Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-04-17 18:28:18 |
Discord users tempted by bots offering “free Nitro games” (lien direct) |
We look at a wave of bots promoting free games on Discord. But is everything as it seems?
Categories:
Cybercrime
Tags: botsdiscordgamingspamstreamingtwitchvideogames
(Read more...)
|
|
|
|
|
2020-04-16 15:55:48 |
New AgentTesla variant steals WiFi credentials (lien direct) |
The popular infostealer AgentTesla recently added a new feature that can steal WiFi usernames and passwords.
Categories:
Cybercrime
Malware
Tags: Agent Teslamalwarewifi
(Read more...)
|
|
|
|
|
2020-04-15 18:05:40 |
Mass surveillance alone will not save us from coronavirus (lien direct) |
As governments roll out enormous data collection programs to limit coronavirus, we should remember that mass surveillance alone will not save us.
Categories:
Opinion
Tags: AppleAustriabluetoothBluetooth contact tracingBluetooth proximityCaliforniachinaClearviewClearview AIcontact tracingcoronaviruscovid-19Data privacyEbolaEl SalvadorGoogleHubeiirelandIsraelItalyLombardyMERSMiddle East Respiratory SyndromeNational Security AgencyNSANSO GroupprivacyPrivacy InternationalSection 215singaporeSouth KoreaTraceTogetherTunisiaWest Africa
(Read more...)
|
|
|
|
|
2020-04-14 15:00:00 |
Keep Zoombombing cybercriminals from dropping a load on your meetings (lien direct) |
In a zeitgeisty moment, Zoom has become the web conference tool of choice for everyone. Unfortunately, cybercriminals are taking note and Zoombooming the public. We show readers how to protect against this intrusion of privacy.
Categories:
How-tos
Tags: coronaviruscovid-19exploitexploitshow-to zoomteleconferencingvirtual meetingswebinarszoomzoom squattingzoombomberszoombombingzooming
(Read more...)
|
Tool
|
|
|
|
2020-04-13 17:01:26 |
Lock and Code S1Ep4: coronavirus and responding to computer viruses with Akshay Bhargava (lien direct) |
We cover the week's security headlines plus talk with Malwarebytes CPO Akshay Bhargava about the similarities in responding to computer viruses vs. real-life pandemics in episode 4 of Lock and Code.
Categories:
Podcast
Tags: Androidbad appscomputer viruscoronaviruscovid-19detection and responselock and codelock and code podcastmisinformationpodcastTrojansviruses
(Read more...)
|
|
|
|
|
2020-04-09 17:05:17 |
APTs and COVID-19: How advanced persistent threats use the coronavirus as a lure (lien direct) |
We review the top APT groups taking advantage of the current pandemic.
Categories:
Threat analysis
Tags: advanced persistent threatsAPTscovid-19malware
(Read more...)
|
|
|
|
|
2020-04-08 16:00:32 |
Online credit card skimming increased by 26 percent in March (lien direct) |
Criminals are known to take advantage of events that capture people’s attention. This is true for any kind of attack that relies on social engineering, such as the phishing emails exploiting the Covid-19 pandemic. Certain events such as the current crisis not only get the attention of threat actors but they also lead to changes...
Categories:
Cybercrime
Tags: coronaviruscoviMagecartshoppingskimmersskimming
(Read more...)
|
Threat
Guideline
|
|
|
|
2020-04-07 18:27:46 |
Copycat criminals abuse Malwarebytes brand in malvertising campaign (lien direct) |
This fake, copycat Malwarebytes site was set up by cybercriminals to distribute malware in a malvertising campaign. We examine the campaign-and the criminals' motives.
Categories:
Exploits and vulnerabilities
Tags: copycat criminalscopycat sitesexploit kitexploit kitsfake malwarebytes siteFalloutFallout EKmalvertisingmalvertising campaignmalvertising campaignsMalwarebytesRaccoonraccoon stealerthreat actors
(Read more...)
|
Malware
|
|
|
|
2020-04-07 15:52:39 |
Cybersecurity labeling scheme introduced to help users choose safe IoT devices (lien direct) |
Several countries are introducing a cybersecurity labeling scheme to inform consumers about the security features of IoT devices and force manufacturers to improve these features.
