Joaquín Ruiz Security Vulnerabilities

Why you need to trust your VPN: Lock and Code S02E05

This week on Lock and Code, we discuss the top security headlines generated right here on Labs. In addition, we speak to Malwarebytes senior security researcher JP Taggart about the importance of trusting your VPN. You've likely heard the benefits of using a VPN: You can watch TV shows restricted.....

Slack hurries to fix direct message flaw that allowed harassment

The enormous work messaging platform Slack quickly reversed course yesterday, promising to revise a brand-new direct message feature that could have been misused for harassment. Added to the company’s “Slack Connect” product—which lets enterprise users share messages with contract workers and...

Safe Connections Act could help domestic abuse survivors take control of their digital lives

A bill introduced in the US Senate could help domestic abuse and sex trafficking survivors—including those tracked by stalkerware-type applications—regain digital independence through swift, shared phone plan termination and the extension of mobile phone plan subsidies. Titled the Safe Connections....

Teen behind 2020 Twitter hack pleads guilty

The so-called “mastermind” behind the 2020 Twitter hack that compromised the accounts of several celebrities and public figures—including President Barack Obama, Bill Gates, and Elon Musk—pleaded guilty to several charges on Tuesday in a Florida court. As part of an agreed-upon plea deal with...

How your iPhone could tell you if you’re being stalked

The latest iOS beta suggests that Apple’s next big update will include an iPhone feature that warns users about hidden, physical surveillance of their location. The feature detects AirTags, Apple's answer to trackable fobs made by Tile, and serves to block the potential abuse of the much-rumored...

The Malwarebytes 2021 State of Malware report: Lock and Code S02E04

This week on Lock and Code, we discuss the top security headlines generated right here on Labs. In addition, we tune in to a special presentation from Adam Kujawa about the 2021 State of Malware report, which analyzed the top cybercrime goals of 2020 amidst the global pandemic. If you just pay...

TinyCheck: Stalkerware detection that doesn’t leave a trace

In 2019, when Malwarebytes helped found the Coalition Against Stalkerware, which brings together cybersecurity vendors and nonprofits to detect and raise awareness about stalkerware, we encountered a significant roadblock in our fight: For some users, the very detection of these potentially...

Textpattern 4.8.3 - Remote code execution (Authenticated) (2)

...

Textpattern CMS 4.8.3 Remote Code Execution

...

Textpattern 4.8.3 - Remote code execution (Authenticated) (2)

...

21 million free VPN users’ data exposed

Detailed credentials for more than 21 million mobile VPN app users were swiped and advertised for sale online last week, offered by a cyber thief who allegedly stole user data collected by the VPN apps themselves. The data includes email addresses, randomly generated password strings, payment...

Defending online anonymity and speech with Eva Galperin: Lock and Code S02E03

This week on Lock and Code, we discuss the top security headlines generated right here on Labs. In addition, we talk to Eva Galperin, director of cybersecurity for Electronic Frontier Foundation, about the importance of protecting online anonymity and speech. In January, the New York Times...

Mexican Politician Removed Over Alleged Ties to Romanian ATM Skimmer Gang

The leader of Mexico's Green Party has been removed from office following allegations that he received money from a Romanian ATM skimmer gang that stole hundreds of millions of dollars from tourists visiting Mexico's top tourist destinations over the past five years. The scandal is the latest...

Talking Emotet’s takedown with Adam Kujawa: Lock and Code S02E02

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Adam Kujawa, security evangelist and director of Malwarebytes Labs, about Emotet, the former public enemy No. 1 in the cybercrime world. What began in...

Online Marriage Registration System 1.0 Remote Code Execution

...

Online Marriage Registration System (OMRS) 1.0 - Remote code execution (3)

...

Why Data Privacy Day matters: A Lock and Code special with Mozilla, DuckDuckGo, and EFF

You can read our full-length blog here about the importance of Data Privacy Day and data privacy in general Today is a special day, not just because January 28 marks Data Privacy Day in the United States and in several countries across the world, but because it also marks the return of our hit...

