We’ve all heard the stories: Organizations getting breached like there’s no tomorrow thanks to threat actors exploiting unpatched vulnerabilities. Likewise, we’ve…
Month: August 2022
A week in security (August 15 – August 21)
Last week on Malwarebytes Labs: Stay safe!
CISA wants you to patch these actively exploited vulnerabilities before September 8
On Thursday, CISA (the US Cybersecurity and Infrastructure Security Agency) updated its catalog of actively exploited vulnerabilities by adding seven new entries. These…
Criminals socially engineer their way to bank details with fake arrest warrants
When an organization experiences a massive data breach, it knows (at least) that it needs to inform the federal government about…
Cryptojackers growing in numbers and sophistication
With rising energy costs and increased volatility in the value of cryptocurrencies, we were bound to see a rise in malicious cryptomining, aka…
Reddit users crowdsourcing explicit images and identities
The BBC is warned of a large photograph trading ring which operated on popular group forum site Reddit. These warnings are in…
Tech support scammers target Microsoft users with fake Office 365 USB sticks
Microsoft is a hot target for scammers and acts of fraud. For example, tech support scam websites cover themselves in Windows…
Spying on the spies. See what JavaScript commands get injected by in-app browsers
Developer and privacy expert Felix Krause aka KrauseFx announced this week that he had introduced a simple tool to list the JavaScript…
Explained: Steganography
Steganography is the prime example of effectively hiding something in plain sight. The word steganography comes from the Greek words “stegos”…
Urgent update for macOS and iOS! Two actively exploited zero-days fixed
Apple has released emergency security updates to fix two zero-day vulnerabilities previously exploited by attackers to hack iPhones, iPads, or Macs….