Categories:
IoT
Tags: apacclscybersecurity labeling schemeIoTpasswordsrouterssecurity labeling schemesecurity labelling schemesingaporesmart homesmart home assistantsmart home hubs
(Read more...)
|
|
|
|
|
2020-04-06 17:05:42 |
A week in security (March 30 – April 5) (lien direct) |
A roundup of the week's security news, including data privacy issues, increases in cyberattacks due to COVID-19, Zoom vulnerabilities, and more.
Categories:
A week in security
Tags: covid-19cyber volunteersdraytekgdprhousepartyMarriottonline shoppingrdpvpnzoomzoom-bombing
(Read more...)
|
|
|
|
|
2020-04-03 18:42:04 |
How social media platforms mine personal data for profit (lien direct) |
We explore some of the ways social media use personal data to fuel advertising and keep the profits flowing.
Categories:
Privacy
Tags: advertisingData privacyfacebookgated contentLinkedInmarketingprivacyproductsocial mediasocial media advertisingsocial media datasocial networkstwitter
(Read more...)
|
|
|
|
|
2020-04-01 19:19:24 |
GDPR: An impact around the world (lien direct) |
Two years after GDPR became effective in the European Union, countries across the world have emulated its approach to data privacy. Here's a look at a few.
Categories:
Government
Malwarebytes news
Privacy
Security world
Tags: ArgentinaBill No. MEN-2018-147-APN-PTEBrazilBritish AirwaysCaliforniaCalifornia Consumer Privacy ActCCPAChileCNILData Protection DirectiveData Protection Directive of 1995European CommissiongdprGeneral Data Protection RegulationGoogleindiaLei Geral de Proteção de Dados PessoaisNational Data Protection CommissionPersonal Data Protection BillPrivacy ShieldSafe HarborWashingtonWashington Data Privacy Act
(Read more...)
|
|
|
|
|
2020-03-31 18:57:38 |
Important tips for safe online shopping post COVID-19 (lien direct) |
Online shopping can be convenient, especially during a total lockdown. But shopping online in the middle of the COVID-19 crisis brings with it other dangers. Here's what to watch out for.
Categories:
Awareness
Tags: counterfeitonline shoppingpadlockvpnweb skimmers
(Read more...)
|
|
|
|
|
2020-03-30 16:33:33 |
Lock and Code S1Ep3: Dishing on data privacy with Adam Kujawa (lien direct) |
This week on the Lock and Code podcast, we talk with Labs director Adam Kujawa about the state of data privacy today, plus cover the security headlines of the week, including coronavirus scams, credit card skimmers, and more coronavirus.
Categories:
Podcast
Tags: adam kujawacredit card skimmerData privacylabs podcastlock and codelock and code podcastmalwarebytes labs podcastmalwarebytes podcastonline advertisingpodcastprivacy policy
(Read more...)
|
|
|
|
|
2020-03-26 17:05:13 |
Coronavirus Bitcoin scam promises “millions” working from home (lien direct) |
We look at a set of Coronavirus Bitcoin scam emails promising vast sums of cryptocash that can be made working from home-but drains users accounts instead.
Categories:
Scams
Tags: bitcoinbritish celebrities scamcoronaviruscoronavirus bitcoincoronavirus bitcoin scamcoronavirus scamscovid-19covid-19 bitcoincovid-19 scamsemailscamsspam
(Read more...)
|
|
|
|
|
2020-03-25 16:00:00 |
Consumerization: a better way to answer cybersecurity challenges (lien direct) |
Malwarebytes CPO Akshay Bhargava explains why the consumerization of IT security-consumer-grade ease of use, plus enterprise security expertise-can meet the cybersecurity challenges of today.
