Lucene search
K
MalwarebytesRecent

4708 matches found

Malwarebytes
Malwarebytes
added 2021/04/14 4:36 p.m.32 views

FBI shuts down malware on hundreds of Exchange servers, opens Pandora’s box

A rather remarkable story has emerged, setting the scene for lively debates about permissible system access. A press release from the US Department of Justice Judge has revealed that the FBI were granted permission to perform some tech support backdoor removal. Bizarrely, they did this without...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/14 3:1 p.m.81 views

Update now! Chrome needs patching against two in-the-wild exploits

A day late and a dollar short is a well-known expression that comes in a few variations. But this version has a movie and a book to its name, so I’m going with this one. Why? Google has published an update for the Chrome browser that patches two newly discovered vulnerabilities. The browsers Stab...

9.5AI score0.70435EPSS
Exploits6
Malwarebytes
Malwarebytes
added 2021/04/14 11:54 a.m.32 views

Ransomware disrupts food supply chain, Exchange exploitation suspected

When malware found its way into the network of Bakker Logistiek, a company specializing in the transport and warehousing of food and other products, on the night of 4 to 5 April, its IT systems ground to a halt. And, along with them, the reception of orders from clients, and the delivery of goods...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/13 2:52 p.m.14 views

NAME:WRECK, a potential IoT trainwreck

A set of vulnerabilities has been found in the way a number of popular TCP/IP stacks handle DNS requests. Potentially this could impact hundreds of millions of servers, smart devices, and industrial equipment. The researchers that discovered the vulnerabilities have named them NAME:WRECK. Plural...

1.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/13 11:2 a.m.233 views

Sorry, Joe Biden isn’t offering you a work visa, it’s a scam

A US diplomatic mission in Nigeria warns of a visa scam affecting Nigerian citizens looking to move to the United States. It’s an old scam message, dressed up with a fresh coat of paint. Shall we take a look? Fraud Alert! Scammers and fraudsters are circulating a fake “press release” claiming to...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/12 11:59 a.m.48 views

How ransomware gangs are connected, sharing resources and tactics

Many of us who read the news daily encounter a regular drum beat of ransomware stories that are both worrying and heartbreaking. And what many of us don’t realize is that they are often interconnected. Some of the gangs behind the ransomware campaigns that we read about have established a...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/12 11:2 a.m.209 views

How bitcoin payments unmasked a man who hired a Dark Web contract killer

An Italian citizens apparent attempt to hire a hitman on the Dark Web has been undone by clever analysis of his Bitcoin transactions. The man, who is reported to be an IT worker employed by a major corporation, is alleged to have paid the hitman to assassinate his former girlfriend. What happened...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/12 7:5 a.m.74 views

Beating security fatigue with Troy Hunt, Chloé Messdaghi, and Tanya Janca: Lock and Code S02E06

This week on Lock and Code, we discuss the top security headlines generated right here on Labs. In addition, we speak to Point3 Security chief strategist Chloé Messdaghi, HaveIBeenPwned founder Troy Hunt, and We Hack Purple founder and CEO Tanya Janca about security fatigue. Security fatigue is...

7.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/09 1:8 p.m.247 views

Millions of Chrome users quietly added to Google’s FLoC pilot

Last month, Google began a test pilot of its Federated Learning of Cohorts—or FLoC—program, which the company has advertised as the newest, privacy-preserving alternative in Google Chrome to the infamous third-party cookie. Sounds promising, right? Well, about that. Despite Google’s rhetoric abou...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/09 12:9 p.m.55 views

Cryptomining containers caught coining cryptocurrency covertly

In traditional software development, programmers code an application in one computing environment before deploying it to a similar, but often slightly different environment. This leads to bugs or errors that only show up when the software is deployed—exactly when you need them least. To solve for...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/08 12:57 p.m.111 views

Zoom zero-day discovery makes calls safer, hackers $200,000 richer

Two Dutch white-hat security specialists entered the annual computer hacking contest Pwn2Own, managed to find a Remote Code Execution RCE flaw in Zoom and are $200,000 USD better off than they were before. Pwn2Own Pwn2Own is a high profile event organized by the Zero Day Initiative that challenge...

