4658 matches found
Knowing when it’s worth the risk: riskware explained
If there’s one thing I like more than trivia quizzes, it’s quotes. Positive, inspirational, and motivational quotes. Quotes that impart a degree of ancient wisdom, or those that make you stop and consider. Reading them melts our fears, sorrows, and feelings of inadequacy away. Some of the most...
Governments increasingly eye social media meltdown
These are trying times for social networks, with endless reports of harassment and abuse not being tackled and many users leaving platforms forever. The major sites such as Facebook and Twitter do what they can, but sheer userbase volume and erroneous automated feedback leave people cold. Bugs su...
Skimmer acts as payment service provider via rogue iframe
Criminals continue to target online stores to steal payment details from unaware customers at a rapid pace. There are many different ways to go about it, from hacking the shopping site itself, to compromising its supply-chain. A number of online merchants externalize the payment process to a...
A week in security (May 13 – 19)
Last week, Malwarebytes Labs reviewed active and unique exploit kits targeting consumers and businesses alike, reported about a flaw in WhatsApp used to target a human rights lawyer, and wrote about an important Microsoft patch that aimed to prevent a "WannaCry level" attack. We also profiled the...
4 lessons to be learned from the DOE’s DDoS attack
Analysts, researchers, industry professionals, and pundits alike have all posited the dangers of the next-generation “smart grid,” particularly when it comes to cybersecurity. They warn that without the right measures in place, unscrupulous parties could essentially wreak havoc on the bulk of...
Microsoft pushes patch to prevent ‘WannaCry level’ vulnerability
This month marks the two-year anniversary since the infamous WannaCry attack. As an anniversary present to the world, Microsoft has pushed out patches to secure a newly-identified Remote Desktop Protocol RDP vulnerability found in certain Windows operating systems. The potential damage of the...
Threat spotlight: CrySIS, aka Dharma ransomware, causing a crisis for businesses
CrySIS, aka Dharma, is a family of ransomware that has been evolving since 2006. We have noticed that this ransomware has become increasingly active lately, increasing by a margin of 148 percent from February until April 2019. The uptick in detections may be due to CrySIS' effective use of multip...
WhatsApp fix goes live after targeted attack on human rights lawyer
If you use WhatsApp, you’ll want to update both app and device as soon as possible due to a freshly-discovered exploit. The vulnerability was found in Google Android, Apple iOS, and Microsoft Windows Phone builds of the app. Unlike many mobile attacks, potential victims aren’t required to install...
Exploit kits: spring 2019 review
Exploit kit activity remains fairly unchanged since our last winter review in terms of active distribution campaigns. But this spring edition will feature a new exploit kit and another atypical EK, in that it specifically goes after routers. The main driver behind these drive-by download attacks...
A week in security (May 6 – 12)
Last week on Labs, we discussed what to do when you discover a data breach, how 5G could impact cybersecurity strategy, the top six takeaways for user privacy, vulnerabilities in financial mobile apps that put consumers and businesses at risk, and in our series about vital infrastructure, we...
Threats target financial institutions, fintech, and cryptocurrencies
With news of a malware attack on accounting firm Wolters Kluwer causing a "quiet panic" in the accounting world this week, our assertion that financial institutions—from banks to brokers—are part of the vital infrastructure of society has been solidified. According to its website, Wolters Kluwer...
How 5G could impact cybersecurity strategy
With the recent news that South Korea has rolled out the world’s first 5G network, it’s clear that we’re on the precipice of the wireless technology’s widespread launch. Offering speeds anywhere from 20 to 100 times faster than 4G long-term evolution LTE, the next generation of wireless networks...
Vulnerabilities in financial mobile apps put consumers and businesses at risk
Security hubris. It’s the phrase we use to refer to our feeling of confidence grounded on assumptions we all have but may not be aware of or care to admit about cybersecurity—and, at times, privacy. It rears its ugly head when 1 we share the common notion that programmers know how to code securel...
The top six takeaways for user privacy
Last week, Malwarebytes Labs began closing out our data privacy and cybersecurity law blog series, a two-month long exploration spanning five continents, 50 states, just as many data breach notification laws, three non-universal definitions of personal information and personal data, five pending ...
What to do when you discover a data breach
Your cell phone goes off in the middle of your well-deserved sleep and you try to find it before your partner wakes up as well. “What could be wrong? Why would they page me in the middle of the night?” More asleep than awake, you stumble down the stairs and call the number on the screen, which yo...
A week in security (April 29 – May 5)
Last week on Labs we discussed the possible exit scam of dark net market Wall Street Market, how the Electrum DDoS botnet reaches 152,000 infected hosts, we looked at the sophisticated threats plague ailing healthcare industry, a mysterious database that exposed personal information of 80 million...
