A Twitter user going by the handle @beatsballert messaged me yesterday after learning of an apparently malicious Little Snitch installer available for download on a Russian forum dedicated to sharing torrent links. A post offered a torrent download for Little Snitch, and was soon followed by a number of comments that the download included malware. RUTrack

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Pieter Arntz, malware intelligence researcher at Malwarebytes, about web browser privacy—an often neglected subcategory of data privacy. Without the proper restrictions, browsers can allow web trackers to follow

Last week on Malwarebytes Labs, we looked at how secure the cloud is, understood why unexpected demand can influence an organization to consider their “just in time” (JIT) system, speculated on why the threat actors behind the Troldesh ransomware suddenly released thousands of decryption keys, preached the good news about VPN being mainstream, touched on the

In early 2019, Singapore’s data privacy regulators proposed that the country’s data privacy law could use two new updates—a data breach notification requirement and a right of data portability for the country’s residents. The proposed additions are commonplace in several data privacy laws around the world, including, most notably, the European Union Gene

The Common Vulnerability Scoring System (CVSS) provides software developers, testers, and security and IT professionals with a standardized process for assessing vulnerabilities. You can use the CVSS to assess the threat level of each vulnerability, and then prioritize mitigation accordingly. This article explains how the CVSS works, including a review o

Here at Malwarebytes, we’re no strangers to using virtual private networks (VPNs) to protect our privacy while browsing online. Regular readers of our blog will remember that we’ve advised on VPN usage on many occasions, whether for mobile device users looking for anonymity or business owners wanting additional authentication protocols. We believe VPNs are a

In the last few weeks, there has been an upswing in people receiving threatening, extortion email messages, demanding payment to avoid release of sensitive information. Most of the time, these emails are what we call “sextortion” emails, as they claim that malware on your computer has captured embarrassing photos of you through the webcam, but th

A little more than one month after the European Union enacted the General Data Protection Regulation (GDPR) to extend new data privacy rights to its people, the governor of California signed a separate, sweeping data protection law that borrowed several ideas from GDPR, sparking a torch in a legislative data privacy trend that has now spanned at least 10 cou

Today, Malwarebytes is announcing its participation in a joint effort to stop invasive digital surveillance: the Coalition Against Stalkerware. For years, Malwarebytes has detected and warned users about the potentially dangerous capabilities of stalkerware, an invasive threat that can rob individuals of their expectation of, and right to, privacy. Just

Malwarebytes was founded on the belief that everyone has a fundamental right to a malware-free existence. Every product we make is built on that premise. That’s why we’ve been hard at work on the latest version of Malwarebytes for Windows that not only sports a whole new look, but packs cutting-edge detection methods into a lightweight, lightning-fast progra

In July 2018, we introduced the Malwarebytes Browser Extension, a beta plugin for Firefox and Chrome aimed at delivering a safer, faster, and more private browsing experience. Our extension blocked tech support scams, hijackers, pop-up ads, trackers, and more to keep users secure and free from online harassment. And thanks to our loyal Malwarebytes commu

Hey folks, Welcome to the new Malwarebytes Unpacked…err…Labs! It’s new, improved, and bigger than ever. Hope you like it. So why did we mess with a good thing? We decided that we wanted to provide you with even more opportunities for education, communication, and knowledge. So, we created Malwarebytes Labs, your one-stop shop for everything conce

At Malwarebytes, our mission is to protect consumers and businesses from the most dangerous cyber threats. Today, we announced a new solution that will dramatically change endpoint detection and response (EDR) for Mac users – a growing target area for hackers. The fact that Mac users are safe from cyber threats is a common misconception. While it’s true that

The massive security happening that is Infosec Europe is due to take place next month (June 7-9), and I’ll be in attendance alongside Pieter and Jovi for both Infosec Europe and the 2016 Security Blogger Awards. Last year, we picked up our first award at the EU Security Blogger Awards, and now – thanks to your nominations – we’re in l

Compromised websites remain one of the surefire ways to redirect innocent visitors to exploit kits. During the past few days we’ve started seeing an unusual route to the  infamous Angler EK, notorious for leveraging hacked WordPress and Joomla CMSs. This wasn’t via the common EITest or Darkleech paths nor was it a direct injection of the landing