Categories:
Opinion
Tags: business cyberattacksbusiness cyberthreatsconsumerizationcyberattacksenterpriseenterprise securityITIT securitysecurity solutionsskills shortageUIUI/UXuser experienceuser interface
(Read more...)
|
|
|
|
|
2020-03-25 15:00:00 |
Criminals hack Tupperware website with credit card skimmer (lien direct) |
This latest hack from Magecart threat actors was well planned and executed.
Categories:
Hacking
Tags: credit cardMagecartskimmerskimmingsteganographytupperware
(Read more...)
|
Hack
Threat
|
|
|
|
2020-03-24 17:37:08 |
Windows 7 is EOL: What next? (lien direct) |
Windows 7 is EOL, meaning it's reached the end of its lifecycle. It's time to move on to a more secure OS-but that doesn't mean you no longer need security software.
Categories:
Awareness
Tags: Anti-Malwareantivirusbrowser threatsChromebookEnd Of LifeEOLexploitslinuxmacmacOSMalwarebyteswindows 10windows 7
(Read more...)
|
|
|
|
|
2020-03-23 19:35:57 |
Fake “Corona Antivirus” distributes BlackNET remote administration tool (lien direct) |
Beware of fraudulent antivirus products taking advantage of the COVID-19 crisis.
Categories:
Social engineering
Threat analysis
Tags: antivirusbotnetcoronaviruscovid-19fakemalwarerat
(Read more...)
|
Tool
|
|
★★★
|
|
2020-03-23 16:44:58 |
A week in security (March 16 – 22) (lien direct) |
A roundup of the previous week's most notable security stories and events, including COVID-19-themed threats, child identity theft, and securely working from home.
Categories:
A week in security
Tags: APT36awiscovid-19emotetfake newsmoney muleMonitorMinorphishing scamromance scamshadow IoTSlackstalkerwaretrickbotweek in securityweekly blog roundupWHOWorld Health Organization
(Read more...)
|
|
APT 36
|
|
|
2020-03-20 15:00:00 |
Coronavirus scams, found and explained (lien direct) |
Here are some of the many coronavirus email scams that Malwarebytes spotted in the wild, with full details on what they say, what they're lying about, and which malware they're trying to install on your machine.
Categories:
Scams
Tags: 1 470 5982893 784 50 17Agent TeslaBoresha Credit Service Limitedbrennan@caesars.comCDCcenter for disease control and preventioncoronaviruscoronavirus malwareCovid 19 Tracker Appcovid-19COVID-19 WHO RECOMMENDED V.gzFormBookGuLoaderHawkEyeHawkEye keyloggerinfo@bcsl.co.kekeyloggerkeyloggersLastLineNetWireNetWire RATNetWire Remote Access TrojanNO 29 JERUSALEM STREETNovel CoronavirusransomwareredditRESEARCH HOSPITAL ISREALRiskIQsarah@who.comThugCrowdTRN No. 100269864300003trojanTrojanstwitterUS CDCWHOWorld Health Organizat |
Malware
|
|
|
|
2020-03-19 15:00:00 |
Security tips for working from home (WFH) (lien direct) |
MMany people are working from home (WFH) as part of a global social distancing effort to avoid spreading the coronavirus. Learn how to stay secure (and a couple tips for staying sane) in the process.
Categories:
How-tos
Tags: coronaviruspasswordremoteremote workremote workersremotesecsecurityvpnVPNsWFHwork from homeworkingworking from homeworking remote
(Read more...)
|
|
|
|
|
2020-03-18 15:36:31 |
Cybercriminals impersonate World Health Organization to distribute fake coronavirus e-book (lien direct) |
Threat actors ramp up on coronavirus-themed campaigns, posing as the World Health Organization sending emails with fake e-book content. Instead of advice, users get compromised with malware.
Categories:
Social engineering
(Read more...)
|
|
|
|
|
2020-03-17 16:33:29 |
Child identity theft, part 2: How to reclaim your child\'s identity (lien direct) |
|
|
|
|
|
2020-03-16 15:28:35 |
Lock and Code S1Ep2: On the challenges of managed service providers (lien direct) |
On episode 2 of Lock and Code, we discuss the latest security news, including how to secure remote workers, security conferences cancelled because of coronavirus, and Google Play's poor performance on stopping malware. Plus, we speak to two MSP representatives on the daily challenges of managing thousands of endpoints.
