dcsimg
November 20, 2019
November 11, 2019

A week in security (November 4 – November 10)

Last week on Malwarebytes Labs, we announced the launch of Malwarebytes 4.0, tackled data privacy legislation, and explored some of the ways robocalls come gunning for your data and your money. We also laid out the steps involved in popular vendor email compromise attacks. Other cybersecurity news Bug bounty bonanza: Rockstar Games open up their bounty program to include the newly-released Red … [Read more...]

Filed Under: a week in security, awis, cyber, facebook, fake news, Hacking, Mobile, round up, social media, twitter, Week in security
September 24, 2019

15,000 webcams vulnerable to attack: how to protect against webcam hacking

Webcams may have been around for a long time, but that doesn’t mean we know what we’re doing with them. Webcam hacking has been around for equally as long, yet new research from Wizcase indicates that more than 15,000 private, web-connected cameras are exposed and readily accessible to the general public. So forget hacking, cybercriminals can just take a stroll through the Internet and grab … [Read more...]

Filed Under: cam, camera, devices, hackers, Hacking, hub, Internet of Things, IoT, IoT devices, monitor, security by design, vulnerabilities, webcam, webcam hacks
September 13, 2019

Hacking with AWS: incorporating leaky buckets into your OSINT workflow

Penetration testing is often conducted by security researchers to help organizations identify holes in their security and fix them, before cybercriminals have the chance. While there’s no malicious intent for the researcher, part of his job is to think and act like a cybercriminal would when hacking, or attempting to breach, an enterprise network. Therefore, in this article, I will review … [Read more...]

Filed Under: amazon, aws, AWS buckets, data, Hacking, Intel, intelligence gathering, open source intelligence, OSINT, Pen Testing, Penetration Testing, recon, reconnaisance, Researcher's corner, vulnerabilities
September 2, 2019

Cyber attacks and data breaches in review: August 2019

A glance at the numbers this month suggests that cyber criminals, like the rest of us, enjoy their summer holidays. The 114,686,290 breached records is infinitesimal compared to last month’s total and about 10% of the monthly average. However, the figure comes from 95 incidents, which is the biggest total we’ve tracked this year. Plenty of those breaches occurred in Europe, so let’s delve into a … [Read more...]

Filed Under: Breaches and Hacks, computer hacking, data breach, data breach notification, data breaches, GDPR, gdpr awareness, GDPR Breach, hack, hacked, hackers, Hacking
July 12, 2019

Cellular networks under fire from Soft Cell attacks

We place a lot of trust in our mobile experience, given they’re one of the most constant companions we have. Huge reams of data, tied to a device we always carry with us, with said device frequently offering additional built-in app functionality. An astonishing wealth of information, for anyone bold enough to try and take it. Security firm Cybereason uncovered an astonishing attack dubbed … [Read more...]

Filed Under: call detail records, cellular, China Chopper, compromise, domain controller, hack, Hacking, Malware, Mobile, nation-state attack, operation soft cell, Poison Ivy, RATs, VPN servers
June 7, 2019

Video game portrayals of hacking: NITE Team 4

Note: The developers of NITE Team 4 granted the blog author access to the game plus DLC content. A little while ago, an online acquaintance of mine asked if a new video game based on hacking called NITE Team 4 was in any way realistic, or “doable” in terms of the types of hacking it portrayed (accounting for the necessary divergences from how things would work outside of a scripted, plot-goes-here … [Read more...]

Filed Under: Gaming, Hacking, NITE Team 4, press h to hack, videogames
May 21, 2019

Skimmer acts as payment service provider via rogue iframe

Criminals continue to target online stores to steal payment details from unaware customers at a rapid pace. There are many different ways to go about it, from hacking the shopping site itself, to compromising its supply-chain. A number of online merchants externalize the payment process to a payment service provider (PSP) for various reasons, including peace of mind that transactions will be … [Read more...]

Filed Under: credit card, cybercrime, e-commerce, hacked website, Hacking, iframe, Magecart, magento, Malware, phishing, skimmer
May 20, 2019

A week in security (May 13 – 19)

Last week, Malwarebytes Labs reviewed active and unique exploit kits targeting consumers and businesses alike, reported about a flaw in WhatsApp used to target a human rights lawyer, and wrote about an important Microsoft patch that aimed to prevent a “WannaCry level” attack. We also profiled the Dharma ransomware—aka CrySIS—and imparted four lessons from the DDoS attack against the US … [Read more...]

Filed Under: Android, bloatware, breaches, crysis ransomware, DDos attack, dharma, Hacking, healthcare cybersecurity, mds, Meltdown, Microsoft, ransomware, Security world, server vulnerabilities, Spectre, typosquatting, vpn, vulnerabilities, Week in security, whatsapp
April 16, 2019

Hackers snab emails and more in Microsoft Outlook, Hotmail, and MSN compromise

Long-time users of certain Microsoft products, such as Hotmail, MSN, and Outlook found they may be wrapped up in a hack grabbing snippets of email information, and in some cases, a little bit more. Microsoft email services have been around forever in Internet time. Yet, many users still have a few Hotmail accounts rattling around. While most have long since moved on from MSN and Hotmail to Live … [Read more...]

Filed Under: cybercrime, email, Hacking, hotmail, live, Microsoft, ms, msn, Outlook
Next Page »