Zuckerberg’s Metaverse, and the possible privacy and security concerns

The news is currently jam-packed with tales of Facebooks Meta project. Of particular interest to me is Facebook’s long-stated desire to introduce adverts into the VR space, and what this may mean for Meta too. I’ve talked about the privacy and legal aspects of adverts in gaming and other tech...

Google patches zero-day vulnerability, and others, in Android

Google has issued security patches for the Android Operating System. In total, the patches address 39 vulnerabilities. There are indications that one of the patched vulnerabilities may be under limited, targeted exploitation. The most severe of these issues is a critical security vulnerability in...

What is Twitch?

Twitch is primarily a site dedicated to live streaming content. It also offers the ability to chat with others in the Stream you happen to be in via text. The primary draw of Twitch streams is video games and e-sports, leading to the rise of many big name streamers and content creators. Is Twitch...

Is Apple’s Safari browser the last, best hope for web privacy?

What browser do you use? Theres a good chance—roughly one in seven—that its Google Chrome. And even if you prefer a different browser, theres a good chance that youre using something thats based on Google Chrome, such as Edge, Vivaldi, Chromium, Brave, or Opera. After a decade and and a half of...

Lessons from a real-life ransomware attack

Ransomware attacks, despite dramatically increasing in frequency this summer, remain opaque for many potential victims. It isn’t anyone’s fault, necessarily, since news articles about ransomware attacks often focus on the attack, the suspected threat actors, the ransomware type, and, well, not mu...

Celebrity jewelry house Graff falls victim to ransomware

Data on countless celebrities, including politicians, is apparently now in the hands of ransomware attackers after a group using the Conti variant compromised systems of one of the world’s most exclusive jewelry houses, Graff. Despite what mathematicians like to think, there is an exception to...

A week in security (Oct 25 – Oct 31)

Last week on Malwarebytes Labs Beyond the VPN: Ultimate online privacy with the Tor Project’s Isabela Bagueros: Lock and Code S02E20 Patch now to bypass Firefox add-ons that abuse the proxy API to deny updates How social media mistakes can impact cybersecurity Update now! Apple patches bugs in iO...

The return of the Malwarebytes CrackMe

This blog post was authored by Hasherezade Update: Malwarebytes Crackme : we already have the winners in the category "the fastest solve", congratulations! 1st: @nazywam 2nd: Suvaditya Sur @x0r19x91 3rd:@evandrix But we are still waiting for your submissions! -- Malwarebytes Threat Intelligence...

Update your OptinMonster WordPress plugin immediately

WordPress, the incredibly popular content management platform, is currently dealing with a nasty plugin bug which allows redirects. What is a WordPress plugin? Like most blogging platforms, WordPress allows you to change up its default functionality. This is done by adding bits of kit called...

Shrootless: Microsoft finds Apple macOS vulnerability

Microsoft researchers have discovered a vulnerability in macOS, dubbed Shrootless, that can allow attackers to bypass System Integrity Protection SIP and perform malicious activities, such as gaining root privileges and installing rootkits on vulnerable devices. Microsoft reported the Shrootless...

Threat profile: Ranzy Locker ransomware

Ranzy Locker ransomware emerged in late 2020, when the variant began to target victims in the United States. According to a flash alert issued by the FBI, unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July 2021, including victims in the...

What is fileless malware?

Unlike traditional malware, which relies on a file being written to a disk, fileless malware is intended to be memory resident only, ideally leaving no trace after its execution. The malicious payload exists in the computer’s memory, which means nothing is ever written directly to the hard drive...

Watch out for the Steam skin “free knife” scam

Have you ever had someone run up to you in the street and insist you take their free knife? I hope not, because that’s a good way to wind up in a 60-minute police procedural drama. In video game land, however, anything goes. A certain type of scam is showing signs of activity at the moment and it...

Update now! Apple patches bugs in iOS and iPadOS

On two consecutive days Apple has released a few important patches. iOS 14.8.1 comes just a month after releasing iOS 14.8 for those who didn’t want to update their iPhones to iOS 15. This update also came as a sort of surprise as it was not beta-tested beforehand. Earlier this year Apple announc...

How social media mistakes can impact cybersecurity

We talked to members of our Malware Removal Support team and asked them what kind of problems they get asked to solve for our customers. To understand why they get to handle these questions, it is also necessary to know that the Malwarebytes software is unable to resolve the problems users are...

Patch now to bypass Firefox add-ons that abuse the proxy API to deny updates

In a Firefox security announcement, Mozilla said 455,000 users have downloaded Firefox add-ons that interfere with how they connect to the internet. The interference in itself was not the deciding factor, however. The add-ons abused the proxy API to prevent users who had installed them from...

Beyond the VPN: Ultimate online privacy, with The Tor Project’s Isabela Bagueros: Lock and Code S02E20

"What does online privacy mean to you?" This beguilingly simply question can produce dozens of overlapping and distinct answers, all depending on who you ask. A VPN service might tell you that online privacy means obscuring your IP address and hiding your Internet activity from your Internet...