Categories:
Podcast
Tags: becconfickercoronavirusfingerprint filesMSPphishing scamplay protectremoteskimmersmbv3spear phishing
(Read more...)
|
|
|
|
|
2020-03-16 15:00:00 |
APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT (lien direct) |
We look at a spear phishing attack from APT36, an Advanced Persistent Threat group posing as the government of India and offering guidance on coronavirus. Instead, users are infected with a Crimson RAT that steals data.
Categories:
Threat analysis
Tags: APTAPT36coronaviruscoronavirus malwarecovid-19credential stealercrimson ratexploitexploitsinfo-stealermacromalicious macromalwarenation-state attackratremote administration toolSocial Engineeringspear phishingspear phishing attacktransparent tribe
(Read more...)
|
Threat
|
APT 36
|
|
|
2020-03-13 18:55:13 |
The effects of climate change on cybersecurity (lien direct) |
We explore the relationship between climate change and cybersecurity, two of the major issues of our time. Does cybersecurity actually contribute to global warming? Or can climate change illicit an uptick in cybercrime? We take a look.
Categories:
Awareness
Tags: climate changecoolingcybersecuritydatacentersenergy consumptionglobal warmingsupercomputers
(Read more...)
|
|
|
|
|
2020-03-12 18:02:04 |
Coronavirus impacts security conferences and events: check your schedule (lien direct) |
We look at upcoming cancellations, postponements, and moves to virtual for security conferences in the wake of the coronavirus pandemic.
Categories:
Security world
Tags: black hatbsidescancellationsconferencescoronavirusDEF CONdisruptioneventsinfosecRSARSA Conferencesecurity conferencesecurity conferencessecurity event
(Read more...)
|
|
|
|
|
2020-03-12 16:53:43 |
RemoteSec: achieving on-prem security levels with cloud-based remote teams (lien direct) |
Times are quickly changing and many teams are scrambling to embrace a shift to remote work. How will security protocols change? Time to move from on-prem to RemoteSec.
Categories:
Business
Tags: cloud infrastructurecloud securitycloud servicesremote securityremote workremote workersremote workingremotesectelecommutingV2 Cloudworkforce
(Read more...)
|
|
|
|
|
2020-03-11 15:44:33 |
Securing the MSP: best practices for vetting cybersecurity vendors (lien direct) |
How do you spot the unicorn cybersecurity vendors amongst the bad apples? We show MSPs the ins and outs of vendor vetting.
Categories:
Business
Tags: cybersecurity vendorsenterprisemanaged service providersMSPrisk managementSOCSOC teamsvetting cybersecurity vendorsvetting security vendors
(Read more...)
|
|
|
|
|
2020-03-10 15:46:13 |
Rocket Loader skimmer impersonates CloudFlare library in clever scheme (lien direct) |
URLs can be deceiving, but the one used to mimic CloudFlare's Rocket Loader in the latest Magecart attack takes it to a whole new level.
Categories:
Threat analysis
Tags: HTTPSJavaScriptMagecartskimmerskimming
(Read more...)
|
|
|
|
|
2020-03-09 20:07:46 |
A week in security (March 2 – 8) (lien direct) |
A roundup of the previous week's security headlines, including the introduction of a new series on child identity theft, an examination of law enforcement's cybersecurity woes, a progress check on our stalkerware initiative, and more coronavirus scammers on the prowl.
Categories:
A week in security
Tags: a week in securityawiscathay pacificcoronavirusexploitgdprmalwaremicrosoftMobilephishinground upsecurityTESCOweek in securityzynga
(Read more...)
|
|
|
|
|
2020-03-09 15:00:00 |
International Women\'s Day: awareness of stalkerware, monitoring, and spyware apps on the rise (lien direct) |
Read more...)
|
|
|
|
|
2020-03-06 17:24:33 |
Bring your own privacy: VPNs for consumers and orgs (lien direct) |
VPNs are all the rage, but they're not without their problems. Where do you stand on the great "Should we deploy a VPN" debate?