7.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/07 2:44 p.m.88 views

SAP warns of malicious activity targeting unpatched systems

A timely warning to keep systems patched has appeared, via a jointly-released report from Onapsis and SAP. The report details how threat actors are “targeting and potentially exploiting unprotected mission-critical SAP applications”. Some of the vulnerabilities used were weaponised fewer than 72...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/07 10:8 a.m.48 views

Fake Trezor app steals more than $1 million worth of crypto coins

Several users of Trezor, a small hardware device that acts as a cryptocurrency wallet, have been duped by a fake app with the same name. The app was available on Google Play and Apple’s App Store and also claimed to be from SatoshiLabs, the creators of Trezor. According to the Washington Post, th...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/06 9:37 p.m.19 views

A deep dive into Saint Bot, a new downloader

This post was authored by Hasherezade with contributions from Hossein Jazi and Erika Noerenberg In late March 2021, Malwarebytes analysts discovered a phishing email with an attached zip file containing unfamiliar malware. Contained within the zip file was a PowerShell script masquerading as a li...

8.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/06 8:32 p.m.260 views

Pre-installed auto installer threat found on Android mobile devices in Germany

Users primarily located in Germany are experiencing malware that downloads and installs on their Gigaset mobile devices—right out of the box! The culprit installing these malware apps is the Update app, package name com.redstone.ota.ui, which is a pre-installed system app. This app is not only th...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/06 7:24 p.m.235 views

Aurora campaign: Attacking Azerbaijan using multiple RATs

This post was authored by Hossein Jazi As tensions between Azerbaijan and Armenia continue, we are still seeing a number of cyber attacks taking advantage of this situation. On March 5th 2021, we reported an actor that used steganography to drop a new .Net Remote Administration Trojan. Since that...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/06 12:7 p.m.145 views

Has Facebook leaked your phone number?

Unless you keep your social media at a pole’s distance, you have probably heard that an absolutely enormous dataset—containing over 500 million phone numbers—has been made public. These phone numbers have been in the hands of some cybercriminals since 2019 due to a vulnerability in Facebook that...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/06 11:37 a.m.141 views

Research claims Google Pixel phones share 20 times more data than iPhones

If youre an Android phone user, now might be a good time to invest in a good pair of ear plugs. Fans of iPhones arent known for being shy when it comes to telling Android users that Apple products are superior, and things may be about to get worse, thanks to a new research paper pdf. Researchers ...

6.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/05 4:8 p.m.55 views

A week in security (March 29 – April 4)

Last week on Malwarebytes Labs, our podcast featured Malwarebytes senior security researcher JP Taggart, who talked to us about why you need to trust your VPN. You’ve likely heard the benefits of using a VPN: You can watch TV shows restricted to certain countries, you can encrypt your web traffic...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/04/01 7:47 p.m.266 views

Android “System Update” malware steals photos, videos, GPS location

A newly discovered piece of Android malware shares the same capabilities found within many modern stalkerware-type apps—it can swipe images and video, rifle through online searches, record phone calls and video, and peer into GPS location data—but the infrastructure behind the malware obscures it...

Exploits0
Malwarebytes
Malwarebytes
added 2021/04/01 3:43 p.m.243 views

Relax. Internet password books are OK

Passwords are a hot topic on social media at the moment, due to the re-emergence of a discussion about good password management practices. There’s a wealth of password management options available, some more desirable than others. The primary recommendation online is usually a software-based...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/31 12:28 p.m.64 views

The npm netmask vulnerability explained so you can actually understand it

The popular npm netmask library recently encountered a serious problem, explained as follows: The npm netmask package incorrectly evaluates individual ipv4 octets that contain octal strings as left-stripped integers, leading to an inordinate attack surface on hundreds of thousands of projects tha...

6.4CVSS7.5AI score0.16356EPSS
Exploits1
Malwarebytes
Malwarebytes
added 2021/03/30 3:56 p.m.52 views

PYSA, the ransomware attacking schools

The education sector’s cybersecurity problem has compounded in the last few months. A recent warning from the FBI, in mid-March, put schools in the US and UK on notice of increased attacks from the threat actors behind the PYSA ransomware. If this is the first time you’ve heard of this family, re...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/30 2:48 p.m.46 views

Malicious commits found in PHP code repository: What you need to know

You’ve probably heard that PHP’s Git repository was recently compromised, allowing backdoors to be added to the code located there. You may also be wondering what that means, what a supply chain attack is, and how you could be affected. Read on and well lead you though a straightforward descripti...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/29 8:15 p.m.14 views

The one reason your iPhone needs a VPN

For years, Apple has marketed its iPhone as the more secure, more private option when compared to other smart phones, which do not, by default, include an end-to-end encrypted messaging app, warn users repeatedly about app location requests, or provide a privacy-forward Single Sign-On feature. Bu...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/29 5:40 p.m.27 views