A week in security (Oct 18 – Oct 24)

Last week on Malwarebytes Labs Multiple vulnerabilities in popular WordPress plugin WP Fastest Cache. “Killware”: Is it just as bad as it sounds? REvil ransomware disappears after Tor services hijacked. Protect yourself from BlackMatter ransomware: Advice issued. q-logger skimmer keeps Magecart...

Ransomware: Why do backups fail when you need them most?

Its widely known, and endlessly repeated, that the last, best line of defence against the potentially devastating effects of a ransomware attack is your backups. So why do we keep hearing things like this: Were also feeling relatively confident, we have a very good backup system … and then we fin...

We dig into the Game Players Code

Gaming security is getting a lot of attention at the moment. Rightly so; it’s a huge target for scammers and malware authors. Malicious ads, fake games, survey scams, phishing attacks…whatever you can think of, it’s in use. Some target kids and steal their accounts, selling them on. Others go aft...

A bug is about to confuse a lot of computers by turning back time 20 years

For those of you that remember the fuss about the Y2K bug, this story may sound familiar. The Cybersecurity & Infrastructure Security Agency CISA has issued a warning to Critical Infrastructure CI owners and operators, and other users who get the time from GPS, about a GPS Daemon GPSD bug in GPSD...

Update now! Chrome fixes more security issues

For the third time in a month Google has issued an update to patch for several security issues. This time the update patches 19 vulnerabilities, of which 5 are classified as “high” risk vulnerabilities. In an update announcement for Chrome 95.0.4638.54, Google specifies the 16 vulnerabilities tha...

Chrome targeted by Magnitude exploit kit

Exploit kits EK are not as widespread as they used to be. One of the reasons is likely that most exploit kits targeted software that is hardly ever used anymore. Internet Explorer, Silverlight, and Flash Player to name a few, have been deprecated, replaced, and quickly lost their user-base. So,...

High school student rickrolls entire school district, and gets praised

A student at a high school in Cook County successfully hacked into the Internet-of-Things IoT devices of one of the largest school districts in Illinois, and gave everyone a surprise. Minh aka @WhiteHoodHacker on Twitter who attends Elk Grove—a name that curiously resembles the home town of...

How to delete your Snapchat account

Snapchat is an instant messaging app popular with youngsters that allows users to send pictures and videos that are only viewable for short periods. But while hundreds of millions of daily active users consume and create content with Snapchat, not everyone is pleased with the mobile app. One of t...

q-logger skimmer keeps Magecart attacks going

This blog post was authored by Jérôme Segura Although global e-commerce is continuing to grow rapidly, it seems as though Magecart attacks via digital skimmers have not followed the same trend. This is certainly true if we only look at recent newsworthy attacks; indeed when a victim is a large...

Protect yourself from BlackMatter ransomware: Advice issued

Despite promises made by the BlackMatter ransomware gang about which organizations and business types they would avoid, multiple US critical infrastructure entities have been targeted. Now, the Federal Bureau of Investigation FBI, in conjunction with the Cybersecurity and Infrastructure Security...

[updated]REvil ransomware disappears after Tor services hijacked

With some pests you hope they never recover from a blow. It’s almost too good to be true, but one can hope. This is one of them. The REvil ransomware group has shut down their operation for the second time this year after losing control over their Tor-based domains. Shutdown number 1 REvils first...

“Killware”: Is it just as bad as it sounds?

On October 12, after interviewing US Secretary of Homeland Security Alejandro Mayorkas, USA TODAY’s editorial board warned its readers about a dangerous new form of cyberattack under this eye-catching headline: “The next big cyberthreat isnt ransomware. Its killware. And its just as bad as it...

Multiple vulnerabilities in popular WordPress plugin WP Fastest Cache

Multiple vulnerabilities have been found in the popular WordPress plugin WP Fastest Cache during an internal audit by the Jetpack Scan team. Jetpack reports that it found an Authenticated SQL Injection vulnerability and a Stored XSS Cross-Site Scripting via Cross-Site Request Forgery CSRF issue. ...

A week in security (Oct 11 – Oct 17)

Last week on Malwarebytes Labs Google warns some users that FancyBear’s been prowling around Inside Apple: How macOS attacks are evolving The joy of phishing your employees ExpressVPN made a choice, and so did I: Lock and Code S02E19 Update now! Apple patches another privilege escalation bug in i...

What is an .exe file? Is it the same as an executable?

You may often see .exe files but you may not know what they are. Is it the same as an executable file? The short answer is no. So whats the difference? What is an .exe file? Exe in this context is a file extension denoting an executable file for Microsoft Windows. Windows file names have two part...

Adblocker promises to blocks ads, injects them instead

Researchers at Imperva uncovered a new ad injection campaign based on an adblocker named AllBlock. The AllBlock extension was available at the time of writing for Chrome and Opera in the respective web stores. While disguising your adware as an adblocker may seem counterintuitive, it is actually ...

