Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-11-06 17:28:07 |
Update your iOS now! Apple patches three zero-day vulnerabilities (lien direct) |
Apple has issued an update for iOS and IPadOS to patch three zero-day vulnerabilities that were being exploited in targeted attacks. We advise you to install it at ASAP.
Categories:
Exploits and vulnerabilities
Tags: 0-dayAppleCVE-2020-27930CVE-2020-27932CVE-2020-27950fontparseriOSkernelproject zerorce
(Read more...)
|
|
|
|
|
2020-11-06 16:30:00 |
RegTech explained: a crucial toolset for the financial industry (lien direct) |
The financial industry has come to rely on RegTech. It helps financials comply with regulations and tightens up data safety and security. But what is it exactly?
Categories:
Explained
Tags: AIbig datacloudcompliancefinancialsidentity theftmfamoney launderingpci dssPIIregtechregulatiorysaassuptech
(Read more...)
|
|
|
|
|
2020-11-05 14:12:05 |
Prop 24 passes in California, will change data privacy law (lien direct) |
Prop 24, which will change California's current data privacy law, received firm support in the Golden State this week, likely sailing into passage.
Categories:
Privacy
Tags: California Consumer Privacy ActCalifornia Privacy Rights ActCCPACPRAProp 24proposition 24
(Read more...)
|
|
|
|
|
2020-11-04 20:10:22 |
QBot Trojan delivered via malspam campaign exploiting US election uncertainties (lien direct) |
Criminals won't pass a unique opportunity to leverage current events to deliver malware.
Categories:
Cybercrime
Social engineering
Tags: electionsmalspamPinkslipbotQakbotQbotspam
(Read more...)
|
|
|
|
|
2020-11-03 18:30:00 |
Update your Chrome again as Google patches second zero-day in two weeks (lien direct) |
Google has patched its second Chrome zero-day in two weeks. Users are urgently advised to update their browser.
Categories:
Exploits and vulnerabilities
Tags: 0daychromecve-2020-16009JavaScript
(Read more...)
|
|
|
|
|
2020-11-03 17:38:45 |
Maze ransomware gang announces retirement (lien direct) |
On November 1, the cybercriminals behind Maze ransomware announced their retirement. Is this a reason to go all out and celebrate? We're afraid not.
Categories:
Ransomware
Tags: egregorMazeransom.sekhmetransomwareretirement
(Read more...)
|
Ransomware
|
|
|
|
2020-11-03 12:50:03 |
Hospital ransomware: Gangs are back to target healthcare (lien direct) |
With some countries and states heading back in to lockdown due to rising rates of COVID-19 infections, it seems horrible timing that hospital ransomware is back in the news.
Categories:
Ransomware
Tags: BazarBackdoorBazarLoaderBrian HonancisacontifbihealthcareHHSransomwareRansomware Response ChecklistryuktrickbotUHSUniklinikumUniversal Health Services
(Read more...)
|
Ransomware
|
|
|
|
2020-11-02 17:46:12 |
A week in security (October 26 – November 1) (lien direct) |
In this week in security (October 26 – November 1), we look at Google's Chrome zero-day patch, Cybersecurity Awareness Month, ransomware cash and far more.
Categories:
Malwarebytes news
Tags: covid-19 surveyCVE-2020-14882cybersecurity awareness monthdisinformationemail compromiseemotetfacebookGoogle ChromeGoogle patchhp printer issueoracle weblogicransomwaresatellite hackingspoofingsuncryptvastaamowanderazero dayzerologonzoom
(Read more...)
|
Ransomware
|
|
|
|
2020-10-30 20:31:28 |
Vastaamo psychotherapy data breach sees the most vulnerable victims extorted (lien direct) |
A Finnish psychotherapy practice suffered a data breach (or two). Now its patients are receiving extortion messages.
Categories:
Cybercrime
Tags: data breachextortiongdprpatient recordsvastaamo
(Read more...)
|
Data Breach
|
|
|
|
2020-10-30 15:15:00 |
California\'s Prop 24 splits data privacy supporters (lien direct) |
Read more...)
|
|
|
|
|
2020-10-29 17:30:24 |
HP printer issue on Mac: What happened? (lien direct) |
Last week, many Mac users received a 'malware' warning on their screens when trying to access their HP printer. Here's what happened.
