Malwarebytes Labs | | Orthology.eu

Malwarebytes Labs December 9, 2019

A week in security (December 2 – December 8)

Last week on Malwarebytes Labs, we took a look at a new version of the IcedID Trojan, described web skimmers up to no good, and took a deep dive into containerization. We also explored a report bringing bad news for organizations and insider threats, and threw a spotlight on a video game phish attack. Other cybersecurity news Delivery firm runs into trouble: A security researcher was able to pull … [Read more...]

Filed Under: a week in security, amazon, bank, buckets, phish, Week in security, weekly roundup, xmas

Malwarebytes Labs December 2, 2019

A week in security (November 25 – December 1)

Last week on Malwarebytes Labs, we discussed why the notion of “data as property” may potentially hurt more than help, homed in on sextortion scammers getting more creative, and explored the possible security risks Americans might face if the US changed to universal healthcare coverage. Other cybersecurity news The country of Venezuela turns to cybercrime as their economy … [Read more...]

Filed Under: a week in security, ad blockers, awis, data as property, dexphot, energy sector security issues, iphone phishing, iphone phishing scam, nursing home ransomware, sextortion scammers, trickbot, universal healthcare security, venezuela cybercrime

Malwarebytes Labs November 25, 2019

A week in security (November 18 – 24)

Last week on Malwarebytes Labs, we looked at stalkerware’s legal enforcement problem, announced our cooperation with other security vendors and advocacy groups to launch Coalition Against Stalkerware, published our fall 2019 review of exploit kits, looked at how Deepfake on LinkedIn makes for malign interference campaigns, rounded up our knowledge about the Disney+ security and service issues, … [Read more...]

Filed Under: a week in security, Coalition Against Stalkerware, data leaks, deepfake, Disney+, exploit kits, IoT, juice jacking, LinkedIn, ransomware, stalkerware, web skimmer

Malwarebytes Labs November 20, 2019

Disney+ security and service issues: Here’s what we know so far

The long wait is over. Disney+, the new video-streaming service to rival Netflix and Amazon Prime, debuted last week to much fanfare, racking up 10 million subscribers within a single day of launch. Unfortunately, it wasn’t the kind of splash the majority of users predicted, as they were met with connection and performance issues out the gate—soon to be followed by reports of hacked accounts … [Read more...]

Filed Under: 2fa, account compromise, amazon prime, Disney Plus, Disney+, Disney+ hacked, Hacking, Hulu, netflix, password manager, password sharing, two-factor authentication, Walt Disney, ZDNet

Malwarebytes Labs November 18, 2019

A week in security (November 11 – 17)

Last week on Malwarebytes Labs, we offered statistics and information on a sneaky new Trojan malware for Android, inspected a bevy of current Facebook scams, and explained the importance of securing food and agriculture infrastructure. We also released our latest report on cybercrime tactics and techniques, offering new telemetry about the many cybersecurity threats facing the healthcare … [Read more...]

Filed Under: a week in security, CTNT, cybercrime tactics & techniques, cybercrime tactics and techniques, cybersecurity, infrastructure, Orcus RAT, password, Proofpoint, security, Trojans

Malwarebytes Labs November 11, 2019

A week in security (November 4 – November 10)

Last week on Malwarebytes Labs, we announced the launch of Malwarebytes 4.0, tackled data privacy legislation, and explored some of the ways robocalls come gunning for your data and your money. We also laid out the steps involved in popular vendor email compromise attacks. Other cybersecurity news Bug bounty bonanza: Rockstar Games open up their bounty program to include the newly-released Red … [Read more...]

Filed Under: a week in security, awis, cyber, facebook, fake news, Hacking, Mobile, round up, social media, twitter, Week in security

Malwarebytes Labs November 4, 2019

A week in security (October 28 – November 3)

Last week on Malwarebytes Labs, we celebrated the birth of the Internet 50 years ago, highlighted reports about the US Federal Trade Commission (FTC) filing a case against stalkerware developer Retina-X, issued a PSI on disaster donation scams, looked at the top cybersecurity challenged SMBs face, and provided guidance to journalists on how they can defend themselves against threat … [Read more...]

Filed Under: a week in security, Adobe Creative Cloud, advanced persistent threats, American Cancer Society, Android, APT, blogger, cybersecurity challenges, data breach, disaster donation scam, emoji app, esports, Fancy Bear, fraud, FTC, Gafgyt, internet, journalists, MaaS, Magecart, Malware-as-a-Service, MessageTap, Nuclear Power Corp of India, Raccoon, Retina-X, sextortion, SMB, stalkerware, US Federal Trade Commission, wordpress

Malwarebytes Labs October 28, 2019

A week in security (October 21 – 27)

Last week on Malwarebytes Labs, we explored a link between Magecart Group 5 and the Carbanak APT, we discussed the growing rate of robocalls threatening user privacy, and we tipped you off on how to protect yourself from doxing. We were glad to see the BBC raise awareness about stalkerware, much like we did a few weeks ago. Other cybersecurity news NordVPN, a popular virtual private … [Read more...]

Filed Under: avast, ccleaner, doxing, edps, Magecart, NordVPN, privacy protection, robocalls, SQL Server, stalkerware, Week in security

Malwarebytes Labs October 21, 2019

A week in security (October 14 – 20)

Last week on Malwarebytes Labs, we tried to unlock the future of the password (its vulnerabilities, current alternatives, and possible future disappearance), analyzed the lagging response by many businesses in adopting a patch for Pulse VPN vulnerability, looked at Instagram’s bulked-up security against phishing emails scams, and were reminded that ransomware remains a dominant threat facing … [Read more...]

Filed Under: a week in security, amazon, dark web, domestic abuse, domestic abuse survivor, domestic abuse survivors, domestic violence, facebook, facial recognition, Instagram, jackpot, jackpotting, kindle, Mark Zuckerberg, national cybersecurity awareness month, National domestic violence awareness month, Oracle, password, passwords, phish, phishing, phishing scam, ransomware, tor, Tor browser, US Customs and Border Enforcement, vpn, vulnerabilities, vulnerability

Malwarebytes Labs October 14, 2019

Europol: Ransomware remains top threat in IOCTA report

The European Union Agency for Law Enforcement Cooperation, or Europol, just released its annual Internet Organized Crime Threat Assessment (IOCTA) report for the year. And we weren’t surprised to find that ransomware, despite its palpable decline in volume these past few months—a trend we’ve also seen and documented—remains the most prominent threat in terms of prevalence and financial … [Read more...]

Filed Under: Awareness, bec, Business Email Compromise, child sexual exploitation, cse, ddos, europol, fraud, internet organized crime threat assessment, iocta, phishing, ransomware, spear phishing

A week in security (December 2 – December 8)

A week in security (November 25 – December 1)

A week in security (November 18 – 24)

A week in security (November 11 – 17)

A week in security (October 28 – November 3)

A week in security (October 21 – 27)

A week in security (October 14 – 20)

Europol: Ransomware remains top threat in IOCTA report

SEARCH

RECENT POSTS

Archives

DISCLAIMER