Inside Apple: How Apple’s attitude impacts security

Last week saw the fourth occurrence of the Objective by the Sea OBTS security conference, which is the only security conference to focus exclusively on Apples ecosystem. As such, it draws many of the top minds in the field. This year, those minds, having been starved of a good security conference...

“Free Steam game” scams on TikTok are Among Us

TikTok has long since evolved beyond being thought of as "just" dance clips, also becoming a home for educational and informative content presented in a fun and casual way. There are accounts themed around pretty much any interest you can think of, and one of the biggest is gaming. Its not all...

Patch now! Microsoft fixes 71 Windows vulnerabilities in October Patch Tuesday

Yesterday we told you about Apple’s latest patches. Today we turn to Microsoft and its Patch Tuesday. Microsoft tends to provide a lot of information around its patches and, so, theres a lot to digest and piece together to give you an overview of the most important ones. In total, Microsoft has...

Ransom Disclosure Act would mandate ransomware payment reporting

In an effort to better understand and clamp down on the ransomware economy and its related use of cryptocurrencies, US Senator and past presidential hopeful Elizabeth Warren and US House Representative Deborah Ross introduced a new bill last week that would require companies and organizations to...

Update now! Apple patches another privilege escalation bug in iOS and iPadOS

Apple has released a security update for iOS and iPad that addresses a critical vulnerability reportedly being exploited in the wild. The update has been made available for iPhone 6s and later, iPad Pro all models, iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iP...

ExpressVPN made a choice, and so did I: Lock and Code S02E19

On September 14, the US Department of Justice announced that it had resolved an earlier investigation into an international cyber hacking campaign coming from the United Arab Emirates that has reportedly impacted hundreds of journalists, activists, and human rights defenders in Yemen, Iran, Turke...

The joy of phishing your employees

Many companies set up phishing test programs for their employees, often as part of a compliance requirement involving ongoing employee education on security topics. The aim of these programs is to train employees on how to spot a malicious link, not click it, and forward it on to the appropriate...

Inside Apple: How macOS attacks are evolving

The start of fall 2021 saw the fourth Objective by the Sea OBTS security conference, which is the only security conference to focus exclusively on Apples ecosystem. As such, it draws many of the top minds in the field. This year, those minds, having been starved of a good security conference for ...

Google warns some users that FancyBear’s been prowling around

APT28, also known as FancyBear, is at the heart of another targeted campaign. This time, it’s sniffing around users of Google services. Some 14,000 people have been notified about a spear phish attempt looking to compromise accounts and access their files. When did this happen? Sometime late...

A week in security (Oct 4 – Oct 10)

Last week on Malwarebytes Labs Does Cybersecurity Awareness Month actually improve security? Police take a piece out of a ransomware gang, but won’t say which one Neiman Marcus data breach affects millions Windows 11 is out. Is it any good for security? Criminals were inside Syniverse for 5 years...

Firefox reveals sponsored ad “suggestions” in search and address bar

Mozilla is trying a novel experiment into striking a balance between ad revenue generation and privacy protection by implementing a new way to deliver ads in its Firefox web browser—presenting them as “suggestions” whenever users type into the dual-use search and URL address bar. The advertising...

At long last, Microsoft is disabling Excel 4.0 macros by default

Sometimes good news in the security world comes unexpectedly. This is one of those times. After three decades of macro viruses, and three decades of trying to convince every single Excel user individually to disable macros, Microsoft is going disable Excel 4.0 macros for everyone. Better late tha...

Making better cybersecurity training: Q&A with Malwarebytes expert Kelsey Prichard

If you hadn’t noticed by now, we are in the first week of National Cybersecurity Awareness Month, which, according to the Cybersecurity Infrastructure and Security Agency in the United States, means that we should all consider how people, organizations, and businesses can “be cyber smart” this ye...

Discord scammers lure victims with promise of free Nitro subscriptions

A number of bogus offers are doing the rounds in Discord land at the moment. Discord, a group text chat/VoiP app of choice for many gaming communities, is having a bit of trouble with phishing links. You may recall we’ve covered a lot of Discord scams previously. Service users can create bots,...

GnuPG fixes a problem with Let’s Encrypt certificate chain validation

Despite advance warnings that a root certificate provided by Let’s Encrypt would expire on September 30, users reported issues with a variety of services and websites once that deadline hit. So what happened? The problem A number of high profile tech and security companies noticed their products...

US Navy ship Facebook page hijacked to stream video games

The official Facebook page of the US Navy’s destroyer-class warship, USS Kidd, has been hijacked. According to Task & Purpose, who first reported on the incident, the account has done nothing but stream Age of Empires, an award-winning, history-based real-time strategy RTS video game wherein...

Stop. Do you really need another security tool?

The last few years have seen a mushrooming of the number and type of security tools that organizations can use to protect themselves. You can have tools, tools to integrate the tools, tools to monitor the tools, APIs, dashboards so many dashboards, and machine learning with everything. And yet,...