dcsimg

A week in security (October 8 – 14)

Last week, we warned you away from some dubious Doctor Who streams, explained how Endpoint Detection and Response may not be enough, and explored what happens during a confusing supply chain story. We also showed you how to keep up with security, explained the risks of fake browser updates, and explored the unpleasant world of workplace violence. Other cybersecurity news: Google Plus suffers a … [Read more...]

A week in security (October 1 – 7)

Last week, Malwarebytes welcomed National Cybersecurity Awareness Month by renewing our pledge to do what we do best: offer the best protection for our customers and promote security awareness for all. On Labs, we raised the question of whether it is a good idea to bring your own security or not, talked a little bit more about fileless malware, homed in on a malware campaign targeting Fortnite … [Read more...]

A week in security (September 24 – 30)

Last week on Labs was a busy one. We discussed how SMS phishing attacks target the job market, issued a warning for TV Licensing phishes, commented on how Apple confused Safari users with recent changes to how OSX handles browser extensions, and elaborated on holes found in Mojave’s privacy protection—deep breath! We also showed how a buggy implementation of CVE-2018-8373 vulnerability is used to … [Read more...]

100 channels and nothing on, except TV Licensing phishes

We’ve seen a lot of people referencing fake TV Licensing emails they’ve received over the last few days. The majority so far appear to be fake refund notices, asking potential victims to log in to a phony TV License website and provide payment details for refunds. It’s definitely keeping customer support busy: Click to enlarge Many of the URLs we’ve looked at are down now, but not all, so … [Read more...]

A week in security (September 17 – 23)

Last week, we took a look at a low level spam campaign on Twitter, explored the signs of falling victim to phishing, and examined a massive WordPress compromise. We also explained some SASL vulnerabilities and covered a breaking Emotet spam campaign. Other cybersecurity news: NewEgg attacked by MageCart (Source: Volexity) UKGOV tackled the talent gap (Source: The Register) Maximum fine touted for … [Read more...]

6 sure signs someone is phishing you—besides email

There are several common and, unfortunately, frequently successful avenues of attack that cybercriminals can use to part you from your personal contact and financial information. These phishing attack methods include email, phone calls, corrupted software or apps, social media, advertisements, and even direct SMS (text) messages. Beyond the medium used to reach you (which is most often … [Read more...]

A week in security (September 10 – 16)

Last week on Malwarebytes Labs, we assessed the security of a portable router, identified ways to waste a scammer’s time, named the many faces of omnichannel fraud, questioned the security of 2FAs, profiled a massive tech support scam operation, and exposed a new HMRC phishing campaign. Other cybersecurity news: Trend Micro addressed the burning questions related to their Mac App store apps … [Read more...]

HMRC phish swipes email login, payment details

It’s not tax season in the UK, but that hasn’t deterred scammers from sending out mail looking to swipe both card details and email logins in one fell swoop. The email, which claims UKGOV has issued a tax refund to the tune of 542.94 GBP, arrives under the following title, which is spectacularly poorly formatted: [RCPT-07010144] processed your automatic payment is available – … [Read more...]

Get #BreachReady before you get burnt!

Just because everyone else is on holiday, doesn’t mean cyber attackers are. Protect yourself from the financial penalties and losses associated with data breaches with our fixed-price, tailored services. What’s more, when reporting the breach you’ll need to explain how it could have been avoided – a sticky situation you won’t relish. You can’t prevent a cyber attack from the beach, so get ready … [Read more...]