Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2018-05-14 17:18:02 |
A week in security (May 7 – May 13) (lien direct) |
A roundup of security news from May 7 – May 13, including a new zero-day for Internet Explorer, a Netflix phishing scam, a worm found in Facebook's Messenger, and more.
Categories:
Security world
Week in security
Tags: 7zipfacebookfake android avHTTPSjavascript excelJS excelkuik adwaremicrosoftmicrosoft excelnetflix phishnigerian scamshopper stop tech scamsignaltech support scamtwo-factor authenticationvulnerability
(Read more...)
|
|
|
|
|
2018-05-11 15:00:00 |
Where did the tech support scam blacklist go? (lien direct) |
We've removed our blacklist of recognized tech support scammers from our tech scam support page. Here's what we're doing instead.
Categories:
101
How-tos
Tags: how toscambaitingtech support scamTSS
(Read more...)
|
|
|
|
|
2018-05-10 19:58:00 |
Internet Explorer zero-day: browser is once again under attack (lien direct) |
Internet Explorer is yet again leveraged for a zero-day exploit delivered via Office document-the first zero-day observed for IE in over two years.
Categories:
Exploits
Threat analysis
Tags: 0dayCVE-2018-8174zero day
(Read more...)
|
|
|
|
|
2018-05-10 15:00:00 |
Parenting in the Digital World: a review (lien direct) |
Parents don't just hand over the car keys to children who haven't taken driver's ed. Sadly, the same can't be said about smartphones. This book by Clayton Cranford shows parents the importance of keeping their kids safe online-and just how to do it.
Categories:
101
FYI
Tags: child security onlinecyberbullyinginternet safetyparenting in the digital worldsocial media
(Read more...)
|
|
|
|
|
2018-05-09 17:00:05 |
Netflix phish claims your membership is on hold (lien direct) |
We take a look at a new Netflix phish in circulation, using the time-honored trick of claiming the recipient is about to lose access unless they hand over some personal information.
Categories:
Social engineering
Threat analysis
Tags: Appleemailemailsnetflixnetflix phishphishphishingscam
(Read more...)
|
|
|
|
|
2018-05-09 16:30:03 |
HTTPS: why the green padlock is not enough (lien direct) |
Cheap hosting deals offering free certificates have made the green padlock a less convincing sign of security. Here's what to look for to ensure a website is safe to visit.
Categories:
101
FYI
Tags: cacertificatesextended validationgreen padlockHTTPSPayPalphishingSSLTLS
(Read more...)
|
|
|
|
|
2018-05-08 16:00:02 |
Kuik: a simple yet annoying piece of adware (lien direct) |
Kuik adware, which forces affected machines to join a domain controller, is using this unusual technique to push Google Chrome extensions and coin miner applications. In this blog, we'll provide technical analysis of the adware and custom removal instructions.
Categories:
Malware
Threat analysis
Tags: adwarekuikkuik adwareremoval
(Read more...)
|
|
|
|
|
2018-05-08 13:25:00 |
(Déjà vu) Tech support scam uses fake Shoppers Stop site to lure thousands (lien direct) |
The same group behind the Shoppers Stop tech scam campaign is at it again, injecting malicious ad code into thousands of sites and redirecting to a templated warning page.
Categories:
Social engineering
Threat analysis
Tags: malvertisingtech support scamsTSSWP-VCD
(Read more...)
|
|
|
|
|
2018-05-08 13:25:00 |
Shoppers Stop tech scam draws from thousands of forced ad injections (lien direct) |
The same group behind the Shoppers Stop tech scam campaign is at it again, injecting malicious ad code into thousands of sites and redirecting to a templated warning page.
Categories:
Social engineering
Threat analysis
Tags: malvertisingtech support scamsTSSWP-VCD
(Read more...)
|
|
|
|
|
2018-05-07 20:46:03 |
Mobile Menace Monday: re-emergence of a fake Android AV (lien direct) |
Way back in early 2013, a new antivirus (AV) company emerged into the mobile security software industry that had everyone perplexed. It seemed like a fake Android AV, but received certification by a reputable AV testing organization! Now, five years later, it's back. Here's why you shouldn't trust it.
