dcsimg

A week in security (November 23 – November 29)

Last week on Malwarebytes Labs, we talked with Chris Boyd about charities that track you online. We also looked back at Zoom, and wondered whether it’s any safer months after its first vulnerability was reported. We talked about how Apple’s security is hampering the detection of potentially unwanted programs (PUPs). Lastly, we reported on Spotify resetting some user accounts after … [Read more...]

Spotify resets some user logins after hacker database found floating online

A team of researchers working for vpnMentor has found a treasure trove in the form of an unsecured Elasticsearch database containing over 380 million records. The trove contained login credentials and other data belonging to Spotify users. So what’s Spotify doing leaving its user data hanging around on an unsecured database? Answer: It’s not. On investigation, the team found the … [Read more...]

Report: Pandemic caused significant shift in buyer appetite in the dark web

Last year, credentials for PayPal, Facebook, and Airbnb were among the top goods on high demand in the dark web, aka the Internet’s underground market. But due to the COVID-19 outbreak, with most of the worldwide population sheltering, working, and studying indoors, many facets of life have made a full 180-degree turn—including the criminal world. Almost everything we do is not how we … [Read more...]

A week in security (March 11 – 17)

Last week on Malwarebytes Labs, we looked at the Lazarus group in our series about APT groups, we discussed the introduction of Payment Service Directive 2 (PSD2) in the EU, we tackled Google’s Nest fiasco, and the launch of Mozilla’s Firefox Send. In addition, we gave you an overview of the pervasive threat, Emotet, and we discussed reputation management in the age of cyberattacks against … [Read more...]