Categories:
Malwarebytes news
Tags: ApplecertificatesmacOS
(Read more...)
|
|
|
|
|
2020-10-28 21:29:47 |
New Emotet delivery method spotted during downward detection trend (lien direct) |
Emotet got a superficial facelift this week, hiding itself within a fake request asking users to update Microsoft Word to take advantage of new features.
Categories:
Malwarebytes news
Tags: botnetEdward SnowdenemotetMicrosoft Officemicrosoft wordRansom.RyukryukRyuk ransomwaretrickbottrojantrojan.emotetTrojan.TrickBot
(Read more...)
|
|
|
|
|
2020-10-28 15:00:00 |
Fake COVID-19 survey hides ransomware in Canadian university attack (lien direct) |
Universities are a hot target for malware right now. In this latest attack, a threat actor was targeting the University of British Columbia with the goal of distributing ransomware.
Categories:
Cybercrime
Social engineering
Tags: phishphishingransomwareUBCuniversityvaggen
(Read more...)
|
Threat
Ransomware
Malware
|
|
|
|
2020-10-28 14:06:18 |
Scammers are spoofing bank phone numbers to rob victims (lien direct) |
Phone scammers are using spoofed caller ID numbers to convince their victims they are employees of your bank. Don't fall for their tricks.
Categories:
Social engineering
Tags: 2facaller idcold callersfake banksitesphishingphone scammersrobocallsspoofedspoofingtraced act
(Read more...)
|
|
|
|
|
2020-10-27 17:00:00 |
Keeping ransomware cash away from your business (lien direct) |
Ransomware gangs are in the news for donating stolen funds to charitable organisations. Is this a good thing, or will it cause more trouble for the charity than it's worth?
Categories:
Cybercrime
Malware
Tags: bitcoincharitiescharitydonationsillegallawmalwaremoney launderingphishransomwareregulationsscamuk
(Read more...)
|
Ransomware
|
|
|
|
2020-10-26 15:30:00 |
Lock and Code S1Ep18: Finding consumer value in Cybersecurity Awareness Month with Jamie Court (lien direct) |
This week on Lock and Code, we talk to Jamie Court, president of Consumer Watchdog, about the consumer value in Cybersecurity Awareness Month.
Categories:
Podcast
Tags: brute force attacksconsumer cybersecurityconsumer privacyconsumer securityConsumer Watchdogcovid-19cross-site scriptingCrowdStrikecybersecurity awarenesscybersecurity integrationdata breachdeepfakegeneral elections 2020managed service providersMSPnation-state actorsnational cybersecurity awareness monthNCSAMNSAPfizerSensitytech support scamstelegramTSSUS elections 2020xss
(Read more...)
|
|
|
|
|
2020-10-26 10:58:14 |
Google patches actively exploited zero-day bug that affects Chrome users (lien direct) |
Update your Chrome browser to its latest version-86.0.4240.111-to protect yourself from a vulnerability that Google says is being actively exploited.
Categories:
Exploits and vulnerabilities
Tags: 86.0.4240.111browser exploitChrome vulnerabilityCVE-2020-15999FreeTypeFreeType 2.10.4FreeType zero-day
(Read more...)
|
Vulnerability
|
|
★★★★★
|
|
2020-10-22 15:17:39 |
The value of cybersecurity integration for MSPs (lien direct) |
The nature of the MSP business demands integration. MSPs should ask the same from their cybersecurity solutions, streamlining endpoint security and more.
Categories:
Malwarebytes news
Tags: cybersecuritycybersecurity integrationmanaged service providermanaged service providersMSPprofessional services automationpsaPSA platformremote monitoring and managementRMMRMM platform
(Read more...)
|
|
|
|
|
2020-10-21 20:41:32 |
XSS to TSS: tech support scam campaign abuses cross-site scripting vulnerability (lien direct) |
This tech support scam is being spread via Facebook links and uses several redirection mechanisms to avoid detection.
Categories:
Cybercrime
Social engineering
Tags: cross-site scriptingtech support scamTSSvulnerabilityxss
(Read more...)
|
Vulnerability
|
|
|
|
2020-10-20 12:00:00 |
Brute force attacks increase due to more open RDP ports (lien direct) |
More open ports are inviting attackers to try and gain entry by using brute force attacks. Why is this happening and what can we do?