5G slicing vulnerability could be used in DoS attacks

The IT security researchers at AdaptiveMobile have called out what looks like an important vulnerability in the architecture of 5G network slicing and virtualized network functions. They warn that the risks, if this fundamental vulnerability in the design of 5G standards had gone undiscovered, ar...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/29 3:10 p.m.152 views

Steam users: Don’t fall for the “I accidentally reported you” scam

Suppose that, out of the blue, a Steam user tells you theyve accidentally reported you for something you didn’t do, like making an illegal purchase, and that your Steam account is going to be suspended. They ask you to message a Steam admin, whose profile they kindly provide, to help you sort out...

Exploits0
Malwarebytes
Malwarebytes
added 2021/03/29 7:10 a.m.46 views

Why you need to trust your VPN: Lock and Code S02E05

This week on Lock and Code, we discuss the top security headlines generated right here on Labs. In addition, we speak to Malwarebytes senior security researcher JP Taggart about the importance of trusting your VPN. Youve likely heard the benefits of using a VPN: You can watch TV shows restricted ...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/26 1:50 p.m.46 views

Don’t post it! Six social media safety sins to say goodbye to

If you or anyone you know is committing the below social media sins, it’s time to change that habit of an online lifetime. Even the most innocuous of things can cause trouble down the line, because everyone’s threat model is different. Unfortunately, people tend to realise what their threat model...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/25 8:52 p.m.52 views

Perkiler malware turns to SMB brute force to spread

Researchers at Guardicore have identified a new infection vector being used by the Perkiler malware where internet-facing Windows machines are breached through SMB password brute force. Perkiler is a complex Windows malware with rootkit components that is dropped by the Purple Fox exploit kit EK...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/25 6:37 p.m.50 views

Slack hurries to fix direct message flaw that allowed harassment

The enormous work messaging platform Slack quickly reversed course yesterday, promising to revise a brand-new direct message feature that could have been misused for harassment. Added to the company’s “Slack Connect” product—which lets enterprise users share messages with contract workers and...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/24 4:1 p.m.160 views

Software renewal scammers unmasked

Weve been tracking a fraudulent scheme involving renewal notifications for several months now. It came to our attention because the Malwarebytes brand as well as other popular names were being used to send fake invoices via email. The concept is simple but effective. You receive an invoice for a...

0.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/23 8:26 p.m.43 views

When contractors attack: two years in jail for vengeful IT admin

An IT contractor working for an IT consultancy company took it upon himself to perform an act of revenge against the firm he worked at, after they complained about his performance. The charge he faced was breaking into the network of a company in Carlsbad, California. And it got him two years in...

0.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/23 6:34 p.m.38 views

The human impact of a Royal Mail phishing scam

Last week, we looked at a Royal Mail themed scam which has very quickly become the weapon of choice for phishers. It’s pretty much everywhere at this point. Even one of my relatives with a semi-mystical ability to never experience a scam ever, received a fake SMS at the weekend. The problem with...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/22 11:30 p.m.127 views

Safe Connections Act could help domestic abuse survivors take control of their digital lives

A bill introduced in the US Senate could help domestic abuse and sex trafficking survivors—including those tracked by stalkerware-type applications—regain digital independence through swift, shared phone plan termination and the extension of mobile phone plan subsidies. Titled the Safe Connection...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/22 9:33 p.m.33 views

How to enable Facebook’s hardware key authentication for iOS and Android

Since 2017 desktop users have had the opportunity to use physical security keys to log in to their Facebook accounts. Now iOS and Android users have the same option too. Physical security keys are a more secure option for two-factor authentication 2FA than SMS which is vulnerable to SIM swap...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/22 11:42 a.m.48 views

Report goes “behind enemy lines” to reveal SilverFish cyber-espionage group

The PRODAFT Threat Intelligence Team has published a report pdf that gives an unusually clear look at the size and structure of organized cybercrime. It uncovered a global cybercrime campaign that uses modern management methods, sophisticated tools—including its own malware testing sandbox—and ha...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/22 10:0 a.m.46 views

A week in security (March 15 – 21)

Last week on Malwarebytes Labs, our podcast featured Adam Kujawa, who talked us through our 2021 State of Malware report. We cover our own research on: Royal mail parcel scam How your iPhone can tell you if you’re being stalked Careers in cybersecurity ProxyLogon PoC whack-a-mole Teen behind 2020...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/20 10:38 a.m.192 views

Resident Evil 8 just the latest game plagued by fake demos and early access scams

There’s been a number of scams targeting fans of major upcoming video game releases over the last week or two. Why is this happening, and what can you do to ensure both you and your children avoid such fakeouts? Preview power: the 80s and 90s Back in the 80s, games reviews were only really found ...

