dcsimg
November 11, 2019

A week in security (November 4 – November 10)

Last week on Malwarebytes Labs, we announced the launch of Malwarebytes 4.0, tackled data privacy legislation, and explored some of the ways robocalls come gunning for your data and your money. We also laid out the steps involved in popular vendor email compromise attacks. Other cybersecurity news Bug bounty bonanza: Rockstar Games open up their bounty program to include the newly-released Red … [Read more...]

Filed Under: a week in security, awis, cyber, facebook, fake news, Hacking, Mobile, round up, social media, twitter, Week in security
September 16, 2019

A week in security (September 9 – 15)

Last week  on the Labs blog, we looked at free VPN offerings, how malware can hinder vital emergency services, and explored how the Heartbleed vulnerability is still causing problems. We also talked about a large FTC settlement involving Google, and how to keep an eye out for leaky AWS buckets. Other cybersecurity news The Cobalt Dickens group has returned to cause trouble. (Source: … [Read more...]

Filed Under: a week in security, infosec, Malware, Mobile, phishing, social network, weekly roundup
July 29, 2019

Mobile Menace Monday: Dark Android Q rises

Android Q, the upcoming 10th major release of the Android mobile operating system, was developed by Google with three major themes in mind: innovation, security, and privacy. Today, we are going to focus mostly on security and privacy, although there are still many potential changes and updates on the horizon that can be discussed. Privacy Privacy has been a top priority in developing … [Read more...]

Filed Under: Android, android Q beta, AndroidQ, app permissions, apps, Beta, developer's corner, Google, Mobile, mobile menace monday, privacy, security
July 12, 2019

Cellular networks under fire from Soft Cell attacks

We place a lot of trust in our mobile experience, given they’re one of the most constant companions we have. Huge reams of data, tied to a device we always carry with us, with said device frequently offering additional built-in app functionality. An astonishing wealth of information, for anyone bold enough to try and take it. Security firm Cybereason uncovered an astonishing attack dubbed … [Read more...]

Filed Under: call detail records, cellular, China Chopper, compromise, domain controller, hack, Hacking, Malware, Mobile, nation-state attack, operation soft cell, Poison Ivy, RATs, VPN servers
June 24, 2019

Mobile stalkerware: a long history of detection

Recently, we have received an alarming question from many Malwarebytes users, asking, “Do you detect stalkerware?” The answer is an overwhelming, “Absolutely, and for good reason!” Moreover, we have been doing so for a long time, and are expanding our efforts in the months to come. Going back more than five years, Malwarebytes researchers have detected applications and software that monitor … [Read more...]

Filed Under: Android, Android spyware, domestic abuse, Mobile, mobile phone, monitor, spyware, stalkerware, stalking
May 14, 2019

WhatsApp fix goes live after targeted attack on human rights lawyer

If you use WhatsApp, you’ll want to update both app and device as soon as possible due to a freshly-discovered exploit. The vulnerability was found in Google Android, Apple iOS, and Microsoft Windows Phone builds of the app. Unlike many mobile attacks, potential victims aren’t required to install or click on anything—they may not even be aware something malicious has taken place. This attack came … [Read more...]

Filed Under: attack, cybercrime, Mobile, spyware, targeted, whatsapp
April 12, 2019

Fake Instagram assistance apps found on Google Play are stealing passwords

We all want those Instagram likes and followers. Many apps on Google Play claim they can assist you with that effort. But what if the app that’s supposed to be helping you is also stealing your username and password?  As a matter of fact, that’s exactly what we found in three fake Instagram assistance apps still available on Google Play at the time of this writing. Moreover, these fake … [Read more...]

Filed Under: android malware, cybercrime, FakeInsta, Google Play, Instagram, Mobile
April 1, 2019

A week in security (March 25 – 31)

Last week, we looked at plugin vulnerabilities, location tracking app problems, and talked about plain text password woes. We also looked at federal data privacy regulation and took a deep dive into  BatMobi Adware. Other cybersecurity news Poisoned software update headache for ASUS (Source: The Register) Britain’s Huawei oversight board releases its findings (Source: UK.GOV) Trojanised terror … [Read more...]

Filed Under: adware, Hacking, Malware, Mobile, phishing, roundup, Security world, Week in security
March 29, 2019

Awakening the beast: BatMobi adware

On February 12, a patron of the Malwarebytes Forum alerted us of an issue with ad redirects that seemed to come out of nowhere. An outcry from other commenters filled the forum thread, all experiencing the same redirects to the same exact websites. Our web protection team traced the offending websites back to the culprit—the adware known as BatMobi. What is BatMobi? BatMobi is an Advertisement … [Read more...]

Filed Under: adware, Android, BatMobi, cybercrime, Mobile, mobile adware, website redirects
January 31, 2019

Apple pulls Facebook enterprise certificate

It’s been an astonishing few days for Facebook. They’ve seen both an app and their enterprise certificate removed and revoked with big consequences. What happened? Apple issue enterprise certificates to organizations with which they can create internal apps. Those apps don’t end up released on the Apple store, because the terms of service don’t allow it. Anything storefront-bound must go … [Read more...]

Filed Under: app, Apple, Data privacy, facebook, Facebook privacy, Mobile, privacy, Security world, store, vpn
Next Page »