Categories:
Exploits and vulnerabilities
Web threats
Tags: 2faattacksbrute forcecompromisedcredential stuffinghybrid brute force attackopen portsrainbow tableransomwarerdpreverse brute force attackWFH
(Read more...)
|
|
|
|
|
2020-10-19 18:28:46 |
(Déjà vu) A week in security (September 12 – September 18) (lien direct) |
A roundup of interesting security news from our blog and around the web for the week of September 12 - September 18.
Categories:
A week in security
Tags: a week in securityawisfacebookfootballGooglemalwareroundupscamssecurityvirtual appliance
(Read more...)
|
|
|
|
|
2020-10-16 15:00:00 |
Deepfakes and the 2020 United States election: missing in action? (lien direct) |
We look at whether the 2020 United States election will be plagued by deepfakes, or if it's not the concern experts once thought it was.
Categories:
Cybercrime
Social engineering
Tags: 2020 US electionAIconspiracydeepfakedeepfakesdisinformationfakemanipulationvideo
(Read more...)
|
|
|
|
|
2020-10-15 15:00:21 |
How Covid fatigue puts your physical and digital health in jeopardy (lien direct) |
More than seven months into the pandemic, much of the world is suffering from Covid fatigue. Learn how to identify the symptoms, why Covid fatigue is dangerous for cybersecurity, and how to fight back against it.
Categories:
Awareness
Tags: alert fatiguecaution fatiguecoronaviruscoronavirus pandemicCovidcovid fatiguecovid-19cybersecurity awarenessnational cybersecurity awareness monthpandemicsecurity fatigue
(Read more...)
|
|
|
|
|
2020-10-15 12:02:31 |
QR code scams are making a comeback (lien direct) |
With QR codes being used more as a means to help create a COVID-19 proof environment, we're also seeing a comeback of QR codes scams.
Categories:
Scams
Tags: advance paymentsclickjackingnfcnfc tagsphishingQR codeQR code scamqr code scamsquick responseredirect payment
(Read more...)
|
|
|
|
|
2020-10-14 15:30:00 |
FIFA 21 game scams: watch out for unsporting conduct (lien direct) |
With the recent launch of the new FIFA 2021 video game, we look at some of the common scams to avoid.
Categories:
Cybercrime
Social engineering
Tags: coinsEAfakeFIFAfootballFUTgamesoriginscamsocial mediasteamvideo game
(Read more...)
|
|
|
|
|
2020-10-14 13:29:25 |
Silent Librarian APT right on schedule for 20/21 academic year (lien direct) |
As expected, this Iranian APT set up a new campaign to target universities around the world when schools and universities went back.
Categories:
Malwarebytes news
Tags: APTcobalt dickensphishphishingsilent librarianstudentsTA407
(Read more...)
|
|
|
|
|
2020-10-13 10:11:53 |
Amazon Prime Day-8 tips for safer shopping (lien direct) |
Amazon Prime Day is here. With the ongoing pandemic further complicating life as we know it, how can you, the practical and cyber-sensible shopper, protect yourself from threats banking on this day?
Categories:
101
Tags: Amazon AlexaAmazon Prime Daycybersecurity hygienePrime DayPrime Day 2020
(Read more...)
|
|
|
|
|
2020-10-12 15:00:00 |
Lock and Code S1Ep17: Journalism\'s role in cybersecurity with Alfred Ng and Seth Rosenblatt (lien direct) |
Read more...)
|
|
|
|
|
2020-10-08 19:57:14 |
Credit card skimmer targets virtual conference platform (lien direct) |
Criminals have gone after an online conference platform to steal credit card data from virtual attendees.
Categories:
Malwarebytes news
Tags: InterMagecartskimmer
(Read more...)
|
|
|
|
|
2020-10-08 15:30:00 |
Healthcare security update: death by ransomware, what\'s next? (lien direct) |
Read more...)
|
Ransomware
Guideline
|
|
|
|
2020-10-07 15:30:00 |
Risky business: survey shows majority of people use work devices for personal use (lien direct) |
More people are working from home than ever before, many for the first time. And with that, come a lot more work devices. What could go wrong?
