Ransomware is creating additional work for a major Spanish bank. Globalcaja, said to have more than 300 offices in Spain and close to half a million customers, has fallen victim to the Play ransomware gang. The gang claim to have swiped both private and personal information in the attack—including passport scans, contracts, and client / employee d

The US Cybersecurity and Infrastructure Security Agency (CISA) has an urgent message for US businesses: watch out for Volt Typhoon, a threat actor sponsored by the People’s Republic of China (PRC). The agency's joint Cybersecurity Advisory (CSA) published last week highlights a cluster of tactics, techniques, and procedures (TTPs) associated with the c

A series of security errors and mishaps has cost personal loan provider OneMain $4.25m in penalties, issued by the New York State department of financial services. The fines, coming at the end of a detailed investigation into how security practices at the company were determined to be below-par, serve as a timely warning to other organisations. OneMain exper

WordPress plugins are under fire once more, and you’re advised to update your version of Beautiful Cookie Consent Banner as soon as possible. The plugin, which is installed on more than 40,000 sites, has been impacted by a “bizarre campaign”  being actively used since at least February 5 of this year. The plugin is designed to present

We're excited to announce that our much-anticipated 4th edition of the Byte Into Security webinar series is right around the corner. Scheduled for May 31st at 10:00AM PST/1:00pm EST, this session is a goldmine for those facing the unique challenges of K-12 cybersecurity. The webinar is free, and you can register right now! We're bringing Logan Evans, Directo

At Malwarebytes, we talk a lot about the importance of threat hunting for SMBs—and not for no good reason, either. Just consider the fact that, when a threat actor breaches a network, they don’t attack right away. The median amount of time between system compromise and detection is 21 days. By that time, it’s often too late. Data

Vulnerabilities have been found and fixed in the web-based user interface of various Cisco products in the Small Business Series. These nine issues are tied to the web-based user interface of the products, and in a worst case scenario could lead to denial of service (DoS) conditions or arbitrary code execution. Affected products The vulnerabilities affe

If you haven’t heard about ChatGPT yet, perhaps you’ve just been thawed from cryogenic slumber or returned from six months off the grid. ChatGPT—the much-hyped, artificial intelligence (AI) chatbot that provides human-like responses from an enormous knowledge base—has been embraced practically everywhere, from private sector businesse

Did you miss our recent webinar on EDR vs. MDR? Don't worry, we've got you covered! In this blog post, we'll be recapping the highlights and key takeaways from the webinar hosted by Marcin Kleczynski, CEO and co-founder of Malwarebytes, and featuring guest speaker Joseph Blankenship, Vice President and research director at Forrester. Introducing EDR and MDR

Cyber criminals come in all shapes and sizes. On one end of the spectrum, there’s the script kiddie or inexperienced ransomware gang looking to make a quick buck. On the other end are state-sponsored groups using far more sophisticated tactics—often with long-term, strategic goals in mind. Advanced Persistent Threats (APT) groups fall into this l

Malwarebytes has once again earned a perfect score in AVLabs March 2023 real-world malware detection tests, marking the sixth consecutive quarter achieving this feat. Let's delve into the details of the test and how both consumer and business products outperformed competitors in exhaustive testing. The AVLab Assessment AVLabs evaluation process is extensive

Whether a company gives them out or they're owned by the employees or students, mobile devices are like honey for cybercriminals. And the kicker? Most of these devices are not protected enough. Just check out the following stats from last year: 18 percent of clicked phishing emails in 2022 came from a mobile device. (Verizon Mobile Security Index 2022) 46 p

Fact: 77% of organizations are convinced they're capable of protecting their mobile devices—smartphones, tablets, and laptops (including Chromebooks)—from cybersecurity threats. Another fact: A third of those organizations aren't protecting their mobile devices at all. And that matters—in its Mobile Security Index 2022 report, Verizon repor

Don't miss our upcoming webinar on EDR vs. MDR! In the webinar, Marcin Kleczynski, CEO and co-founder of Malwarebytes, and guest speaker Joseph Blankenship, Vice President and research director at Forrester, discuss topic such as:  The difference between EDR and MDR, how EDR solutions can be challenging for businesses without dedicated s

When you hear about malware, there’s a good chance you think of sketchy executables or files with extensions like .DOCX or .PDF that, once opened, execute malicious code. These are examples of file-based attacks—and while they can be bad, they’re nothing compared to their fileless cousins. As the name suggests, fileless attacks don’t