HackDig : Dig high-quality web security articles

TinyCheck: Stalkerware detection that doesn’t leave a trace

In 2019, when Malwarebytes helped found the Coalition Against Stalkerware, which brings together cybersecurity vendors and nonprofits to detect and raise awareness about stalkerware, we encountered a significant roadblock in our fight: For some users, the very detection of these potentially privacy-invasive tools could put their lives at greater risk. In
Publish At:2021-03-09 21:24 | Read:407 | Comments:0 | Tags:Privacy Coalition Against Stalkerware Malwarebytes stalkerwa

Malwarebytes ‘s email systems hacked by SolarWinds attackers

Cyber security firm Malwarebytes announced that threat actor behind the SolarWinds attack also breached its network last year. Malwarebytes revealed today that SolarWinds hackers also breached its systems and gained access to its email. Malwarebytes joins the club of security firms that were hit by Solarwinds attackers, after FireEye, Microsoft, and Crowd
Publish At:2021-01-19 19:50 | Read:507 | Comments:0 | Tags:Breaking News Hacking hacking news information security news

Likely lead generation scam targets potential Malwarebytes MSP partners

Recently, Malwarebytes discovered a potential lead generation scam targeting companies that are interested in our Malwarebtyes Managed Service Provider (MSP) Program. In the scam, an individual who used the name “Jenny” aggressively contacted potential MSP partners claiming to represent Malwarebytes. In one instance in New Zealand, “Jenny” repeatedly call
Publish At:2020-12-16 16:36 | Read:634 | Comments:0 | Tags:Scams lead generation lead generation scam Malwarebytes Malw

Be Very Sparing in Allowing Site Notifications

An increasing number of websites are asking visitors to approve “notifications,” browser modifications that periodically display messages on the user’s mobile or desktop device. In many cases these notifications are benign, but several dodgy firms are paying site owners to install their notification scripts and then selling that communicati
Publish At:2020-11-17 14:00 | Read:626 | Comments:0 | Tags:A Little Sunshine Latest Warnings Web Fraud 2.0 Frank Angiol

The cybersecurity skills gap is misunderstood

Nearly every year, a trade association, a university, an independent researcher, or a large corporation—and sometimes all of them and many in between—push out the latest research on the cybersecurity skills gap, the now-decade-plus-old idea that the global economy lacks a growing number of cybersecurity professionals who cannot be found. It is, as one rep
Publish At:2020-08-25 15:25 | Read:1170 | Comments:0 | Tags:Business (ISC) Aspen Institute CSIS cybersecurity skills gap

Coronavirus campaigns lead to surge in malware threats, Labs report finds

In the first three months of 2020, as the world clamped down to limit coronavirus, cyber threats ramped up. Our latest, special edition for our quarterly CTNT report focuses on recent, increased malware threats which all have one, big thing in common—using coronavirus as a lure. Our report, “Cybercrime tactics and techniques: Attack on home base,” analyze
Publish At:2020-06-01 13:35 | Read:1269 | Comments:0 | Tags:Cybercrime Malware Reports Scams Social engineering Threat a

Coalition Against Stalkerware bulks up global membership

Today, the Coalition Against Stalkerware brought aboard 11 new organizations to address the potentially dangerous capabilities of stalkerware, an invasive, digital threat that can rob individuals of their expectation of, and right to, privacy. These types of apps can provide domestic abusers with a new avenue of control over their survivors’ lives, granting
Publish At:2020-05-27 12:25 | Read:1115 | Comments:0 | Tags:Stalkerware Anonyome Labs AppEsteem Corporation bff Bundesve

Fake Malwarebytes Site Used by Malvertising Attack to Spread Raccoon

A malvertising campaign used a copycat website for anti-malware software provider Malwarebytes to distribute the Raccoon infostealer.Malwarebytes learned of the campaign when someone notified the security firm that someone was abusing its brand using the lookalike domain “malwarebytes-free[.]com.” Registered on March 29 via REGISTRAR OF DOMAIN NA
Publish At:2020-04-08 09:50 | Read:1422 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Malvert

Copycat criminals abuse Malwarebytes brand in malvertising campaign

While exploit kit activity has been fairly quiet for some time now, we recently discovered a threat actor creating a copycat—fake—Malwarebytes website that was used as a gate to the Fallout EK, which distributes the Raccoon stealer. The few malvertising campaigns that remain are often found on second- and third-tier adult sites, leading to the Fallout or
Publish At:2020-04-07 14:49 | Read:1494 | Comments:0 | Tags:Exploits and vulnerabilities copycat criminals copycat sites

Crafty Web Skimming Domain Spoofs “https”

Earlier today, KrebsOnSecurity alerted the 10th largest food distributor in the United States that one of its Web sites had been hacked and retrofitted with code that steals credit card and login data. While such Web site card skimming attacks are not new, this intrusion leveraged a sneaky new domain that hides quite easily in a hacked site’s source co
Publish At:2020-03-11 22:15 | Read:1290 | Comments:0 | Tags:A Little Sunshine The Coming Storm Web Fraud 2.0 .ps Akamai

Threat spotlight: RobbinHood ransomware takes the driver’s seat

Despite their name, the RobbinHood cybercriminal gang is not stealing from the rich to give to the poor. Instead, these ransomware developers are more like big game hunters—attacking enterprise organizations and critical infrastructure and keeping all the spoils for themselves. In 2019, the RobbinHood ransomware creators successfully attacked and receive
Publish At:2020-02-20 17:07 | Read:1740 | Comments:0 | Tags:Threat spotlight .enc_robbinhood Anti-Ransomware baltimore b

Would ‘Medicare for All’ help secure health data?

DISCLAIMER: This post is not partisan, but rather focuses on risk assessment based on history and what threats we are facing in the future. We do not endorse any healthcare plan style in any way, outside of examining its data security risk. For many folks, the term ‘Healthcare for All’ brings up an array of emotions ranging from concern to happiness, and
Publish At:2019-11-26 21:50 | Read:3416 | Comments:0 | Tags:Government Privacy Security world adam kujawa AMCA American

Malwarebytes teams up with security vendors and advocacy groups to launch Coalition Against Stalkerware

Today, Malwarebytes is announcing its participation in a joint effort to stop invasive digital surveillance: the Coalition Against Stalkerware. For years, Malwarebytes has detected and warned users about the potentially dangerous capabilities of stalkerware, an invasive threat that can rob individuals of their expectation of, and right to, privacy. Just
Publish At:2019-11-19 09:50 | Read:2137 | Comments:0 | Tags:Malwarebytes news Coalition Against Stalkerware EFF Electron

Browser Guard combats privacy abuse, tracking, clickbait, and scammers

In July 2018, we introduced the Malwarebytes Browser Extension, a beta plugin for Firefox and Chrome aimed at delivering a safer, faster, and more private browsing experience. Our extension blocked tech support scams, hijackers, pop-up ads, trackers, and more to keep users secure and free from online harassment. And thanks to our loyal Malwarebytes commu
Publish At:2019-09-20 11:20 | Read:2161 | Comments:0 | Tags:Malwarebytes news ad blocking browser Browser guard browser

Scammers Barge in on Customer Support Twitter Talks with Phishing Links

Scammers are inserting themselves into customer support conversations on Twitter and “assisting” users by directing them to click on phishing links.The scam, which was first detected by Techhelplist, is a classic example of a social engineering attack. To pull it off, an actor just needs to set up an imitation account that looks and sounds like a
Publish At:2016-08-12 16:35 | Read:4670 | Comments:0 | Tags:Latest Security News customer support Malwarebytes Phishing