Categories:
Malwarebytes news
(Read more...)
|
|
|
|
|
2020-10-06 15:00:00 |
Release the Kraken: Fileless APT attack abuses Windows Error Reporting service (lien direct) |
We discovered a new attack that injected its payload-dubbed "Kraken-into the Windows Error Reporting (WER) service as a defense evasion mechanism.
Categories:
Malware
Malwarebytes news
Threat analysis
Tags: "your right to compensation"APTAPT attacksAPT32APTsCactusTorchcompensation manual.docDotNettoJscriptkrakenkraken.krakenWERWerFault.exeWindow Error ReportingWindows Error Reporting service
(Read more...)
|
|
APT 32
|
|
|
2020-10-05 20:49:31 |
Mobile network operator falls into the hands of Fullz House criminal group (lien direct) |
The Fullz House threat group has struck again, this time inserting a credit card skimmer into a mobile phone operator and seller.
Categories:
Malwarebytes news
Tags: credit cardfullz houseMagecartskimmer
(Read more...)
|
Threat
|
|
|
|
2020-10-05 17:00:00 |
A week in security (September 28 – October 4) (lien direct) |
A roundup of the best cybersecurity stories from September 28 – October 4, including several tricky cases ransomware installed on... coffee makers?
Categories:
A week in security
Tags: a week in securityawisfakefraudmalwarephishphishingscamsecurity roundup
(Read more...)
|
Ransomware
|
|
|
|
2020-10-02 17:00:00 |
VideoBytes: Ransomware gets wasted! (lien direct) |
On today's VideoBytes, we look at how ransomware is on the rise, attacking corporations with malware that not only encrypts files, but also steals it.
Categories:
Ransomware
Tags: Anti-Ransomwareevil corpFOIAgarmingdprmalware monthlyMongoDBransomwareransomware-as-a-servicewastedlockerWindows Cache Manager
(Read more...)
|
Ransomware
Malware
|
|
|
|
2020-10-01 16:56:06 |
Chaos in a cup: When ransomware creeps into your smart coffee maker (lien direct) |
This International Coffee Day, we looked at coffee machines that helped bring down a network of systems. Who would've guessed?
Categories:
Ransomware
Tags: insecure deviceInternet of ThingsIoTIoT privacy concernsIoT security concernssmart coffee machinesmart coffee makersmart percolator
(Read more...)
|
Ransomware
|
|
|
|
2020-10-01 16:00:00 |
VideoBytes: Twitter gets hacked! (lien direct) |
Today, we're talking about the Twitter hack, in which 130 high-profile accounts, like those belonging to Barack Obama and Elon Musk, were accessed.
Categories:
VideoBytes
Tags: Barack Obamabill gatesbitcoinBitCoin Scamelon muskJoe BidentwitterTwitter hackVideoBytes
(Read more...)
|
|
|
|
|
2020-09-30 15:30:00 |
Introducing VideoBytes, by Malwarebytes Labs (lien direct) |
This week, we're launching VideoBytes, a new video series featuring research from Adam Kujawa, security evangelist and a director for Malwarebytes Labs.
Categories:
VideoBytes
Tags: Explainedmalwarebytes labsplease don't buy thisransomwarethreat cinemaTwitter hackvideoVideoBytes
(Read more...)
|
|
|
|
|
2020-09-29 17:00:00 |
Caught in the payment fraud net: when, not if? (lien direct) |
Will we be stuck with payment fraud forever? Come with us as we explore what can go wrong, and why you shouldn't blame yourself if you suffer a loss.
Categories:
Cybercrime
Privacy
Tags: atmcredit carddebit cardfraudmalwarepaymentpoint of salePOS
(Read more...)
|
|
|
|
|
2020-09-28 15:45:08 |
(Déjà vu) Lock and Code S1Ep16: Investigating digital vulnerabilities with Samy Kamkar (lien direct) |
This week on Lock and Code, we talk to Samy Kamkar, chief security officer and co-founder of Open Path, about the digital vulnerabilities in our physical world.