Categories:
Cybercrime
Malwarebytes news
Mobile
Tags: AndroidArmor for AndroidFakeAVmobile menace mondaytriple m
(Read more...)
|
|
|
|
|
2018-05-07 17:18:01 |
(Déjà vu) Week in security (April 30 – May 6) (lien direct) |
A roundup of security news from April 30 – May 6, including Necurs malspam, Spartacus ransomware, Twitter passwords, and cybersecurity studies.
Categories:
Security world
Week in security
Tags: MalwarebytesnecursransomwaresecuritySpartacustwitterweekly blog roundup
(Read more...)
|
|
|
|
|
2018-05-04 19:18:05 |
Twitter security snafu: change your passwords (lien direct) |
A recent error caused passwords to be exposed internally at Twitter. As a precaution, they're advising all users to change their passwords. Read on to find out what happened, and what you can do about it.
Categories:
Cybercrime
Privacy
Tags: 2faloginpasswordstweetingtwittertwitter passwordstwitter security
(Read more...)
|
|
|
|
|
2018-05-04 16:52:02 |
Engaging students in cybersecurity: a primer for educators (lien direct) |
The continuing rise of cybercrime calls for a new breed of fighters. Are teachers prepared to take on the challenge of training the current and future generations of cybersecurity professionals? How can they introduce and engage students in this fast-growing field of study?
Categories:
101
FYI
Tags: cybersecuritycybersecurity educationeducationK-12 cybersecurityskills gapskills shortage
(Read more...)
|
|
|
|
|
2018-05-03 17:44:01 |
Internet Shortcut used in Necurs malspam campaign (lien direct) |
The Necurs gang tries out a new trick to load malware and bypass security defenses.
Categories:
Criminals
Threat analysis
Tags: botnetmalspamnecurssambaSMBspam
(Read more...)
|
|
|
|
|
2018-05-01 15:54:05 |
SamSam ransomware: what you need to know (lien direct) |
We take a look at SamSam ransomware, the malware that messed with Atlanta, and tell you how it works and what you can do to combat it.
Categories:
Cybercrime
Malware
Tags: atlanta ransomwareexploitsmalwareransomransomwaresamsamsamsam ransomware
(Read more...)
|
|
|
|
|
2018-04-30 17:40:00 |
Spartacus ransomware: introduction to a strain of unsophisticated malware (lien direct) |
Spartacus ransomware is a fairly new variant seen in 2018. We'll walk you through the malware sample to analyze the code in detail, and help you learn how to get an obfuscated .NET sample into a readable state.
Categories:
Malware
Threat analysis
Tags: malware analysisransomwareSpartacusSpartacus ransomware
(Read more...)
|
|
|
|
|
2018-04-30 15:17:01 |
(Déjà vu) A week in security (April 23 – April 29) (lien direct) |
A roundup of security news from April 23 – April 29, including worms, GDPR, DDoS markets, and more.
Categories:
Malwarebytes news
Tags: adminddosgdprminersminingroundupweek in security
(Read more...)
|
|
|
|
|
2018-04-27 16:00:00 |
Please don\'t buy this: smart toys (lien direct) |
|
|
|
|
|
2018-04-27 15:00:00 |
Malwarebytes CrackMe 2: try another challenge (lien direct) |
Last November, we launched the first Malwarebytes CrackMe. Encouraged by an overwhelmingly positive response, we decided to repeat the game-this time making it even harder and more fun.
Categories:
Security world
Technology
Tags: crackmeCrackMe contestMalwarebytes CrackMe
(Read more...)
|
|
|
|
|
2018-04-26 15:36:00 |
The Internet of Everything and digital privacy: what you need to know (lien direct) |
Statistics indicate within the next couple of years, there will be three IoT devices for every adult and child on the planet-IoT will truly be the Internet of Everything. So, should people be concerned about privacy and data security if these gadgets are always on and ready to transmit information? Let's take a look.
