dcsimg
July 27, 2020

A week in security (July 20 – 26)

Last week on Malwarebytes Labs, our Lock and Code podcast delved into Bluetooth and beacon technology. We also dug into APT groups targeting India and Hong Kong, covered a law enforcement bust, and tried to figure out when, exactly, a Deepfake is a Deepfake. Other cybersecurity news Insecure email addresses resulted in big-bucks sporting targets (Source: Silicon)What do you do when a lack of … [Read more...]

Filed Under: a week in security, advanced persistent threats, Android, android malware, APT, atm attacks, awis, bitcoin, Bitcoin hack, blackrock, blog recap, cybersecurity violations, deepfakes, hong kong, india, jackpotting, phishing, ransomware, scams, stolen data, twitter, weekly blog roundup, YouTube scams
October 21, 2019

A week in security (October 14 – 20)

Last week on Malwarebytes Labs, we tried to unlock the future of the password (its vulnerabilities, current alternatives, and possible future disappearance), analyzed the lagging response by many businesses in adopting a patch for Pulse VPN vulnerability, looked at Instagram’s bulked-up security against phishing emails scams, and were reminded that ransomware remains a dominant threat facing … [Read more...]

Filed Under: a week in security, amazon, dark web, domestic abuse, domestic abuse survivor, domestic abuse survivors, domestic violence, facebook, facial recognition, Instagram, jackpot, jackpotting, kindle, Mark Zuckerberg, national cybersecurity awareness month, National domestic violence awareness month, Oracle, password, passwords, phish, phishing, phishing scam, ransomware, tor, Tor browser, US Customs and Border Enforcement, vpn, vulnerabilities, vulnerability
August 2, 2019

Everything you need to know about ATM attacks and fraud: part 2

This is the second and final installment of our two-part series on automated teller machine (ATM) attacks and fraud. In part 1, we identified the reasons why ATMs are vulnerable—from inherent weaknesses of its frame to its software—and delved deep into two of the four kinds of attacks against them: terminal tampering and physical attacks. Terminal tampering has many types, but it involves … [Read more...]

Filed Under: 101, ALICE, anunak, assistance fraud, atm attacks, atm cash-out attacks, atm fraud, atm malware, barnaby jack, black box attacks, blog series, c0decalc, carbanak, cutlet maker, daniel regalado, defrauding the elderly, distraction fraud, eavesdropping, extensions for financial services, greendispenser, jackpotting, logical attacks, malware-based attack, padpin, ploutus, sdelete, secure delete, shoulder surfing, social engineering attacks, stimulator, suceful, tyupkin, xfs middleware
February 9, 2018

Bank robbers 2.0: digital thievery and stolen cryptocoins

Imagine running down the street (and away from law enforcement) with 2,000 pounds of gold bars. Or 1,450 pounds in $100 bills. With both of these physical currencies amounting to roughly US$64 million, you’d be making quite a steal…if you could get away with it. That’s exactly what the next generation of thieves—bank robbers 2.0—did in December 2017, when they stole more than $60 … [Read more...]

Filed Under: bak, coinhive, crypto-currency, cybercrime, jackpotting, malleability, Mt Gox, Nicehash, Pieter Arntz, robber, Technology