dcsimg

Adware and PUPs families add push notifications as an attack vector

Some existing families of potentially unwanted programs and adware have added browser push notifications to their weapons arsenal. Offering themselves up as browser extensions on Chrome and Firefox, these threats pose as useful plugins then haggle users with notifications. A family of search hijackers The first I would like to discuss is a large family of Chrome extensions that were already … [Read more...]

Maine inches closer to shutting down ISP pay-for-privacy schemes

Maine residents are one step closer to being protected from the unapproved use, sharing, and sale of their data by Internet service providers (ISPs). A new state bill, already approved by the state House of Representatives and Senate, awaits the governor’s signature. If signed, the bill would provide some of the strongest data privacy protections in the United States, putting a latch on … [Read more...]

NIST’s privacy framework lets privacy tell its own story

Online privacy remains unsolved. Congress prods at it, some companies fumble with it (while a small handful excel), and the public demands it. But one government agency is trying to bring everyone together to fix it. As the Senate sits on no fewer than four data privacy bills that their own members wrote—with no plans to vote on any—and as the world’s largest social media company braces for an … [Read more...]

Governments increasingly eye social media meltdown

These are trying times for social networks, with endless reports of harassment and abuse not being tackled and many users leaving platforms forever. The major sites such as Facebook and Twitter do what they can, but sheer userbase volume and erroneous automated feedback leave people cold. Bugs such as potentially sharing location data when users enable it alongside other accounts on the same phone … [Read more...]

The top six takeaways for user privacy

Last week, Malwarebytes Labs began closing out our data privacy and cybersecurity law blog series, a two-month long exploration spanning five continents, 50 states, just as many data breach notification laws, three non-universal definitions of personal information and personal data, five pending US data protection laws, and one hypothetical startup’s efforts to just make sense of it all. We … [Read more...]

A week in security (April 29 – May 5)

Last week on Labs we discussed the possible exit scam of dark net market Wall Street Market, how the Electrum DDoS botnet reaches 152,000 infected hosts, we looked at the sophisticated threats plague ailing healthcare industry, a mysterious database that exposed personal information of 80 million US households, how Mozilla urges Apple to make privacy a team sport, the state of cryptojacking in the … [Read more...]

Ireland’s DPC investigates Facebook over password breach

Ireland’s DPC (Data Protection Commission) has launched a statutory inquiry into Facebook following the disclosure of a data breach affecting millions of users.  The social media giant announced in March that a routine security review at the beginning of the year found millions of user passwords stored in plaintext on … [Read more...]

Explained: like-farming

Like-farming, aka like-harvesting, is a method used by commercial parties and scammers alike to raise the popularity of a site or domain. The ultimate dream of every like-farmer is for his post to go viral by accumulating as many likes and shares as possible from all over the world. Like-farmers rely on near-instinctual reactions from users by exploiting hot-button topics such as child rearing … [Read more...]

Ellen DeGeneres giveaway scam spreading on social media

Scammers are pushing multiple fake Facebook profiles of Ellen DeGeneres, popular US TV show host and producer, with the goal of tricking people into jumping through a few money-making hoops. This isn’t a sophisticated scam. It isn’t hacking the Gibson. It won’t be the focus of a cutting edge infosec talk. However, it’s certainly doing some damage—up to a point. This scam is a victim of its … [Read more...]