Categories:
101
FYI
Tags: Data privacyinternet of everythingInternet of ThingsIoTIoT security
(Read more...)
|
|
|
|
|
2018-04-25 16:18:04 |
Far Cry 5 download offers: embrace the power of “no” (lien direct) |
It seems opportunists are jumping on popular video game Far Cry 5's bandwagon, with a flood of promises for free game downloads. We take a look at a return to form for survey scams, and the odd download site while we're at it.
Categories:
Cybercrime
Social engineering
Tags: crackcultdownloadfar cry 5malwaremontanascamsurvey offersUbisoftvideogame
(Read more...)
|
|
|
|
|
2018-04-24 16:30:00 |
New Crossrider variant installs configuration profiles on Macs (lien direct) |
A new variant of the Crossrider adware has been spotted that is infecting Macs in a unique way, using a configuration profile to keep its effects resident in the system.
Categories:
Mac
Threat analysis
Tags: Advanced Mac Cleaneradwareconfiguration profileconfiguration profilescrossridermac
(Read more...)
|
|
|
|
|
2018-04-24 15:00:00 |
Securing financial data of the future: behavioral biometrics explained (lien direct) |
Sophisticated social engineering. Fileless malware. Specialized Trojans. These are the threats that keep the financial sector on its toes-making way for a new mode of authentication called behavioral biometrics. And its primary concern is not what your credentials are but how you enter them.
Categories:
101
Business
Tags: artificial intelligencebehaviometricsbehavior-based authenticationbehavioral biometricsfinancialmachine learning
(Read more...)
|
|
|
|
|
2018-04-23 16:06:05 |
A week in security (April 16 – April 22) (lien direct) |
A roundup of security news from April 16 – April 22, including tax fraud, Adobe Flash, trustjacking, and surveillanceware.
Categories:
Security world
Week in security
Tags: a week in securityadobe flashcryptocurrencycryptomininggandcrab ransomwarerecapretail industryrussianstresspaintsurveillancewaretax fraudtrustjackingweekly blog roundup
(Read more...)
|
|
|
|
|
2018-04-20 16:00:00 |
Cloudflare\'s new DNS service (lien direct) |
Read more...)
|
|
|
|
|
2018-04-19 16:42:05 |
Perspectives on Russian hacking (lien direct) |
Malware research analyst Chris Boyd recently had an in-depth chat with SCMagazine about Russian hacking, malware, and social engineering. Here, he summarizes some of the key findings from his discussion and the other researchers interviewed.
Categories:
Cybercrime
Hacking
Tags: APTfundingnation stateransomwarerussiasocial networksspam botstwitteruk
(Read more...)
|
|
|
|
|
2018-04-18 15:00:00 |
PBot: a Python-based adware (lien direct) |
Recently, we came across a Python-based sample dropped by an exploit kit. Although it arrives under the disguise of a MinerBlocker, it has nothing in common with miners. In fact, it seems to be PBot: a Python-based adware.
Categories:
Malware
Threat analysis
Tags: adwarePBotpbot adwarepythonpython-based adware
(Read more...)
|
|
|
|
|
2018-04-17 16:58:02 |
Magnitude exploit kit switches to GandCrab ransomware (lien direct) |
After being faithful to its own Magniber ransomware for several months, Magnitude EK joins others to adopt GandCrab.
Categories:
Exploits
Threat analysis
Tags: EKexploit kitgandcrabMagnituderansomware
(Read more...)
|
|
|
|
|
2018-04-17 15:00:00 |
5 cybersecurity questions retailers must ask to protect their businesses (lien direct) |
If retailers think they already have much to worry about, they have another thing coming- cybersecurity-and it's no longer something they can keep on the back burner. This piece helps retailers ask the right cybersecurity questions to protect their businesses.
Categories:
101
Business
Tags: breachbusiness securitycybersecurityddosfraudretailretail industryrisk management
(Read more...)
|
|
|
|
|
2018-04-16 16:13:05 |
Myspace vs. Facebook: the good old days? (lien direct) |
There's a debate happening at the moment: Myspace vs. Facebook. Was it safer? Easier to use? More welcoming of sparkly gifs? We take a walk down memory lane and remind you that privacy and safety concerns plagued ye old social networks of yore.