Categories:
Privacy
Tags: anonymityanonymousdesktopIP addressMobileprivacyprivate browsingproxyremote workremote workerssecurevirtual private networksvpnVPNs
(Read more...)
|
|
|
|
|
2020-03-05 16:00:00 |
Technology and the power of moral panic (lien direct) |
We look at how technology and a splash of moral panic have made for strange companions down the years.
Categories:
Awareness
Tags: computer gamescyberdiscordelvishackingkalilinuxmoral panicpostervideo gamesvirtual machine
(Read more...)
|
|
|
|
|
2020-03-04 18:21:02 |
Are our police forces equipped to deal with modern cybercrimes? (lien direct) |
Police forces are working hard to keep up with the latest developments in cybercrime, training digital experts for the purpose. But is it enough? And is it happening across the globe?
Categories:
Opinion
Tags: critical infracstructurecybercrimedigital evidencedigital expertdigital tracingdutch policefbiforensicsnetwork analysispolicethreat huntingUS police
(Read more...)
|
|
|
|
|
2020-03-03 20:17:19 |
Child identity theft, part 1: On familiar fraud (lien direct) |
In this two-part series on child identity theft, we shed light on the growing problem of familiar fraud, where those entrusted with a minor's information are the very ones who abuse it.
Categories:
Awareness
Tags: child identity fraudchild identity theftcyberbullyingfamiliar fraudfraudID theftidentity theftpersonally identifiable informationPII
(Read more...)
|
|
|
|
|
2020-03-02 17:15:47 |
Lock and Code S1Ep1: On RSA, the human element, and the week in security (lien direct) |
We look at all the interesting security news from last week and also present the latest episode of our podcast, Lock and Code.
Categories:
Podcast
Tags: lock and codemalwarepodcastscamssecuritythreatsweek in security
(Read more...)
|
|
|
|
|
2020-02-28 17:54:18 |
Domen toolkit gets back to work with new malvertising campaign (lien direct) |
We describe the latest malvertising campaign that uses Domen, an advanced social engineering toolkit.
Categories:
Threat analysis
Tags: buren ransomwareDomendomen toolkitintelrapid cryptominerJavaScriptmalicious websitesmalvertisingmalvertising campaignssmoke loaderSocial EngineeringtoolkitVidarvidar stealer
(Read more...)
|
|
|
|
|
2020-02-27 18:34:48 |
Mac adware is more sophisticated and dangerous than traditional Mac malware (lien direct) |
Adware and PUPs can actually be far more invasive and dangerous on the Mac than "real" malware. We demonstrate with analysis of Crossrider, a sophisticated Mac adware that uses evasion and persistence techniques more complex than nation-state malware.
Categories:
Mac
Tags: adwarebundlorecrossridermacMac adwaremac threatsmacOSmacspotentially unwanted programsPUPssurfbuyer
(Read more...)
|
Malware
|
|
|
|
2020-02-27 16:00:00 |
Stalkerware and online stalking are accepted by Americans. Why? (lien direct) |
Americans may be accepting and minimizing online stalking behaviors, including the use of invasive apps that can pry into a user's text messages, emails, photos, videos, and phone logs.
Categories:
Stalkerware
Tags: BJSBureau of Justice StatisticsCDCcenter for disease control and preventionCoalition Against Stalkerwarecyber stalkcyber stalkingmonitoring appmonitoring applicationsmonitoring appsNortonLifeLockOnline Creeping SurveySay AnythingSeven Brides for Seven BrothersstalkstalkerwarestalkingThe GraduateThe Harris Poll
(Read more...)
|
|
|
|
|
2020-02-26 17:03:11 |
Fraudsters cloak credit card skimmer with fake content delivery network, ngrok server (lien direct) |
Criminals set up fraudulent infrastructure that looks like a typical content delivery network-except it isn't. Behind it hides a credit card skimmer injected into Magento online stores.
