBit ransomware victim
The Housing Authority of the City of Los Angeles HACLA, established in 1938 to provide affordable housing in Los Angeles, confirmed in a statement that it was a victim of a ransomware cyberattack. This is the second major attack against an agency in LA after the Los Angeles United School District...
Malware targets 30 unpatched WordPress plugins
If you make use of plugins on your WordPress site and you probably do, its time to take a good look at whats running under the hood. Ars Technica reports that unpatched vulnerabilities being exploited across no fewer than 30 plugins. A long list of plugin problems If you own or operate a website...
FBI warns of imposter ads in search results
The FBI has issued a public notice which includes advice to block adverts. Why? Lets take a look. The bogus advert tightrope Its no secret that rogue ads have been a particular plague on the Internet for as far back as we can remember. From irritating pop ups and spinning "Youve won a prize"...
Software provider denied insurance payout after ransomware attack
The Supreme Court of Ohio issued a ruling days before the New Year that a software and service provider shouldn't be covered by insurance against a ransomware attack as it didn't cause direct or physical harm to tangible components of software, as it doesnt have any. "When insurance policy covers...
Fake Flipper Zero websites look to cause a big splash
Security researchers are advised to be on the lookout for scammers targeting their interest in the latest hard to obtain security testing tools. Flipper Zero, a slick looking portable multi-tool which frequently makes its way into the news, is one of the hottest pieces of kit around for security...
Google patches 60 vulnerabilities in first Android update of 2023
Google has published its first security bulletin of 2023 with details of security vulnerabilities affecting Android devices. Patch level 2023-01-01 includes 20 issues and patch level 2023-01-05 includes fixes for another 40 issues. The Android security patch level refers to a monthly manifest of...
Update VPN Plus Server now! Synology patches vulnerability with a CVSS of 10
Synology has issued an advisory about a vulnerability that allows remote attackers to execute arbitrary commands through a susceptible version of Synology VPN Plus Server. VPN Plus Server VPN Plus Server allows users to turn their Synology Router into a Virtual Rrivate Network VPN server. A VPN...
Okta breached last month, no customers compromised
Some of Oktas source code fell into the hands of an unauthorized party. The code was stolen from GitHub in the first part of December, according to a statement issued by the company. In the same statement the company reassured users that there was no impact to any customers. Okta Okta is an acces...
LastPass updates security notice with information about a recent incident
The password management company LastPasss notified customers in late December about a recent security incident. The notice was posted as an update of the security incident previously reported in August of 2022, which also was updated and covered on November 30, 2022. According to LastPass, an...
New device? Here's how to safely dispose of your old one
Until recently I had two old phones, one tablet and about 20 hard drives in storage that I was afraid to give up for recycling, or to pass on to someone that could use them. I wanted to dispose of them, but knowing how easy it is to retrieve data--such as personally identifiable information--even...
Why does technology no longer excite us? Lock and Code S04E01
When did technology last excite you? If Douglas Adams, author of The Hitchhiker's Guide to the Galaxy, is to be believed, your own excitement ended, simply had to end, after turning 35 years old. Decades ago, at first writing privately and later having those private writings published after his...
A week in security (December 19 - 25)
Last week on Malwarebytes Labs: 4 over-hyped security vulnerabilities of 2022 Chasing cryptocurrency through cyberspace, with Brian Carter: Lock and Code S03E26 Restaurant platform SevenRooms confirms data breach Adult popunder campaign used in mainstream ad fraud scheme Malwarebytes earns AV-TES...
Godfather Android banking malware is on the rise
Researchers at Cyble Research & Intelligence Labs CRIL have found a new version of the Android banking Trojan called Godfather. The new version of Godfather uses an icon and name similar to a legitimate application named MYT Music, which is hosted on the Google Play Store with over 10 million...
The Guardian hit by "ransomware attack"
On Tuesday December 20, 2022 British newspaper The Guardian experienced a major IT security incident that crippled a part of its IT infrastructure. The suspected cause is ransomware. In an online article the newspaper published an internal statement from the chief executive and the editor-in-chie...
Lego's Bricklink steps on cross site scripting blocks
If you build it, they will come. In Legos case, they built it and certain security flaws meant someone could have taken it all apart. PCMag reports that flaws in Legos Bricklink service meant that it was open to potential data leakage or even account hijacking. Those flaws, now addressed,...