Categories:
Cybercrime
Privacy
Tags: adwarecongressfacebookmalwaremyspacemyspace tomprivacyscamssecuritySocial Engineeringtom
(Read more...)
|
|
|
|
|
2018-04-16 15:05:00 |
Week in security (April 09 – April 15) (lien direct) |
A roundup of the security news from April 09 – April 16, including fake updates, safe messaging, and Facebook spammers. And our quarterly CTNT report is out.
Categories:
Security world
Week in security
Tags: encryptionfacebookFakeUpdatesMalwarebytessafe messagingsecurityspammersweekly blog roundup
(Read more...)
|
|
|
|
|
2018-04-13 15:00:00 |
Facebook spammers making things worse (lien direct) |
Adding to Facebook's burden are two spam campaigns. One is aimed at Finnish users and the other was quickly terminated, but we expect both to resurface in one form or another.
Categories:
Cybercrime
Social engineering
Tags: facebookFacebook Messengerfinnishmessengerspamyoutube
(Read more...)
|
|
|
|
|
2018-04-12 17:34:03 |
Encryption 101: decryption tool code walkthrough (lien direct) |
In our final installment of the Encryption 101 series, we walk you through the source code of the Princess Locker decryption tool.
Categories:
Malware
Threat analysis
Tags: decryption toolencryption 101Princess Locker
(Read more...)
|
|
|
|
|
2018-04-11 15:00:00 |
Keeping your business and personal instant messages secure (lien direct) |
Most people want to know their instant messages are securely wrapped up-whether that's for personal privacy or protecting business communications. There are a lot of solutions out there for better securing IMs.
Categories:
101
How-tos
Tags: IMinstant messageinstant messagingMobilephonesecuresignaltelegram
(Read more...)
|
|
|
|
|
2018-04-10 15:00:00 |
\'FakeUpdates\' campaign leverages multiple website platforms (lien direct) |
Browser update? Do not trust, and do verify before downloading potential malware.
Categories:
Social engineering
Threat analysis
Tags: chromeChtonicfake updatesFakeUpdatesfirefoxflashJoomlamalvertisingmalwareratSquarespacewordpress
(Read more...)
|
|
|
|
|
2018-04-09 15:16:05 |
A week in security (April 02 – April 08) (lien direct) |
A roundup of the security news from April 02 – April 08, including postal scams, ransomware, fake phone apps, and more.
Categories:
Security world
Week in security
Tags: healthLinkedInmalwareransomwareroundupsecurityweek in security
(Read more...)
|
|
|
|
|
2018-04-09 13:00:00 |
Labs CTNT report shows shift in threat landscape to cryptomining (lien direct) |
What did we learn about cybercrime in the quarterly Labs CTNT report? Malicious cryptomining has taken over in 2018, and it's leaving all other malware families behind.
Categories:
CTNT report
Malwarebytes news
Tags: cryptocurrencycryptominingCTNT reportcybercrime tactics and techniquesgandcrabmalspamransomwarespyware
(Read more...)
|
|
|
|
|
2018-04-06 18:33:02 |
Physician, protect thyself: An ounce of prevention is worth a pound of cure (lien direct) |
In this final installment of "Physician, protect thyself," we take a look at two key roles in small- to medium-sized hospitals and outpatient clinics that must step up their cybersecurity game to protect patients and staff alike.
Categories:
101
FYI
Tags: Data privacyddoshealthcarehealthcare cybersecurityHIPPAphysician
(Read more...)
|
|
|
|
|
2018-04-05 12:00:00 |
Maybe you shouldn\'t use LinkedIn (lien direct) |
|
|
|
|
|
2018-04-04 15:00:05 |
LockCrypt ransomware: weakness in code can lead to recovery (lien direct) |
A lesser-known variant called LockCrypt ransomware has been creeping around under the radar since June 2017. We take a look inside its code and expose its flaws.
Categories:
Malware
Threat analysis
Tags: LockCryptLockCrypt ransomwareransomware
(Read more...)
|
Guideline
|
|
|
|
2018-04-03 20:53:02 |
Panerabread.com breach could have impacted millions (lien direct) |
The Panerabread.com breach might have exposed 37 million customers' data online. What should you do to make sure your security isn't compromised?
