dcsimg
March 25, 2020

Criminals hack Tupperware website with credit card skimmer

On March 20, Malwarebytes identified a targeted cyberattack against household brand Tupperware and its associated websites that is still active today. We attempted to alert Tupperware immediately after our discovery, but none of our calls or emails were answered. Threat actors compromised the official tupperware[.]com site—which averages close to 1 million monthly visits—as well as a few of its … [Read more...]

Filed Under: credit card, Hacking, Magecart, skimmer, skimming, steganography, tupperware
March 5, 2020

Technology and the power of moral panic

Moral panic is a fascinating topic, and often finds itself tied up in the cutting edge-technology of the times once it works its way into the hands of younger generations. Music, games, movies—pretty much anything you can think of is liable to gatecrash the “won’t somebody think of the children?” party no matter how well-meaning or patently silly it is. Last month, a poster was making the rounds … [Read more...]

Filed Under: Awareness, computer games, cyber, discord, elvis, Hacking, kali, Linux, moral panic, poster, video games, virtual machine
February 14, 2020

Misleading cybersecurity lessons from pop culture: how Hollywood teaches to hack

In pop culture, cybercrimes are often portrayed as mysterious and unrealistic. Hackers are enigmatic and have extraordinary tech abilities. They can discover top secrets in a short time and type at breakneck speed to hack into a database. In real life, though, hacking is not that straightforward. Hackers may have technical capabilities and high intelligence, but they are otherwise normal human … [Read more...]

Filed Under: Awareness, black hats, cybercrime, cybercrime in the movies, cybercrime on TV, cybersecurity, cybersecurity awareness, hack, hackers, Hacking, hacking movies, hacking TV shows, Hollywood, jurassic park, mr. robot, NCIS, pop culture, swordfish, the flash, the matrix, white hats
January 30, 2020

Securing the MSP: their own worst enemy

We’ve previously discussed threats to managed service providers (MSPs), covering their status as a valuable secondary target to both an assortment of APT groups as well as financially motivated threat groups. The problem with covering new and novel attack vectors, however, is that behind each new vector is typically a system left unpatched, asset management undone, a security officer not … [Read more...]

Filed Under: advanced persistent threat, advanced persistent threats, APT, breach, credential management, credentials, data breach, Hacking, managed service provider, MSP, msps, Opinion, phishing
November 20, 2019
November 11, 2019

A week in security (November 4 – November 10)

Last week on Malwarebytes Labs, we announced the launch of Malwarebytes 4.0, tackled data privacy legislation, and explored some of the ways robocalls come gunning for your data and your money. We also laid out the steps involved in popular vendor email compromise attacks. Other cybersecurity news Bug bounty bonanza: Rockstar Games open up their bounty program to include the newly-released Red … [Read more...]

Filed Under: a week in security, awis, cyber, facebook, fake news, Hacking, Mobile, round up, social media, twitter, Week in security
September 24, 2019

15,000 webcams vulnerable to attack: how to protect against webcam hacking

Webcams may have been around for a long time, but that doesn’t mean we know what we’re doing with them. Webcam hacking has been around for equally as long, yet new research from Wizcase indicates that more than 15,000 private, web-connected cameras are exposed and readily accessible to the general public. So forget hacking, cybercriminals can just take a stroll through the Internet and grab … [Read more...]

Filed Under: cam, camera, devices, hackers, Hacking, hub, Internet of Things, IoT, IoT devices, monitor, security by design, vulnerabilities, webcam, webcam hacks
September 13, 2019

Hacking with AWS: incorporating leaky buckets into your OSINT workflow

Penetration testing is often conducted by security researchers to help organizations identify holes in their security and fix them, before cybercriminals have the chance. While there’s no malicious intent for the researcher, part of his job is to think and act like a cybercriminal would when hacking, or attempting to breach, an enterprise network. Therefore, in this article, I will review … [Read more...]

Filed Under: amazon, aws, AWS buckets, data, Hacking, Intel, intelligence gathering, open source intelligence, OSINT, Pen Testing, Penetration Testing, recon, reconnaisance, Researcher's corner, vulnerabilities
September 2, 2019

Cyber attacks and data breaches in review: August 2019

A glance at the numbers this month suggests that cyber criminals, like the rest of us, enjoy their summer holidays. The 114,686,290 breached records is infinitesimal compared to last month’s total and about 10% of the monthly average. However, the figure comes from 95 incidents, which is the biggest total we’ve tracked this year. Plenty of those breaches occurred in Europe, so let’s delve into a … [Read more...]

Filed Under: Breaches and Hacks, computer hacking, data breach, data breach notification, data breaches, GDPR, gdpr awareness, GDPR Breach, hack, hacked, hackers, Hacking
July 12, 2019

Cellular networks under fire from Soft Cell attacks

We place a lot of trust in our mobile experience, given they’re one of the most constant companions we have. Huge reams of data, tied to a device we always carry with us, with said device frequently offering additional built-in app functionality. An astonishing wealth of information, for anyone bold enough to try and take it. Security firm Cybereason uncovered an astonishing attack dubbed … [Read more...]

Filed Under: call detail records, cellular, China Chopper, compromise, domain controller, hack, Hacking, Malware, Mobile, nation-state attack, operation soft cell, Poison Ivy, RATs, VPN servers
Next Page »