dcsimg

Hat trick for Google as it patches two more zero-days in Chrome

Slightly over a week ago we advised you to update your Chrome browser. That warning came only a week or so after we advised you to update your Chrome browser. Things are getting a bit repetitive round here. Today, we are compelled to repeat that statement as Google has issued patches for two new zero-day vulnerabilities. Someone tipped Google off about them, although the source(s) wish to … [Read more...]

A week in security (September 12 – September 18)

Last week on Malwarebytes Labs, we looked at journalism’s role in cybersecurity on our Lock and Code podcast, gave tips for safer shopping on Amazon Prime day, and discussed an APT attack springing into life as Academia returned to the real and virtual campus environment. We also dug into potential FIFA 21 scams, the return of QR code scams, Covid fatigue, and the absence of Deepfakes from … [Read more...]

Stalkerware advertising ban by Google a welcome, if incomplete, step

On Friday, July 10, Google announced it would no longer allow advertising for spyware and similar surveillance technology—often referred to as “stalkerware”—on its platform. The change is a welcome step by one of the largest, most powerful companies in online advertising, but a close read of the policy reveals a potential loophole that could allow stalkerware-type app makers to still advertise … [Read more...]

A week in security (June 22 – 28)

Last week on Malwarebytes Labs, we provided a zero-day guide for 2020 featuring recent attacks and advanced preventive techniques, and we learned how to cough in the face of scammers, offering security tips for the 2020 tax season. We also looked at a web skimmer hiding within EXIF metadata that was exfiltrating credit cards via image files. In the most recent episode of our podcast Lock and … [Read more...]

The passwordless present: Will biometrics replace passwords forever?

When it comes to securing your sensitive, personally identifiable information against criminals who can engineer countless ways to snatch it from under your nose, experts have long recommended the use of strong, complex passwords. Using long passphrases with combinations of numbers, letters, and symbols that cannot be easily guessed has been the de facto security guidance for more than 20 years. … [Read more...]

Mass surveillance alone will not save us from coronavirus

As the pattern-shattering truth of our new lives drains heavy—as coronavirus rends routines, raids our wellbeing, and whiplashes us between anxiety and fear—we should not look to mass digital surveillance to bring us back to normal. Already, governments have cast vast digital nets. South Koreans are tracked through GPS location history, credit card transactions, and surveillance camera … [Read more...]

GDPR: An impact around the world

A little more than one month after the European Union enacted the General Data Protection Regulation (GDPR) to extend new data privacy rights to its people, the governor of California signed a separate, sweeping data protection law that borrowed several ideas from GDPR, sparking a torch in a legislative data privacy trend that has now spanned at least 10 countries. In Chile, lawmakers are … [Read more...]

Google Maps: online interventions with offline ramifications

The places where online life directly intersection with that lived offline will be forever fascinating, illustrated perfectly through a recent performance piece involving Google Maps, a cart, and an awful lot of mobile phones. Simon Weckert, an artist based in Berlin, Germany, showed how a little ingenuity could work magic on the ubiquitous Google Maps system. Turns out Google hadn’t accounted for … [Read more...]

A week in security (January 20 – 26)

Last week on Malwarebytes Labs, we reported on a Ryuk ransomware attack on The Tampa Bay Times, a newspaper in Florida; unmasked an elaborate browser locking scheme behind the more advanced tech support operations that are currently active; and looked at the latest laws on regulating deepfakes. Other cybersecurity news Cisco’s Talos Intelligence Group discovered a new data stealer and … [Read more...]

Google aims to banish third-party cookies within the next two years

Google, the Internet giant that serves more than 87% of worldwide web users, has given further details on its Privacy Sandbox initiative. Announced in August 2019, Privacy Sandbox aims to strengthen users’ online privacy, while protecting online publishers and advertisers. Google now says it wants to phase out support of third-party cookies within the next two years.   What is Privacy … [Read more...]