dcsimg

A week in security (January 21 – 27)

Last week on the Malwarebytes Labs blog, we took a look at Modlishka, the latest hurdle in two-factor authentication (2FA), the potential for abuse of push notifications, a malware-phishing combo by the name of CryTekk ransomware, and why we detect PUPs, but enforce the power of users’ choice. We also pushed out the 2019 State of Malware report, which you can readily download here. Other … [Read more...]

A week in security (December 31, 2018 – January 6, 2019)

Last week on Labs, we looked back at 2018 as the year of data breaches, homed in on pre-installed malware on mobile devices, and profiled a malicious duo, Vidar and GandCrab. Other cybersecurity news 2019’s first data breach: It took less than 24 hours. An unauthorized third-party downloaded 30,000 details of Australian public servants in Victoria. It was believed that a government employee … [Read more...]

A week in security (November 12 – 18)

Last week on Malwarebytes Labs, we found out that TrickBot became a top business threat, so we took a deeper look at what’s new with it. With Christmas just around the corner, the Secret Sister scam returned. We also touched on the security and privacy (or lack thereof) in smart jewelry, air traffic control compromise, and what security concerns to take note of when automating your … [Read more...]

A week in security (October 1 – 7)

Last week, Malwarebytes welcomed National Cybersecurity Awareness Month by renewing our pledge to do what we do best: offer the best protection for our customers and promote security awareness for all. On Labs, we raised the question of whether it is a good idea to bring your own security or not, talked a little bit more about fileless malware, homed in on a malware campaign targeting Fortnite … [Read more...]

A week in security (September 10 – 16)

Last week on Malwarebytes Labs, we assessed the security of a portable router, identified ways to waste a scammer’s time, named the many faces of omnichannel fraud, questioned the security of 2FAs, profiled a massive tech support scam operation, and exposed a new HMRC phishing campaign. Other cybersecurity news: Trend Micro addressed the burning questions related to their Mac App store apps … [Read more...]

A week in security (August 20 – 26)

Last week on Labs, we took a look at insider threats, doubled back on the privacy of search browser extensions, profiled green card scams, revisited Defcon badgelife, and talked about what happens to a user’s accounts when they die. Other cybersecurity news There was an archiving error in Twitch HQ. Unfortunately, that left some private user messages (even those with sensitive info in them) … [Read more...]

A week in security (August 6 – 12)

Last week, we published a review of exploit kits, talked about everyday tech that can give you a headache, and showed how to protect RDP access from ransomware. We also published a study on the true cost of cybercrime. Other news: Discovered at Black Hat: WhatsApp “message manipulation” (Source: The Register) Discovered at Black Hat: AI attacks (Source: The Register) Once again, … [Read more...]

A week in security (July 30 – August 5)

Last week, we posted a roundup of spam that may have landed in your mailbox, talked about what makes us susceptible to social engineering tactics, and took a deep dive into big data. Other news: Facebook claimed to have removed accounts that display behavior consistent with possible Russian actors engaged in misinformation. (Source: The Wall Street Journal) Yale University disclosed that they … [Read more...]

A week in security (April 16 – April 22)

Last week, we took a stroll down memory lane talking about Facebook and MySpace, noticed a change in the Magnitude exploit kit—wherein it started adopting the GandCrab ransomware, took a good look at a new form of adware that is based on Python, chatted a bit about Russian hacking with a journalist, encouraged retailers to ask the right questions to protect their business, and weighed in on a way … [Read more...]

A week in security (March 05 – March 11)

Last week on Malwarebytes Labs, we paid homage to several women in tech, including some of our very own, on International Women’s Day and shared their stories. We also looked into an adware posing as an Android app that claims to live stream the 2018 Winter Olympics, exposed scammers that go by the name GeeksHelp, who were caught red-handed (again) after their first unmasking two years … [Read more...]