a week in security | Orthology.eu

Malwarebytes Labs August 19, 2019

A week in security (August 12 – 18)

Last week on Malwarebytes Labs, we took a look at the potential pitfalls of facial recognition technology, looked at ways domestic abuse survivors can secure their data, and explored the education threat landscape. We also kicked off a series looking at the Hidden Bee infection chain, and put QxSearch installs under the spotlight. Other cybersecurity news Android malware plays hide and seek: … [Read more...]

Filed Under: a week in security, Android, facebook, Google, password, phish, phishing, roundup, Week in security

Malwarebytes Labs August 12, 2019

A week in security (August 5 – 11)

Last week on Malwarebytes Labs, we explained how brain-machine interface (BMI) technology could usher in a world of Internet of Thoughts, why having backdoors is problematic, and how we can improve the security of our smart homes. To cap off Hacker Summer Camp week, the Labs team released a special ransomware edition of its quarterly cybercrime tactics and techniques report, which you can … [Read more...]

Filed Under: a week in security, APT28, awis, backdoors, bitcoin, bmi, brain-machine interface, chrome incognito, CTNT report, dslr flaw, facebook, Fancy Bear, IBM X-Force Incident Response and Intelligence Services, IRIS, Mark Zuckerberg, messenger kids, phishing, protonmail, ransomware, robocall, robocall scam, sextortion, smart homes, steam, Strontium, weekly blog roundup

Malwarebytes Labs July 29, 2019

A week in security (July 22 – 28)

Last week on Malwarebytes Labs, we offered an extensive analysis into the Malaysian Airlines Flight 17 investigation, updated users on the newest feature set to AdwCleaner 7.4.0 (it now detects pre-installed software), and provided a deep dive into Phobos ransomware. We also broke down the latest privacy cautions regarding the popular app, FaceApp. In addition, we looked at an interesting … [Read more...]

Filed Under: a week in security, AdwCleaner, Amazong, BlueKeep, Cloud Security, Elasticsearch, Electronic Privacy Information Center, FaceApp, facebook, Federal Trade Commission, Flight 17, FTC, Malaysian Airlines, Marcus Hutchins, Office 365, online privacy, parental monitoring, parental monitoring apps, Phobos, pre-installed software, ransomware, Ring doorbell, russia, russian disinformation, stalkerware, US Federal Trade Commission, WannaCry, Week in security

Malwarebytes Labs July 22, 2019

A week in security (July 15 – 21)

Last week on Malwarebytes Labs, we took an extensive look at Sodinokibi, one of the new ransomware strains found in the wild that many believe picked up where GandCrab left off. We also profiled Extenbro, a Trojan that protects adware; reported on the UK’s new Facebook reporting tool, homed in on new Magecart strategies that render them ‘”bulletproof;” identified challenges … [Read more...]

Filed Under: 2fa bypass, a week in security, advanced persistent threat, Android apps, APT, backdoor, BitPaymer ransomware, browser extensions, bulletproof, chrome, cybersecurity education, DataSpii, DDos attack, DoppelPaymer, EvilGnome, Extenbro, FaceApp, facebook, Facebook reporting tool, firefox, generation, Instagram, Ke3chang, Magecart, Media File Jacking, privacy, RingCentral flaw, Sodinokibi, telegram, vital infrastructure, whatsapp, Zhumu flaw, zoom zero-day

Malwarebytes Labs July 15, 2019

A week in security (July 8 – 14)

Last week on Malwarebytes Labs, we looked at ways to send your sensitive information in a secure fashion, examined some tactics in incident response land, and explored federal data privacy law. We also looked at how security tools can turn against you, and took a deep dive into the rather fiendish Soft Cell attack. Other cybersecurity news The UK government backs facial recognition tech: The … [Read more...]

Filed Under: a week in security, agent smith, amazon, amazon prime, amazon prime day 2019, amazon prime phishing, Android, android malware, facial recognition, google home audio, Mac, Malware, pale moon, phishing, privacy, roundup, targeted spear phishing, trickbot, Week in security, whaling, zoom zero-day

Pieter Arntz July 8, 2019

A week in security (July 1 – 7)

Last week on Malwarebytes Labs, we explained what to do when you find stalkerware, how cooperating apps and automatic permissions are setting you up for failure, and why you should steer clear of Bitcoin Cash generators. Other cybersecurity news: A former Chief Information Officer (CIO) of Equifax has been issued a prison sentence for insider trading on the firm’s disastrous data … [Read more...]

Filed Under: a week in security, bitcoin, bitcoin generators, cash generators, china, Equifax, germany, godlua, ironpython, OpenPGP, permissions, ryuk, smart home, stalkerware

Malwarebytes Labs July 1, 2019

A week in security (June 24 – 30)

Last week on Malwarebytes Labs, we peeled back the mystery on an elusive malware campaign that relied on blank JavaScript injections, detailed for readers our latest telemetry on the tricky GreenFlash Sundown exploit, and looked at one of the top campaigns directing traffic toward scareware pages for Microsoft’s Azure Cloud Services. We also doubled down on our commitment—and significantly … [Read more...]

Filed Under: a week in security, atm attacks, atm fraud, atm malware strains, ATM scam, Azure, cryptocurrency scams, facial recognition, fake jquery, greenflas, Internet of Things, IoT, JavaScript, Massachusettes, Microsoft Azure, scareware, Slack, Slack outage, Somerville, spyware, stalkerware, Yandex

Malwarebytes Labs June 24, 2019

A week in security (June 17 – 23)

Last week on the Malwarebytes Labs blog, we took a look at the growing pains of smart cities, took a deep dive into AI, jammed along to Radiohead, and looked at the lessons learned from Chernobyl in relation to critical infrastructure. We also explored a new Steam phish attack, and pulled apart a Mac cryptominer. Other cybersecurity news Florida City falls to ransomware: Riviera Beach City … [Read more...]

Filed Under: a week in security, Android, IoT, Malware, phishing, round up, twitter

Malwarebytes Labs June 17, 2019

A week in security (June 10 – 16)

Last week on Malwarebytes Labs, we revealed to readers the mindset of security pros as to why they lack confidence in their ability to prevent their organizations getting breached. We also reported on Maine Governor Janet Mills implementing the state’s own privacy protections, how Apple can better protect its users’ privacy, the continuous trending of the MegaCortex ransomware, how cyberbullies … [Read more...]

Filed Under: a week in security, ACLU, ad blockers, adware, AI, American Civil Liberties Union, APT, artificial intelligence, breach, CBP, Customs and Border Protection, cyberbullying, disinformation campaign, fishwrap, Google Calendar notification abuse, healthcare security, Maine, MuddyWaters, privacy, PUPs, push notifications, sextortion, trolling, twitter list abuse, VLC

Malwarebytes Labs June 10, 2019

A week in security (June 3 – 9)

Last week on Malwarebytes Labs, we rounded up some leaks and breaches, reported about Magecart skimmers found on Amazon CloudFront CDN, proudly announced we were awarded as Best Cybersecurity Vendor Blog at the annual EU Security Blogger Awards, discussed how Maine inches closer to shutting down ISP pay-for-privacy schemes, asked where our options to disable hyperlink auditing had gone, and … [Read more...]

Filed Under: a week in security, botnet, browsers, china, cryptomining, data leaks, facial recognition, fbi, FTC, Microsoft, vulnerability, web browsers