Categories:
Threat analysis
Tags: cdncontent delivery networkcredit card datadata exfiltrationMagecartmagentongrokproxy serversecure tunnelsskimmerstunnelingweb skimmerweb skimmers
(Read more...)
|
|
|
|
|
2020-02-25 17:54:06 |
Biotech health care innovations meet security challenges (lien direct) |
Advancements in biotech could save thousands, if not millions of lives. But what security and privacy challenges do they introduce? We take a close look at recent innovations.
Categories:
Vital infrastructure
Tags: AIbiosensorsBLEbluetoothdna-testfdapacemakerpharmaceuticalssmart pillsweyntoothvulnerabilities
(Read more...)
|
|
|
|
|
2020-02-25 17:27:17 |
Introducing Lock and Code: a Malwarebytes Labs podcast (lien direct) |
Malwarebytes is launching a podcast, called Lock and Code, on Monday, March 2, breaking down cybersecurity headlines and diving into complex issues with guest interviews. Tune in every two weeks.
Categories:
Podcast
Tags: cybercrimecybersecurity awarenesslock and codelock and code S1Ep0lock and code trailerpodcastRSARSA Conferencesecurity awarenesssecurity podcast
(Read more...)
|
|
|
|
|
2020-02-24 16:32:34 |
A week in security (February 17 – 23) (lien direct) |
A roundup of the previous week's most notable security stories and events, including cloud identity management, a noteworthy Twitter scam-tastrophy, RobbinHood ransomware, and more.
Categories:
A week in security
Tags: awisBlueKeepcatfishingChrome ExtensionCrypto scamsdeepfakeselectionsepic gamesfirmwareIDaaSidentity-as-a-serviceJamila KayaLokiBotransomwarescammerstwitterVoatzweek in securityweekly blog roundupYouTube hack
(Read more...)
|
|
|
|
|
2020-02-24 16:00:00 |
Why managed service providers (MSP) are critical for business continuity (lien direct) |
What many don't realize is that SMBs need the same level of protection from threats that are usually only afforded to enterprises. Managed service providers (MSPs) are the key to getting the protection and service they need while staying on budget.
Categories:
Opinion
Tags: compliancemanaged service providersMSPMSPsransomwareSMBzero unemployment rate
(Read more...)
|
|
|
|
|
2020-02-20 18:09:03 |
Threat spotlight: RobbinHood ransomware takes the driver\'s seat (lien direct) |
RobbinHood a is a ransomware family that specifically targets organizations using a vulnerable kernel driver to prepare systems for encryption. Learn how to protect against it.
Categories:
Threat spotlight
Tags: .enc_robbinhoodAnti-RansomwarebaltimorebitcoingreenvilleMalwarebytesransomransom noteransomwareransomware rollbackrobbinhoodrobbinhood ransomwarerollback
( |
Ransomware
Threat
|
|
|
|
2020-02-19 17:21:08 |
Rudy Giuliani\'s Twitter mishaps invite typosquatters and scammers (lien direct) |
|
Guideline
|
|
|
|
2020-02-18 17:25:42 |
Harnessing the power of identity management (IDaaS) in the cloud (lien direct) |
With security, compliance, and customer engagement driving organizations to the cloud, it's no wonder IDaaS has become the standard in identity management. Learn about the benefits and concerns of IDaaS for organizations of all sizes.
Categories:
Explained
Tags: hybrid environmentiamIDaaSidentity and access managementidentity-as-a-servicesinge sign-onsso
(Read more...)
|
|
|
|
|
2020-02-18 16:40:45 |
A week in security (February 10 – 16) (lien direct) |
A roundup of the previous week's security news, including Malwarebytes' release of the 2020 State of Malware Report, online dating woes, Emotet infection vectors, ransomware attacks, and more.
Categories:
A week in security
Tags: accusoftCISOcoronavirusDellemotetEquifaxgigabytegridworkshelixHollywoodnude photosonline datingrobbinhoodstate of malware reportxHelper
(Read more...)
|
Ransomware
Malware
|
Equifax
|
|