Why Data Privacy Day matters

Our Lock and Code special episode on Data Privacy Day, featuring guests from Mozilla, DuckDuckGo, and Electronic Frontier Foundation can be listened to here. Today, January 28, is Data Privacy Day, the annual, multinational event in which governments, companies, and schools can inform the public...

Intel Matrix Storage Event Monitor x86 8.0.0.1039 - (IAANTMON) Unquoted Service Path Vulnerability

...

Intel(R) Matrix Storage Event Monitor x86 8.0.0.1039 - 'IAANTMON' Unquoted Service Path

...

Intel Matrix Storage Event Monitor 8.0.0.1039 Unquoted Service Path

...

The strangest cybersecurity events of 2020: a look back

This year is finally coming to an end, and it only took us about eight consecutive months of March to get here. There is a ton to talk about, and that’s without even discussing the literal global pandemic. You see, 2020's news stories were the pressure-cooker product of mania, chaos, and the...

The most enticing cyberattacks of 2020

_This is part one of a two-part series. To read about the strangest cybersecurity events of 2020, read our second story here. _ In 2020, we experienced a major shift. Much of the world pitched in to limit the spread of the coronavirus, with people changing their daily routines to include a mixture....

Likely lead generation scam targets potential Malwarebytes MSP partners

Recently, Malwarebytes discovered a potential lead generation scam targeting companies that are interested in our Malwarebtyes Managed Service Provider (MSP) Program. In the scam, an individual who used the name “Jenny” aggressively contacted potential MSP partners claiming to represent...

Lock and Code S1Ep21: Lesson planning your school’s cybersecurity with Doug Levin

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Doug Levin, founder of the K12 cybersecurity resource center and advisor to the K12 Security Information Exchange, about how schools can plan for a...

IoT cybersecurity bill passed by Senate

Days before taking a week-long Thanksgiving recess, the US Senate passed an almost mundane cybersecurity bill that, if approved by the President, will improve security guidelines and protocols for Internet of Things (IoT) devices purchased and owned by the Federal government. The bill, called the.....

Lock and Code S1Ep20: Tracking the charities that track you online with Chris Boyd

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Chris Boyd, lead malware intelligence analyst for Malwarebytes, about charity organizations and online ad tracking. Though many might assume that these...

IoT forecast: Running antivirus on your smart device?

In 2016, threat actors pulled off a basic but devastating botnet attack that harnessed the power of the Internet of Things (IoT). After gathering a list of 61 default username and password combinations for IoT devices, threat actors scanned the Internet for open Telnet ports and, when they found a....

Chris Krebs, director of Cybersecurity and Infrastructure Security Agency, fired by President

On Tuesday evening, President Donald Trump fired Chris Krebs, director of the Cybersecurity and Infrastructure Security Agency (CISA), just days after CISA called the recent presidential election the “most secure in American history.” In a tweet posted the same day, the President justified his...

RegretLocker, new ransomware, can encrypt Windows virtual hard disks

Cybersecurity researchers discovered a new ransomware last month called RegretLocker that, despite a no-frills package, can do serious damage to virtual hard disks on Windows machines. Through a clever trick, RegretLocker can bypass the often-long encryption times required when encrypting a...

Lock and Code S1Ep19: Forecasting IoT cybersecurity with John Donovan and Adam Kujawa

This week on Lock and Code, we offer something special for listeners—a backstage pass to a cybersecurity training that we held for employees during Cybersecurity Awareness Month, which ended in October. The topic? The future of cybersecurity for the Internet of Things. Our guests, Chief...

Prop 24 passes in California, will change data privacy law

First-day returns in California showed voters firmly approving to change their state’s current data privacy law—which already guarantees certain privacy protections that many states do not—through the passage of Prop 24. As of the morning of November 4, according to The Sacramento Bee, 56.1...

California’s Prop 24 splits data privacy supporters

California’s data privacy house is divided. On the Golden State’s November ballot this year is the question as to whether to amend California’s barely-two-year-old data privacy law, the California Consumer Privacy Act. Far from the first attempt to change the fledgling law, Proposition 24 sets...