Sharing Netflix, Disney+, other passwords is illegal, according to new guidance
The Intellectual Property Office IPO, the UK government body overseeing intellectual property rights in the UK, has quietly released new guidance on piracy and online counterfeit goods. This campaign is a joint effort between IPO and Meta, Facebooks parent company. The general issue on piracy is...
BEC scammers go after more than just money
In a joint Cybersecurity Advisory CSA the Federal Bureau of Investigation FBI, the Food and Drug Administration Office of Criminal Investigations FDA OCI, and the US Department of Agriculture USDA recently observed incidents of Business Email Compromise BEC with a new twist. In these incidents th...
The pitfalls of blocking IP addresses
In August 2022, the Austrian court ordered the block of 11 IP addresses for copyright violations on 14 websites. Sadly, there was an undesirable side-effect--thousands of websites were rendered inaccessible to internet users in Austria for two days. There are many possible reasons why governments...
Play ransomware group claims to have stolen hotel chain data
H-Hotels, a large hospitality chain with 60 hotels across several countries including Germany and Switzerland has announced it has fallen victim to a ransomware attack. The incident, which took place on December 11, is allegedly a double whammy of hijacked devices and data theft…if a ransomware...
Millions of Gemini cryptocurrency exchange user details leaked
If youre a user of the Gemini cryptocurrency exchange, its time to be on your guard against phishing attacks. Gemini says its own systems have not been compromised, but an unnamed third party has become the focal point for a breach. On December 13 or some point before, rogues gained access to jus...
Adult popunder campaign used in mainstream ad fraud scheme
This blog post was authored by Jerome Segura Online advertising is a multi billion dollar industry with projected spending to reach over 600 billion U.S. dollars for 2022. It's not surprising that criminals are trying their hardest to abuse this ecosystem in any way that they can. One of the...
Restaurant platform SevenRooms confirms data breach
SevenRooms, a "guest experience and retention platform" for food establishments and hospitality organisations, has confirmed it has fallen victim to a third party vendor data breach. Mostly known for its customer management platform, Seven Rooms' breach came to light after stolen data was seen fo...
Chasing cryptocurrency through cyberspace, with Brian Carter: Lock and Code S03E26
On June 7, 2021, the US Department of Justice announced a breakthrough: Less than one month after the oil and gas pipeline company Colonial Pipeline had paid its ransomware attackers roughly $4.4 million in bitcoin in exchange for a decryption key that would help the company get its systems back ...
4 over-hyped security vulnerabilities of 2022
A critical vulnerability can send countless organizations into chaos, as security teams read up on the vulnerability, try to figure out whether it applies to their systems, download any potential patches, and deploy those fixes to affected machines. But a lot can go wrong when a vulnerability is...
A week in security (December 12 - 18)
Last week on Malwarebytes Labs: Indiana sues TikTok, describes it as "Chinese Trojan Horse" Iranian hacking group uses compromised email accounts to distribute MSP remote access tool Electronic Sales Suppression Tools are cooking the books Silence is golden partner for Truebot and Cl0p ransomware...
InfraGard infiltrated by cybercriminal
InfraGard, a partnership between the FBI and members of the private sector that was established to protect critical infrastructure in the US, has been infiltrated by a cybercriminal. As a result, its database of contact information is now for sale on an English-language cybercrime forum. InfraGar...
Virtual kidnapping scam strikes again. Spot the signs
Warnings abound of a major new piece of fraud doing the rounds which uses your relatives voice as part of a blackmail scam. What happens is the victim receives a call from said relatives number, and theyre cut off by blackmailers who have them held hostage. The only way to get them back safely is...
Worldwide law enforcement action takes down major DDoS booter services
Criminals making use of booter services which execute Distributed Denial of Service DDoS attacks to take down websites will have to try a little bit harder today: A major international operation has taken no fewer than 48 of the most popular booter services offline. The operation, known as "Power...
Update now! Apple patches active exploit vulnerability for iPhones
Apple has released new security content for iOS 16.1.2 and Safari 16.2. Normally we would say that Apple pushed out updates, but in this mysterious case the advisory is about an iPhone software update Apple released two weeks ago. As it turns out, to fix a zero-day security vulnerability that was...
Is Apple about to embrace third-party app stores?