The top six takeaways for corporate data privacy compliance
For nearly two months, Malwarebytes Labs has led readers on a journey through data privacy laws around the world, exploring the nuances between “personal information” and “personal data,” as well as between data breach notification laws in Florida, Utah, California, and Iowa. We explored the risk...
Cryptojacking in the post-Coinhive era
September 2017 is widely recognized as the month in which the phenomenon that became cryptojacking began. The idea that website owners could monetize their traffic by having visitors mine for cryptocurrencies in their browser was not new, but this time around it became mainstream, thanks to an...
Mozilla urges Apple to make privacy a team sport
We often say cybersecurity is a team sport, but, pending a public advocacy campaign from one major tech developer to another, the same might be true for online privacy. Mozilla is currently getting people around the world to lend their voices toward Apple, asking that the company place some extra...
Mysterious database exposed personal information of 80 million US households
Word has broken of yet another massive data trove exposed for anyone to see. A research team from vpnMentor discovered an exposed 24GB database hosted on a Microsoft cloud server containing the addresses, income levels, and marital statuses of users within 80 million US households. As we’ve seen...
Sophisticated threats plague ailing healthcare industry
The healthcare industry is no longer circling the drain, but it's still in critical condition. While many organizations in healthcare have aimed at or made positive strides toward a more robust cybersecurity and privacy posture, they still have a long way to go. In 2018, healthcare had the highes...
Electrum DDoS botnet reaches 152,000 infected hosts
By Jérôme Segura, Adam Thomas, and S!Ri We have been closely monitoring the situation involving the continued attacks against users of the popular Electrum Bitcoin wallet. Initially, victims were being tricked to download a fraudulent update that stole their cryptocurrencies. Later on, the threat...
Wall Street Market reported to have exit scammed
Around April 20, many users reported that Wall Street Market, a broadly known dark net market, had executed an exit scam, and that any pending orders were unlikely to be completed. Scamming with enterprises involving Bitcoin is not unheard of, and dark net markets with centralized escrow are...
A week in security (April 22 – 28)
Last week on Labs, we looked at security threats to headphones, privacy options in the world of law, and wandered through the FBI’s 2018 IC3 online crime report. We also explored another MageCart attack, and we released our 2019 Q1 Crime Tactics and Techniques report. Other cybersecurity news...
GitHub hosted Magecart skimmer used against hundreds of e-commerce sites
Every day, new e-commerce websites fall into the hands of one of the many Magecart skimmers. Unbeknownst to shoppers, criminals are harvesting their personal information, including payment details in the online equivalent of ATM card skimming. Most often the skimming code—written in JavaScript an...
Labs Cybercrime Tactics and Techniques report finds businesses hit with 235 percent more threats in Q1
The Malwarebytes Labs Cybercrime Tactics and Techniques Q1 2019 report found businesses at the butt end of a bad joke. In just one year, threats aimed at corporate targets have increased by 235 percent, with Trojans, such as Emotet, and ransomware in particular revving up in the first quarter...
A look inside the FBI’s 2018 IC3 online crime report
The FBI’s Internet Crime Complaint Center have released their annual Crime Report, with the most recent release focusing on 2018. While the contents may not surprise, it definitely cements some of the bigger threats to consumers and businesses—and not all of them are particularly high tech...
Consumers have few legal options for protecting privacy
There are no promises in the words, “We care about user privacy.” Yet, these words appear on privacy policy after privacy policy, serving as disingenuous banners to hide potentially invasive corporate practices, including clandestine data collection, sharing, and selling. This is no accident. It ...
Of hoodies and headphones: a spotlight on risks surrounding audio output devices
More than a decade ago, cardiologists from the Beth Israel Medical Center in Boston presented their findings at the American Heart Association AHA Scientific Sessions 2008 about MP3 headphones causing disruptions with heart devices—such as the pacemaker and the implantable cardioverter...
A week in security (April 15 – 21)
Last week, Malwarebytes Labs revealed multiple giveaway online scam campaigns banking on the popularity and generosity of Ellen DeGeneres, weighed in on the hack that compromised legacy Microsoft email service accounts like Hotmail and MSN, explained what “like-farming” means and how to spot it o...
“Funky malware format” found in Ocean Lotus sample
Recently, at the SAS conference I talked about "Funky malware formats"—atypical executable formats used by malware that are only loaded by proprietary loaders. Malware authors use them in order to make static detection more difficult, because custom formats are not recognized as executable by AV...
Explained: like-farming
Like-farming, aka like-harvesting, is a method used by commercial parties and scammers alike to raise the popularity of a site or domain. The ultimate dream of every like-farmer is for his post to go viral by accumulating as many likes and shares as possible from all over the world. Like-farmers...
Malware targeting industrial plants: a threat to physical security
We live in a world where more and more manufacturing processes are controlled by computers that send instructions to robots. This might sound like a safe and efficient way of work, as it rules out human error, but what happens when a threat actor decides to target production servers? Consider the...