Categories:
Cybercrime
Hacking
Tags: Brian Krebsdata breachidentity theftKrebsOnSecurityLord & TaylorMyFitnessPalOrbitzPaneraPanerabread.comprivacySaks Fifth Avenue
(Read more...)
|
|
|
|
|
2018-04-03 15:30:00 |
Malicious gaming extensions: a child\'s play to infection (lien direct) |
Read more...)
|
|
|
|
|
2018-04-02 17:00:00 |
Mobile Menace Monday: Fake WhatsApp can steal info from your phone (lien direct) |
WhatsApp Plus has the potential to steal information, as it is a variant of Android/PUP.Riskware.Wtaspin.GB, a fake Whatsapp riskware that dates back to mid-2017.
Categories:
Cybercrime
Mobile
Tags: Androidfake whatsappmobile menace mondaymobile riskwareriskwaretriple mwhatsappWhatsApp Plus
(Read more...)
|
|
|
|
|
2018-04-02 16:03:05 |
(Déjà vu) A week in security (March 26 – April 01) (lien direct) |
A roundup of notable security news from March 26 to April 1, including data breaches, encryption, exploit kits, and more.
Categories:
Security world
Week in security
Tags: Androiddata breachencryptionexploit kitsp2p paymentQuantLoaderTLS
(Read more...)
|
|
|
|
|
2018-03-30 16:00:00 |
You down with P2P? 10 tips to secure your mobile payment app (lien direct) |
Peer-to-peer (P2P) mobile transactions are on the rise, thanks to a number of mobile payment apps available on the market. In this post, we'll look at the security risks of using P2P payment apps and what users can do to protect themselves.
Categories:
101
How-tos
Tags: mobile paymentp2p paymentp2p transactionpeer-to-peerprivacysocial paymenttransaction reversal scam
(Read more...)
|
|
|
|
|
2018-03-30 15:00:00 |
TLS 1.3 is nearly here (lien direct) |
TLS 1.3 is nearly upon us, and with it comes a more secure way to do business online. We look at some of the changes coming into force soon.
Categories:
Security world
Technology
Tags: internetonlineTLSTLS 1.3transport layer security
(Read more...)
|
|
|
|
|
2018-03-29 16:00:00 |
The data breach epidemic: no info is safe (lien direct) |
By now it's obvious that data security technology hasn't kept pace with the needs of consumers. In 2017 alone, we learned about massive data breaches from major organizations like Equifax, Uber, and Verizon. In other words: We're in the midst of a data breach epidemic.
Categories:
101
Infographics
Tags: data breachdata breachesdata breaches of 2017Equifaxprivacy
(Read more...)
|
|
Equifax
Uber
|
|
|
2018-03-29 15:00:00 |
Exploit kits: Winter 2018 review (lien direct) |
In this Winter 2018 review, we check the pulse of exploit kits and their latest developments.
Categories:
Exploits
Threat analysis
Tags: CVE-2014-6332CVE-2015-2419CVE-2015-7645CVE-2015-8651CVE-2016-0189CVE-2018-4878EKsexploit kitsgrandsoftGreenFlash SundownMagnitudeRIG
(Read more...)
|
|
|
|
|
2018-03-28 16:00:00 |
An in-depth malware analysis of QuantLoader (lien direct) |
QuantLoader is a Trojan downloader that has been used in campaigns serving a range of malware, including ransomware, Banking Trojans, and RATs. In this post, we'll take a high-level look at the campaign flow, as well as a deep dive into how the malware executes.
Categories:
Malware
Threat analysis
Tags: backdoormalware analysisQuantLoaderQuantLoader Trojantrojan
(Read more...)
|
|
|
|
|
2018-03-28 15:00:00 |
10 ways to protect your Android phone (lien direct) |
How can Android users balance the power of better tech with the safety of best cybersecurity practices? Here are a few tried and true methods to protect your Android phone.
Categories:
101
How-tos
Tags: Androidandroid securitymobile securityprotect your androidsmartphone
(Read more...)
|
|
|
|