7.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/19 8:40 p.m.48 views

Report reveals the staggering scale of Business Email Compromise losses

Internet crime is ever present, and with the ongoing pandemic, levels of scams and fraud were exceptionally high in 2020. Opportunistic fraudsters didnt give a second thought to riding the COVID-19 wave and preying upon those who are truly in need of help, or those who truly want to help. The...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/18 4:34 p.m.40 views

NFTs explained: daylight robbery on the blockchain

Did you hear about the JPG file that sold for $69 million? I’ll give you some more detail, the JPG file is a piece of digital art made by Mike Winkelmann, the artist known as Beeple. The file was sold on Thursday by Christie’s in an online auction for $69.3 million. This set a record for artwork...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/18 12:1 p.m.50 views

HelloKitty: When Cyberpunk met cy-purr-crime

On February 9, after discovering a compromise, CD Projekt Red CDPR announced to its 1+ million followers on Twitter that it was the victim of a ransomware attack against its systems and made it clear they would not yield to the demands of the threat actors, nor negotiate. Cyberpunk 2077, the late...

Exploits0
Malwarebytes
Malwarebytes
added 2021/03/18 9:11 a.m.42 views

Mother charged with using deepfakes to shame daughter’s cheerleading rivals

A Pennsylvania woman reportedly sent doctored photos and videos of her daughters cheerleader rivals to their coaches, in an attempt to embarrass them and get them kicked off the team. Shes alleged to have used deepfake technology to create photo and video depictions of the girls naked, drinking,...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/17 3:26 p.m.49 views

Apple shines and buffs Mac security—Is it enough to stop today’s malware?

There’s a lot going on in the Mac security world lately. Over the last few months, Apple has ramped up security efforts across its platforms. From an endpoint security framework overhaul of macOS Catalina to phasing out kernel extensions, the tech giant has been battening down the...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/17 11:39 a.m.45 views

FBI warns of increase in PYSA ransomware attacks targeting education

On March 16, the Federal Bureau of Investigation FBI issued a "Flash" alert on PYSA ransomware after an uptick on attacks this month against institutions in the education sector, particularly higher ed, K-12, and seminaries. According to the alert PDF, the United Kingdom and 12 states in the US...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/17 10:0 a.m.54 views

Teen behind 2020 Twitter hack pleads guilty

The so-called “mastermind” behind the 2020 Twitter hack that compromised the accounts of several celebrities and public figures—including President Barack Obama, Bill Gates, and Elon Musk—pleaded guilty to several charges on Tuesday in a Florida court. As part of an agreed-upon plea deal with...

Exploits0
Malwarebytes
Malwarebytes
added 2021/03/16 6:15 p.m.46 views

ProxyLogon PoCs trigger a game of whack-a-mole

As we reported recently, the use of the Microsoft Exchange Server ProxyLogon vulnerabilities has gone from “limited and targeted attacks” to a full-size panic in no time. Criminal activities, ranging in severity from planting crypto-miners to deploying ransomware, and conducted by numerous groups...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/16 5:40 p.m.43 views

Careers in cybersecurity: Malwarebytes talks to teachers and students

Every year, I take part in talks for universities and schools. The theme is often breaking into infosec. I give advice to teens considering pursuing tech as a further area of study. I explain a typical working day for degree undergraduates. Sometimes I’m asked to give examples of conference talks...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/15 10:45 p.m.168 views

How your iPhone could tell you if you’re being stalked

The latest iOS beta suggests that Apple’s next big update will include an iPhone feature that warns users about hidden, physical surveillance of their location. The feature detects AirTags, Apples answer to trackable fobs made by Tile, and serves to block the potential abuse of the much-rumored...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/15 8:2 p.m.59 views

Royal Mail scam says your parcel is waiting for delivery

Expecting a delivery? Watch out for phishing attempts warning of held packages and bogus shipping fees. This Royal Mail delivery scam begins with a text message out of the blue, claiming: Your Royal Mail parcel is waiting for delivery. Please confirm the settlement amount of 2.99 GBP via:...

7AI score
Exploits0
Total number of security vulnerabilities4708