Malwarebytes Labs | | Orthology.eu

Malwarebytes Labs September 23, 2020

Phishers spoof reliable cybersecurity training company to garner clicks

“It happens to the best of us.” And, indeed, no adage is better suited to a phishing campaign that recently made headlines. Fraudsters used the brand, KnowBe4—a trusted cybersecurity company that offers security awareness training for organizations—to gain recipients’ trust, their Microsoft Outlook credentials, and other personally identifiable information (PII). This is … [Read more...]

Filed Under: Cofense, cybersecurity training, KnowBe4, phishing, phishing scam, rat, remote access Trojan, scams

Malwarebytes Labs September 21, 2020

A week in security (September 14 – 20)

Last week on Malwarebytes Labs, we looked at Fintech industry developments, specifically the differences between Europe and the US, and we analyzed how some charities and the advertising industry are tied together. We also told readers about what companies can do to counter domain name abuse. In our Lock and Code podcast we talked to Pieter Arntz about safely using Google Chrome … [Read more...]

Filed Under: a week in security, apt41, blurtooth, charities, Chinese, chrome extensions, danny palmer, DDos attack, domain name abuse, fintech, ransomware, tax scam, us department of the interior, web-phishing, zerologon

Malwarebytes Labs September 14, 2020

Lock and Code S1Ep15: Safely using Google Chrome Extensions with Pieter Arntz

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Pieter Arntz, malware intelligence researcher for Malwarebytes, about Google Chrome extensions. These sometimes helpful online tools that work directly with the Google Chrome browser can pull off a variety of tricks—checking your grammar, scouring the … [Read more...]

Filed Under: advanced persistent threats, APT, Center for Public Health Research, Charming Kitten, covid-19, data breach, ddos, DDos attack, distributed denial of service attack, election interference, elections, Lugar Centre, malvertising, Netflix scam, pandemic, podcast

Malwarebytes Labs September 10, 2020

Report: Pandemic caused significant shift in buyer appetite in the dark web

Last year, credentials for PayPal, Facebook, and Airbnb were among the top goods on high demand in the dark web, aka the Internet’s underground market. But due to the COVID-19 outbreak, with most of the worldwide population sheltering, working, and studying indoors, many facets of life have made a full 180-degree turn—including the criminal world. Almost everything we do is not how we … [Read more...]

Filed Under: 2fa, airbnb, Cash App, covid-19, cybercrime, dark web, Dark Web Market Price Index 2020: Covid-19 Edition, Disney+, facebook, Fitbit, haveibeenpwned, Headspace, Instacart, MasterClass, netflix, OnlyFans, pandemic, password manager, PayPal, Peloton, SIM jacking, SIM swapping, Simon Migliano, Spotify, Top10VPN, Verizon, Wowcher, YouTube Premium

Malwarebytes Labs September 7, 2020

A week in security (August 31 – September 6)

Last week on Malwarebytes Labs, we dug into security hubris on the Lock and Code podcast, explored ways in which Apple’s notarization process may not be hitting all the right notes, and detailed a new web skimmer. We also explained how to keep distance learners secure, talked about PCI DSS compliance, and revealed that SMB security posture is weakened by COVID-19. Other cybersecurity … [Read more...]

Filed Under: a week in security, facebook, Malware, phish, round up, scam, security, tiktok, Week in security

Malwarebytes Labs August 31, 2020

Lock and Code S1Ep14: Uncovering security hubris with Adam Kujawa

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Adam Kujawa, security evangelist and director of Malwarebytes Labs, about “security hubris,” the simple phenomenon in which businesses are less secure than they actually believe. Ask yourself, right now, on a scale from one to ten, how … [Read more...]

Filed Under: enduring from home, lock and code, lock and code podcast, podcast, security hubris

Malwarebytes Labs August 24, 2020

A week in security (August 17 – 23)

Last week on Malwarebytes Labs, we looked at the impact of COVID-19 on healthcare cybersecurity, dug into some pandemic stats in terms of how workforces coped with going remote, and served up a crash course on malware detection. Our most recent Lock and Code podcast explored the safety of parental monitoring apps. Other cybersecurity news Under lock and key: Researchers showed how the sound … [Read more...]

Filed Under: a week in security, awis, call, covid-19, enduring from home, Gaming, healthcare, healthcare cybersecurity, locks, Malware, Malwarebytes news, phish, phishing, phone, scam, security roundup

Malwarebytes Labs August 20, 2020

20 percent of organizations experienced breach due to remote worker, Labs report reveals

It is no surprise that moving to a fully remote work environment due to COVID-19 would cause a number of changes in organizations’ approaches to cybersecurity. What has been surprising, however, are some of the unanticipated shifts in employee habits and how they have impacted the security posture of businesses large and small. Our latest Malwarebytes Labs report, Enduring from Home: … [Read more...]

Filed Under: cybersecurity awareness, enduring from home, labs report, malwarebytes labs, remote work, remote workers, Reports, secure remote workers

Malwarebytes Labs August 17, 2020

Lock and Code S1Ep13: Monitoring the safety of parental monitoring apps with Emory Roane

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Emory Roane, policy counsel at Privacy Rights Clearinghouse, about parental monitoring apps. These tools offer parents the capabilities to spot where their children go, read what their kids read, and prevent them from, for instance, visiting websites … [Read more...]

Filed Under: Chrome Extension, covid-19 scams, defcon, HBO phishing, HBO scam, Instacart, Instacart breach, Intel, Intel leak, lock & code, lock and code, lock and code podcast, malwarebytes labs podcast, malwarebytes podcast, Netflix phishing, Netflix scam, phishing, phishing scam, podcast, SBA scam, scam, spying apps, stalkerware, tiktok, Twitch phishing, Twitch scam, vulnerabilities, YouTube phishing, YouTube scam, ziggo, zoom, Zoom vulnerabilities

Malwarebytes Labs August 11, 2020

The skinny on the Instacart breach

The COVID-19 outbreak has affected many facets of our lives—from how we visit our families, socialize with friends, meet with colleagues, to how we should be conducting ourselves outside of our homes. Ideally, a few meters apart from everyone else and with a mask on. These—on top of imposed lockdowns—have pushed most people to stay indoors, pushing them to do almost everything they want to do … [Read more...]

Filed Under: credential stuffing, Hacking, Instacart bad security, Instacart breach, Instacart credential stuffing, Instacart security, Password reuse