byPaul DucklinModern telephony is full of anachronisms.For example, we still “dial” calls, and many phone apps still display the word “dialling” while they’re waiting for the person at the other end to pick up.But when was the last time you saw, let alone used, a phone that actually had a dial? And we still use idioms such as &#
Facebook has addressed a security vulnerability in its Messenger for Android app that could have allowed attackers to spy on users.
Facebook has addressed a major security issue in its Messenger for Android app that could have allowed threat actors to spy on users by placing and connecting Messenger audio calls without their interaction.
The vulnerabil
Researchers discovered an ElasticSearch database exposed online that contained data for over 100000 compromised Facebook accounts.
Researchers at vpnMentor discovered an ElasticSearch database exposed online that contained an archive of over 100.000 compromised Facebook accounts. The archive was used by crooks as part of a global hacking campaign against
Ragnar Locker Ransomware operators have started to run Facebook advertisements to force their victims into paying the ransom.
In November 2019, ransomware operators have started adopting a new double-extortion strategy first used by the Maze gang that sees threat actors also stealing unencrypted files before encrypting infected systems. Then the attacker
We had a very busy week at Malwarebytes Labs.
We offered advice on Google’s patch for an actively exploited zero-day bug that affects Chrome users, our podcast talked about finding consumer value in Cybersecurity Awareness Month with Jamie Court, we provided guidance about keeping ransomware cash away from your business, pointed out how scammers ar
byPaul DucklinThis week: Facebook scammers trick you with fake copyright notices, voice scammers automate their attacks on the vulnerable, how to tune up your mobile privacy, and (oh! no!) the best/worst IT helpdesk call ever.Presenters: Kimberly Truong, Doug Aamoth and Paul Ducklin.Intro and outro music: Edith Mudge.LISTEN NOWClick-and-drag on the soundwave
Last week on Malwarebytes Labs, we looked at journalism’s role in cybersecurity on our Lock and Code podcast, gave tips for safer shopping on Amazon Prime day, and discussed an APT attack springing into life as Academia returned to the real and virtual campus environment. We also dug into potential FIFA 21 scams, the return of QR code scams, Covid fatigue, a
Facebook shared details about a long-running ad-fraud campaign that’s been ongoing since 2016 targeting Facebook users with SilentFade malware.
Facebook detailed an ad-fraud cyberattack that’s been ongoing since 2016, crooks are using a malware tracked as SilentFade (short for “Silently running Facebook Ads with Exploits”) to steal Facebook credentials an
A critical vulnerability in Instagram’s Android and iOS apps could have allowed remote attackers to run malicious code, snoop on unsuspecting users, and hijack control of smartphone cameras and microphones.The security hole, which has been patched by Instagram owner Facebook, could be exploited by a malicious hacker simply sending their intended victim
The popular fitness tracking app Strava can assist stalkers; Facebook is irked about European regulators; a new Bluetooth vulnerability takes a new tack on attacks; and we look at some disturbing drive-by downloads that are coming from rogue Google ads.Strava and stalkersFacebook Says it Will Stop Operating in Europe If Regulators Don’t Back DownShortly afte
Last year, credentials for PayPal, Facebook, and Airbnb were among the top goods on high demand in the dark web, aka the Internet’s underground market. But due to the COVID-19 outbreak, with most of the worldwide population sheltering, working, and studying indoors, many facets of life have made a full 180-degree turn—including the criminal world.
Last week on Malwarebytes Labs, we dug into security hubris on the Lock and Code podcast, explored ways in which Apple’s notarization process may not be hitting all the right notes, and detailed a new web skimmer. We also explained how to keep distance learners secure, talked about PCI DSS compliance, and revealed that SMB security posture is weakened by COV
Social media has a long history of people asking for help or giving advice to other users. One common feature is the ubiquitous “missing person” post. You’ve almost certainly seen one, and may well have amplified such a Facebook post, or Tweet, or even blog.
The sheer reach and virality of social media is perfect for alerting others. It really is akin to
byPaul DucklinAt the risk of giving you a feeling of déjà vu all over again……it’s time to talk about Facebook hoaxes once more.Looking at the Naked Security articles that people have not only searched for but also read in large numbers over the past few days tells us that we’re in what you might call a “market uptick” for
Last week on Malwarebytes Labs, we looked into nasty search hijackers that worried a lot of Chrome users; a list of considerations for MSPs when looking for an RMM platform; the complaint faced by ParetoLogic, the company that issues SpeedyPC, a product that claims to find and remove various PC errors; and a ransomware attack that affected car manufacturers