dcsimg
April 12, 2019

Fake Instagram assistance apps found on Google Play are stealing passwords

We all want those Instagram likes and followers. Many apps on Google Play claim they can assist you with that effort. But what if the app that’s supposed to be helping you is also stealing your username and password?  As a matter of fact, that’s exactly what we found in three fake Instagram assistance apps still available on Google Play at the time of this writing. Moreover, these fake … [Read more...]

Filed Under: android malware, cybercrime, FakeInsta, Google Play, Instagram, Mobile
January 28, 2019

A week in security (January 21 – 27)

Last week on the Malwarebytes Labs blog, we took a look at Modlishka, the latest hurdle in two-factor authentication (2FA), the potential for abuse of push notifications, a malware-phishing combo by the name of CryTekk ransomware, and why we detect PUPs, but enforce the power of users’ choice. We also pushed out the 2019 State of Malware report, which you can readily download here. Other … [Read more...]

Filed Under: 2019 State of Malware report, 2fa, ALPR, android malware, anpr, Ars Technica, Bleeping Computer, crytekk, crytekk ransomware, Dark Reading, fortnight, GDPR, GoDaddy, Help Net Security, KrebsOnSecurity, mitsubishi, modlishka, phishing, recap, Security Week, Security world, TechCrunch, The Wall Street Journal, vishing, voicemail phishing, vulnerability, Week in security, weekly blog roundup, youtube
July 16, 2018

A week in security (July 9 – July 15)

Last week, we talked about domestic abuse fuelled by IoT, doing threat intel programs right, blocking ICO fraud, and man-in-the-middle attacks. We also explained why we block shady ad blockers and provided tips to online shoppers for Prime Day. Other news: Reports revealed that low-end Android devices sold in Egypt, Brazil, South Africa, Myanmar, and other developing markets contain pre-installed … [Read more...]

Filed Under: ad blockers, android malware, crypto mining, data breach, domestic abuse, facebook, ico fraud, mitm, multi-factor authentication, prime day 2018, Security world, Spectre, Threat Intel, Week in security
June 25, 2018

A week in security (June 18 – June 24)

Last week, we took a deep dive into SamSam ransomware, looked at ways how to identify and delete malicious emails, recognized that there are now risks affecting job recruitment portals, analyzed a malicious Android app banking on the popularity of Fortnite, and identified causes and solutions for the skills shortage in cybersecurity. Other news Security researchers pointed a finger at China for … [Read more...]

Filed Under: android malware, android rat, Android spyware, andy android emulator, cybersecurity skills gap, DNS rebinding, Fake Fortnite, insecure web apps, insecure website, malicious spam, mylobot, netflix phish, rat, recruitment portal flaws, SamSam ransomware, Security world, skills shortage, wanna ransomware, wannacry scam, Week in security, world cup phishing