Last week on Malwarebytes Labs, we took an in-depth look at card skimmers targeting ASP sites, we released another episode of Lock and Code exploring the Internet of Things, and we dug into a Mac mystery. We also examined some pre-installed malware, and put out a threat spotlight on some customized ransomware. Other cybersecurity news Social media went

As smart home technology improves, it can be tempting, once you’ve entered the world of home gadgets, to try out the many different ones available. From lights to thermostats, from smoke alarms to doorbells, there’s a wide range of connected devices designed to make your life easier, more efficient, and, in some cases, more secure. It’s pre

Google announced that starting from August it will update its policies to reject ads proposed by organizations offering surveillance software. Google announced the update of its Google Ads Enabling Dishonest Behavior policy to “prohibit the promotion of products or services that are marketed or targeted with the express purpose of tracking or monitoring a

An XSS vulnerability in the KingComposer page builder for WordPress impacts 100,000 websites using the WordPress plugin.  Researchers at Wordfence Threat Intelligence team discovered a reflected cross-site scripting (XSS) vulnerability, tracked as CVE-2020-15299, in the KingComposer WordPress plugin that potentially impacts 100,000 websites.  KingCompo

Every day there seems to be a new story about a cybersecurity breach or hacking that causes devastation and destruction – we regularly cover them here on the Panda Security blog. So it makes a pleasant change to write about something more positive occasionally – like a significant reduction in malware incidents. According to a recent study published in Infos

You most likely have a number of websites you visit regularly: sites you use to shop, bank, get the news, and more. If you use Safari on the Mac, you may know that you can change the way you view these websites, changing the font size, using Reader mode, and more. But what you may not know is that you can apply these changes permanently for any site that you

Cyber-incidents that stem from security vulnerabilities have always been, and still are, a major cyber-security issue. Notable cyber-attacks that have exploited vulnerabilities include WannaCry, the Equifax data breach, and Stuxnet, among many others. There is a tendency to believe that zero-day vulnerabilities represent the greatest threat, as victims are u

UK Prime Minister Boris Johnson is going to ban the use of equipment from the Chinese tech giant Huawei in Britain’s 5G network, reported The Daily Telegraph. British Prime Minister Boris Johnson is expected to begin phasing out the use of network equipment manufactured by the Chinese tech giant Huawei in the UK’s 5G network as little as six months, The D

Cisco’s Talos experts disclosed the details of recently patched vulnerabilities affecting the popular Chrome and Firefox web browsers. Researchers from Cisco Talos disclosed technical details of recently patched vulnerabilities affecting the popular Chrome and Firefox web browsers. The first issue, tracked as CVE-2020-6463, is a memory corruption vulne

F5 Networks has published a security advisory warning customers to patch a critical flaw in BIG-IP product that is very likely to be exploited. F5 Networks has addressed a critical remote code execution (RCE) vulnerability, tracked as CVE-2020-5902, that resides in undisclosed pages of Traffic Management User Interface (TMUI) of the BIG-IP product.

The root cause of a series of explosions at important facilities in Iran may be cyberattacks allegedly launched by Israel. A recent sequence of fires and explosions at important Iranian facilities may have been caused by cyber attacks as part of an operation conducted by Israel. Recently several major Iranian industrial facilities suffered a sequence o

New malware targeting the Mac was discovered this week; it’s a hybrid ransomware-wiper-spyware, but you don’t need to worry if you don’t download pirated software. We also discuss how a journalist’s iPhone was hacked by him visiting a website, look at issues with the TikTok app on iOS, and look at how Google is now auto-deleting new u

Cisco announced that it has patched several vulnerabilities affecting its products, including security issues in Small Business routers and switches. Cisco has addressed eight vulnerabilities affecting its products, including flaws in Small Business routers and switches. The most severe flaw, tracked as CVE-2020-3297, affects Small Business and managed

Microsoft has silently released an emergency security update through the Windows Store app to address two vulnerabilities in Windows codecs. Microsoft has silently released two out-of-band security updates through the Windows Store app to address two vulnerabilities in the Windows Codecs Library. The two issues are remote code execution vulnerabilities

The U.S. Federal Communications Commission (FCC) announced that Chinese telecommunications giants Huawei and ZTE are considered as national security threats. Last week China accused the US government of “oppressing Chinese companies” after U.S. regulators declared Huawei and ZTE to be national security threats. The Federal Communications Commission blo