New Emotet delivery method spotted during downward detection trend

Emotet, one of cybersecurity’s most-feared malware threats, got a superficial facelift this week, hiding itself within a fake Microsoft Office request that asks users to update Microsoft Word so that they can take advantage of new features. This revamped presentation could point to internal...

Lock and Code S1Ep18: Finding consumer value in Cybersecurity Awareness Month with Jamie Court

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Jamie Court, president of the non-profit advocacy group Consumer Watchdog, about the consumer value in Cybersecurity Awareness Month. Launched initially...

Lock and Code S1Ep16: Investigating digital vulnerabilities with Samy Kamkar

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Samy Kamkar, chief security officer and co-founder of Open Path, about the digital vulnerabilities in our physical world. If you look through a recent...

Lock and Code S1Ep15: Safely using Google Chrome Extensions with Pieter Arntz

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Pieter Arntz, malware intelligence researcher for Malwarebytes, about Google Chrome extensions. These sometimes helpful online tools that work directly...

SMB cybersecurity posture weakened by COVID-19, Labs report finds

In August, Malwarebytes Labs analyzed the damage caused by COVID-19 to business cybersecurity. Because of immediate, mandated transitions to working from home (WFH), businesses across the United States suffered more data breaches, lost more dollars, and increased their overall attack surfaces, all....

Lock and Code S1Ep14: Uncovering security hubris with Adam Kujawa

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Adam Kujawa, security evangelist and director of Malwarebytes Labs, about "security hubris," the simple phenomenon in which businesses are less secure...

The cybersecurity skills gap is misunderstood

Nearly every year, a trade association, a university, an independent researcher, or a large corporation—and sometimes all of them and many in between—push out the latest research on the cybersecurity skills gap, the now-decade-plus-old idea that the global economy lacks a growing number of...

(0Day) Horde Groupware Webmail Edition Horde last_logintasks Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Horde Groupware Webmail Edition. Authentication is required to exploit this vulnerability. The specific flaw exists within Horde.php. When parsing the last_logintasks parameter, the process does not...

(0Day) Horde Groupware Webmail Edition Remote Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Horde Groupware Webmail Edition. Authentication is required to exploit this vulnerability. The specific flaw exists within Remote.php. When parsing the remote parameter, the process does not properly.....

(0Day) Horde Groupware Webmail Edition Sort sortpref Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Horde Groupware Webmail Edition. Authentication is required to exploit this vulnerability. The specific flaw exists within Sort.php. When parsing the sortpref parameter, the process does not properly.....

(0Day) Horde Groupware Webmail Edition Kronolith show_time Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Horde Groupware Webmail Edition. Authentication is required to exploit this vulnerability. The specific flaw exists within Kronolith.php. When parsing the show_time parameter, the process does not...

(0Day) Horde Groupware Webmail Edition Prefs sync_lists Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Horde Groupware Webmail Edition. Authentication is required to exploit this vulnerability. The specific flaw exists within prefs.php. When parsing the sync_lists parameter, the process does not...

(0Day) Horde Groupware Webmail Edition Event event_alarms Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Horde Groupware Webmail Edition. Authentication is required to exploit this vulnerability. The specific flaw exists within Event.php. When parsing the event_alarms parameter, the process does not...

(0Day) Horde Groupware Webmail Edition prefs sync_calendars Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Horde Groupware Webmail Edition. Authentication is required to exploit this vulnerability. The specific flaw exists within prefs.php. When parsing the sync_calendars parameter, the process does not...

(0Day) Horde Groupware Webmail Edition prefs sync_calendars Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Horde Groupware Webmail Edition. Authentication is required to exploit this vulnerability. The specific flaw exists within prefs.php. When parsing the sync_calendars parameter, the process does not...

(0Day) Horde Groupware Webmail Edition prefs sync_notepads Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Horde Groupware Webmail Edition. Authentication is required to exploit this vulnerability. The specific flaw exists within prefs.php. When parsing the sync_notepads parameter, the process does not...

(0Day) Horde Groupware Webmail Edition remote_unsubscribe remote_cals Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Horde Groupware Webmail Edition. Authentication is required to exploit this vulnerability. The specific flaw exists within remote_unsubscribe.php. When parsing the remote_cals parameter, the process...