Hackers snab emails and more in Microsoft Outlook, Hotmail, and MSN compromise
Long-time users of certain Microsoft products, such as Hotmail, MSN, and Outlook found they may be wrapped up in a hack grabbing snippets of email information, and in some cases, a little bit more. Microsoft email services have been around forever in Internet time. Yet, many users still have a fe...
Electrum Bitcoin wallets under siege
By Adam Thomas and Jérôme Segura, with additional contributions from Vasilios Hioueras and S!Ri Since at least late December 2018, many users of the popular Electrum Bitcoin wallet have fallen victim to a series of phishing attacks, which we estimate netted crooks well over 771 Bitcoins—an amount...
Ellen DeGeneres giveaway scam spreading on social media
Scammers are pushing multiple fake Facebook profiles of Ellen DeGeneres, popular US TV show host and producer, with the goal of tricking people into jumping through a few money-making hoops. This isn’t a sophisticated scam. It isn’t hacking the Gibson. It won’t be the focus of a cutting edge...
A week in security (April 8 – 14)
Last week on Labs, we said hello to Baldr, a new stealer on the market, we wondered who is managing the security of medical management apps, discussed the different perceptions of personal information, and we looked at fake Instagram assistance apps found on Google Play that are stealing password...
Fake Instagram assistance apps found on Google Play are stealing passwords
We all want those Instagram likes and followers. Many apps on Google Play claim they can assist you with that effort. But what if the app that’s supposed to be helping you is also stealing your username and password? As a matter of fact, that’s exactly what we found in three fake Instagram...
What is personal information? In legal terms, it depends
In early March, cybersecurity professionals around the world filled the San Francisco Moscone Convention Center’s sprawling exhibition halls to discuss and learn about everything infosec, from public key encryption to incident response, and from machine learning to domestic abuse. It was RSA...
Who is managing the security of medical management apps?
One truth that is consistent across every sector—be it technology or education—is that software is vulnerable, which means that any device running software applications is also at risk. While virtually any application-running device could be compromised by an attacker, vulnerabilities in medical...
Say hello to Baldr, a new stealer on the market
By William Tsing, Vasilios Hioureas, and Jérôme Segura Over the past few months, we have noticed increased activity and development of new stealers. Unlike many banking Trojans that wait for the victim to log into their bank's website, stealers typically operate in grab-and-go mode. This means th...
A week in security (April 1 – 7)
Last week, Malwarebytes Labs took readers on a brief tour of some of the world's most notable data privacy laws, explored how gamers can protect themselves against cyberthreats, and offered thoughts about the reports that a 23-year-old Chinese woman gained access to President Donald Trump’s...
Was this really an attempt by the Chinese?
Last weekend, during President Trump’s visit to the Mar-a-Lago resort, a 23-year-old Chinese woman attempted to gain access to the Florida resort by lying and bluffing her way in. After some discussion at the gate, she was escorted to the reception of the resort where it was found out that she wa...
How gamers can protect against increasing cyberthreats
A few years ago, cybersecurity scryers predicted that the video gaming industry would be the next big target of cybercriminals. Whether this will come true in the future or not, the average gamer may have little to no idea of what awaits them, much less be prepared for it. In fact, while generall...
The global data privacy roadmap: a question of risk
For most American businesses, complying with US data privacy laws follows a somewhat linear, albeit lengthy, path. Set up a privacy policy, don’t lie to the consumer, and check the specific rules if you’re a health care provider, video streaming company, or kids’ app maker. For American businesse...
Compromising vital infrastructure: water management
It’s probably unnecessary to explain why water management is considered part of our vital infrastructure, but it's a wider field than you might expect—and almost every one of its components can be integral to our survival. We all need clean water to drink. As much as I like my coffee, I can't mak...
A week in security (March 25 – 31)
Last week, we looked at plugin vulnerabilities, location tracking app problems, and talked about plain text password woes. We also looked at federal data privacy regulation and took a deep dive into BatMobi Adware. Other cybersecurity news Poisoned software update headache for ASUS Source: The...
Awakening the beast: BatMobi adware
On February 12, a patron of the Malwarebytes Forum alerted us of an issue with ad redirects that seemed to come out of nowhere. An outcry from other commenters filled the forum thread, all experiencing the same redirects to the same exact websites. Our web protection team traced the offending...
US Congress proposes comprehensive federal data privacy legislation—finally
The United States might be the only country of its size—both in economy and population—to lack a comprehensive data privacy law protecting its citizens’ online lives. That could change this year. Never-ending cybersecurity breaches, recently-enacted international privacy laws, public outrage, and...
Location data leaks from family tracking app database
An app called Family Locator, which allows family members to keep track of one another recently experienced an exposed database issue of the worst kind. Specifically: the MongoDB database was left exposed with no password, like so many other recent infosec tales of woe. The end result is the...