A week in security (March 05 – March 11)

Last week on Malwarebytes Labs, we paid homage to several women in tech, including some of our very own, on International Women’s Day and shared their stories. We also looked into an adware posing as an Android app that claims to live stream the 2018 Winter Olympics, exposed scammers that go by the name GeeksHelp, who were caught red-handed (again) after their first unmasking two years … [Read more...]

Week in security (February 26 – March 4)

Last week on Malwarebytes Labs, we explained how to protect your computer from malicious cryptomining, we gave an encryption 101 lesson using ShiOne ransomware as a case study, and we offered an explanation about SQL injection. We also released a report on the state of malicious cryptomining from its first resurgence in the fall until now. In active malware, we discussed how the RIG malvertising … [Read more...]

A week in security (February 19 – February 25)

Last week on Malwarebytes Labs, we gave readers a primer on encryption, took a stab at that Deepfakes tool Internet users seem to be interested in, and started a new series that talks about GDPR. We also looked at a drive-by download campaign that starts in booby-trapped Chinese websites that drop malware via different exploits. This malware is a DDoS bot called Avzhan, which we then studied in … [Read more...]

A week in security (January 29 – February 04)

Last week on Labs, we looked into PUPs stealing and using mainstream logos of security and tech companies to further gain user trust, GandCrab and Scarab ransomware variants in the wild, and a new Mac malware called OSX.CreativeUpdater that can be distributed via MacUpdate. We also profiled robocalling and ransomware, particularly how ransomware was named the “It” malware of early- to … [Read more...]

A week in security (December 11–17)

Last week we explained what fast flux is and how it’s being abused, we showed you all kinds of Bitcoin-related scams, presented a video recording of a tech support scammer trying to sell free software, and pointed out some free software to keep an eye on your Internet traffic. We also informed you about an ad server found predominantly on adult websites, which has taken the lead in the … [Read more...]

A week in security (November 27 – December 03)

Last week on Labs, we touched on a huge macOS High Sierra vulnerability, a PayPal phish, and Terror EK’s new tactic. We also took a crack at identity theft protection services, drive-by cryptomining, and rounded up interesting talks while attending a security conference in Ireland called IRISSCON. Other news Our friends at Zimperium investigated a fake WhatsApp on Google Play, and found … [Read more...]