On Tuesday, Bloomberg reported that Apple is preparing to allow access to third-party app stores on all iPhone and iPad devices owned by EU users, in anticipation of a new EU competition law coming into force in mid-2024. If the reporting is correct, then in future users in the EU will no longer ...
Uber data stolen via third-party vendor
Uber is facing a new cybersecurity incident after threat actors stole some of its data from Teqtivity, a third-party vendor that provides asset management and tracking services. "We are aware of customer data that was compromised due to unauthorized access to our systems by a malicious third...
Is an outsourced SOC worth it? Looking at the ROI of MDR
In the turbulent world of cybersecurity, one thing is for certain: Threats are evolving in ways that make them harder for organizations to predict--and stop. For businesses with scarce security staff resources and disconnected, complex toolsets, keeping up with todays cyberthreats is even harder...
Update now! Two zero-days fixed in 2022's last patch Tuesday
In numbers, the patch Tuesday of December 2022 is a relatively light one for Windows users. Microsoft patched 48 vulnerabilities with only six considered critical. But numbers are only half the story. Two of the updates are zero-days with one of them known to be actively exploited. Windows...
Introducing Quarantine for Cloud Storage Scanning in Nebula
Were excited to announce Quarantine for Malwarebytes Cloud Storage Scanning CSS, a new feature which allows you to automatically quarantine threats found in your cloud storage repositories. Malwarebytes Cloud Storage Scanning is an add-on service in Nebula that scans for malware on cloud storage...
Play ransomware attacks city of Antwerp
The city of Antwerps digital systems have come to a grinding halt. The Flemish government under which Antwerp resides has confirmed that this is the result of a ransomware attack. The consequences for the city's inhabitants are drastic, as hundreds of city employees revert to working on paper...
iPhone user watches as stolen phone travels from UK to China
Have you ever wondered what happens to your phone if its stolen while on vacation or a business trip? The answer may surprise you, as it did one Mastodon user who graciously shared a tale of a smartphone gaining some serious air miles. Our intrepid business traveller was in London when their phon...
Silence is golden partner for Truebot and Clop ransomware
A recent rise in the number of Truebot infections has been attributed to a threat actor known as the Silence Group. The Silence Group is an initial access broker IAB that frequently changes tools and tactics to stay on top of the game. An IAB's primary task is to find a weakness or vulnerability,...
Electronic Sales Suppression Tools are cooking the books
When you see point of sale software in the news, its usually because the terminal has been compromised and is now stealing payment details used in the device. Insecure stores, whether compromised as part of an inside job or a phishing attack, are a big problem for both buyers and the store itself...
The weirdest security stories of 2022
Theres been a lot of weird and frankly bizarre attacks over the course of 2022, nestled in amongst the usual ransomware outbreaks and data breaches. Whether were talking social media, email, or even malware, theres been a mind bending tale of tall behaviour in almost every corner. Its time to...
Iranian hacking group uses compromised email accounts to distribute MSP remote access tool
Researchers have uncovered a new campaign by hacking group MuddyWater, aka Static Kitten, in which a legitimate remote access tool is sent to targets from a compromised email account. The targets in this campaign are reportedly in Armenia, Azerbaijan, Egypt, Iraq, Israel, Jordan, Oman, Qatar,...
Indiana sues TikTok, describes it as "Chinese Trojan Horse"
On Wednesday, the State of Indiana filed two lawsuits against TikTok, Inc, the company behind the same name app, and its parent company, ByteDance. The first suit alleges TikTok's 12+ rating on the Apple App Store and a "T" for "Teen" rating in the Google Play Store and the Microsoft Store are...
A week in security (December 5 - 11)
Last week on Malwarebytes Labs: Security advisories are falling short. Here's why, with Dustin Childs: Lock and Code S03E25 Eufy "no cloud" security cameras streaming data to the cloud Snapchat gives Californians more power over their personal data Update now! Emergency fix for Google Chrome's V8...
Epic Games introduces safer accounts for kids
Epic have made some alterations to how accounts for kids work, with multiple features disabled for what are now known as "Cabined Accounts". If your children are big fans of Epic games like Fortnite and Rocket League, you may well have worried about their gaming interactions with other players at...
Apple announces 3 new security features
Apple has announced three new security features focused on protecting user data in the cloud: iMessage Contact Key Verification, Security Keys for Apple ID, and Advanced Data Protection for iCloud. iMessage Contact Key Verification and Security Keys for Apple ID will be available globally in 2023...