Categories:
Podcast
Tags: Activision hackCall of Duty account compromisecisaCoD account compromiseelection disinformationelection hackingfbiGraphikaGroup-IBKnowBe4OldGremlinOperation Naval Gazingphishingphishing scamransomwareRussian ransomwaresandboxingscamsecurity awareness training scamTyler Technologies
(Read more...)
|
|
|
|
|
2020-09-28 15:45:08 |
Lock and Code S1Ep15: Investigating digital vulnerabilities in our physical world with Samy Kamkar (lien direct) |
This week on Lock and Code, we talk to Samy Kamkar, chief security officer and co-founder of Open Path, about the digital vulnerabilities in our physical world.
Categories:
Podcast
Tags: Activision hackCall of Duty account compromisecisaCoD account compromiseelection disinformationelection hackingfbiGraphikaGroup-IBKnowBe4OldGremlinOperation Naval Gazingphishingphishing scamransomwareRussian ransomwaresandboxingscamsecurity awareness training scamTyler Technologies
(Read more...)
|
|
|
|
|
2020-09-24 21:45:27 |
Taurus Project stealer now spreading via malvertising campaign (lien direct) |
The Taurus Project stealer gains an additional distribution vector via exploit kit.
Categories:
Malwarebytes news
Tags: exploit kitsFallout EKmalvertisingpredator the thiefstealertaurus
(Read more...)
|
|
|
|
|
2020-09-24 17:00:00 |
Sandbox in security: what is it, and how it relates to malware (lien direct) |
Sandboxes and virtual machines are tools that security researchers use to determine whether samples are malicious and what their payload is.
Categories:
Awareness
Tags: AIcontainerizationMazeMLsanboxessandboxingsecurity perimeterVirtual Machines
(Read more...)
|
Malware
|
|
|
|
2020-09-23 17:00:00 |
Phishers spoof reliable cybersecurity training company to garner clicks (lien direct) |
In a recent campaign, phishers were seen taking advantage of user trust on KnowBe4 and stealing their work email credentials.
Categories:
Scams
Tags: Cofensecybersecurity trainingKnowBe4phishingphishing scamratremote access Trojan
(Read more...)
|
|
|
|
|
2020-09-21 16:16:34 |
A week in security (September 14 – 20) (lien direct) |
A round up of cybersecurity news from September 14 – 20, including the Zerologon exploit, BLURtooth vulnerability, APT41, and phishing scams.
Categories:
A week in security
Tags: apt41blurtoothcharitiesChinesechrome extensionsdanny palmerDDos attackdomain name abusefintechransomwaretax scamus department of the interiorweb-phishingzerologon
(Read more...)
|
Guideline
|
APT 41
|
|
|
2020-09-18 16:57:09 |
Is domain name abuse something companies should worry about? (lien direct) |
Should you worry about domain name abuse? For the most part it depends on what kind of company you are and what you expect to encounter.
Categories:
Business
Tags: abusecctlddnsdomaindomain namehijackingregistrartakeovertldtyposquattingwebserver
(Read more...)
|
|
|
|
|
2020-09-17 16:59:59 |
Charities and the advertising industry: data ecosystems and privacy risks (lien direct) |
We take a look at a study which dives into the connection between popular UK based charity organisations and tracking, Real Time Bidding, and data analysis
Categories:
Privacy
Tags: advertisingadvertscharitiesconsentcookiesdonationethicsmarketingRTBtrackingunits
(Read more...)
|
|
|
|
|
2020-09-15 15:00:00 |
Fintech industry developments, differences between Europe and the US (lien direct) |
The developments in fintech differ between regions due to legislation. How does that effect the industry and the safety of their customers?
Categories:
Business
Tags: brexitfintechgdprlegislationonline shoppingpci dssregulationweb skimmers
(Read more...)
|
|
|
|
|
2020-09-14 14:49:08 |
Lock and Code S1Ep15: Safely using Google Chrome Extensions with Pieter Arntz (lien direct) |
This week on Lock and Code, we talk to Pieter Arntz, malware intelligence researcher for Malwarebytes, about Google Chrome extensions.
Categories:
Podcast
Tags: advanced persistent threatsAPTCenter for Public Health ResearchCharming Kittencovid-19data breachddosDDos attackdistributed denial of service attackelection interferenceelectionsLugar CentremalvertisingNetflix scampandemic
(Read more...)
|
Malware
Conference
|
APT 35
|
|
|
2020-09-11 15:00:00 |
The informed voter\'s guide to election cyberthreats (lien direct) |
Read more...)
|
|
|
|