MalwareBytes

MalwareBytes Security 

International students in UK targeted by visa scammers

September 18, 2019 admin 0 Comments China, Chinese students, home office, Hong Kong, money mule, SCAM, scams, uk, UKVI, universities, University, Visa, wire fraud

Credit to Author: Christopher Boyd| Date: Wed, 18 Sep 2019 16:49:40 +0000

Visa scammers are at it again, this time targeting Chinese international students in the UK. Learn how these scams work in order to steer clear, and advise others to do the same. Categories: Scams Tags: chinaChinese studentshome officehong kongmoney mulescamukUKVIuniversitiesuniversityvisawire fraud (Read more…)

The post International students in UK targeted by visa scammers appeared first on Malwarebytes Labs.

Read more

MalwareBytes Security 

Emotet is back: botnet springs back to life with new spam campaign

September 16, 2019 admin 0 Comments Botnet, botnets, downloader, emotet, information stealer, malicious email, malspam, phishing, Ryuk Ransomware, spam, spear phishing, trickbot

Credit to Author: Threat Intelligence Team| Date: Mon, 16 Sep 2019 17:04:53 +0000

After months of laying dormant, the notorious Emotet is back, with its botnet spewing spam globally. Categories: Botnets Tags: botnetbotnetsdownloaderemotetinformation stealermalicious emailmalspamphishingRyuk ransomwarespamspear phishingtrickbot (Read more…)

The post Emotet is back: botnet springs back to life with new spam campaign appeared first on Malwarebytes Labs.

Read more

MalwareBytes Security 

A week in security (September 9 – 15)

September 16, 2019 admin 0 Comments a week in security, infosec, malware, Mobile, phishing, social network, weekly roundup

Credit to Author: Malwarebytes Labs| Date: Mon, 16 Sep 2019 15:35:21 +0000

A roundup of the security news from September 9–15, including locking down AWS, mobile malware, phishing threats, and more. Categories: A week in security Tags: a week in securityinfosecmalwareMobilephishingsocial networkweekly roundup (Read more…)

The post A week in security (September 9 – 15) appeared first on Malwarebytes Labs.

Read more

MalwareBytes Security 

Hacking with AWS: incorporating leaky buckets into your OSINT workflow

September 13, 2019 admin 0 Comments Amazon, AWS, AWS buckets, data, hacking, Intel, intelligence gathering, open source intelligence, OSINT, pen-testing, penetration testing, recon, reconnaisance, Researcher's corner, vulnerabilities

Credit to Author: Vasilios Hioureas| Date: Fri, 13 Sep 2019 20:44:52 +0000

When penetration testing for an organization, what OSINT tactics can researchers employ? We discuss how hacking with AWS buckets can provide more recon data and uncover any leaks. Categories: Researcher’s corner Tags: amazonawsAWS bucketsdatahackingIntelintelligence gatheringopen source intelligenceOSINTpen-testingpenetration testingreconreconnaisancevulnerabilities (Read more…)

The post Hacking with AWS: incorporating leaky buckets into your OSINT workflow appeared first on Malwarebytes Labs.

Read more

MalwareBytes Security 

YouTube ordered to cough up $170M settlement over COPPA infraction

September 12, 2019 admin 0 Comments privacy

Credit to Author: Jovi Umawing| Date: Thu, 12 Sep 2019 20:15:22 +0000

Last week, the FTC announced its settlement with Google over YouTube’s COPPA violations, including requirements for better protecting children’s data. But is it enough? Categories: Privacy (Read more…)

The post YouTube ordered to cough up $170M settlement over COPPA infraction appeared first on Malwarebytes Labs.

Read more

MalwareBytes Security 

Five years later, Heartbleed vulnerability still unpatched

September 12, 2019 admin 0 Comments cryptography, EKs, exploit kits, Exploits, heartbeat extension, heartbleed, heartbleed vulnerability, IT, IT teams, Malwarebytes news, Open Source, OpenSSL, SSL, TSL

Credit to Author: Gilad Maayan| Date: Thu, 12 Sep 2019 15:00:00 +0000

The Heartbleed vulnerability was discovered and fixed in 2014, yet today—five years later—there are still unpatched systems. Categories: Malwarebytes news Tags: cryptographyEKsexploit kitsexploitsheartbeat extensionheartbleedheartbleed vulnerabilityITIT teamsopen sourceOpenSSLSSLTSL (Read more…)

The post Five years later, Heartbleed vulnerability still unpatched appeared first on Malwarebytes Labs.

Read more

MalwareBytes Security 

Vital infrastructure: emergency services

September 11, 2019 admin ambulance, emergency, fire department, Infrastructure, Police, services, vital, vital infrastructure

Credit to Author: Pieter Arntz| Date: Wed, 11 Sep 2019 19:29:33 +0000

We all depend on emergency services to come to the rescue in case of serious problems. How does malware hinder them? Categories: Vital infrastructure Tags: ambulanceemergencyfire departmentinfrastructurepoliceservicesvital (Read more…)

The post Vital infrastructure: emergency services appeared first on Malwarebytes Labs.

Read more

MalwareBytes Security 

300 shades of gray: a look into free mobile VPN apps

September 10, 2019 admin Android, anonymity, Apple App Store, black mirror, CDT, centennials, Commonwealth Scientific and Industrial Research Organization, CSIRO, dark web, DNS hijacking, DNS leak, emerging markets, encryption, fake AV, free, free VPN, Global Web Index, GlobalWebIndex, google play store, Guideline 5.4, Hotspot Shield, Hotspot Shield complaint, Innet VPN, iOS, IPv6 leak, KilpVip, Luminati, malvertising, millenials, mobile VPN apps, motivations for VPN usage, MyMobileSecure, NETFLIX, onion browser, privacy, Queen Mary University of London, risk-free, Rob Mardisalu, rogueware, Sapienza University of Rome, Secnet VPN, Simon Migliano, TheBestVPN, top 20 VPN apps, Top10VPN, transparency, UC Berkeley, University of South Wales, virtual private networks, VPN

Credit to Author: Jovi Umawing| Date: Tue, 10 Sep 2019 16:41:45 +0000

Mobile VPN apps are one of the best tools for protecting user privacy. Unfortunately, a notable number of are deemed unsafe. Read on to find out how to assess the best mobile VPN for you. Categories: Privacy Tags: AndroidanonymityApple App Storeblack mirrorCDTcentennialsCommonwealth Scientific and Industrial Research OrganizationCSIRODark WebDNS hijackingDNS leakemerging marketsencryptionfake avfreefree VPNGlobal Web IndexGlobalWebIndexGoogle Play StoreGuideline 5.4Hotspot ShieldHotspot Shield complaintInnet VPNiOSIPv6 leakKilpVipLuminatimalvertisingmillenialsmobile VPN appsmotivations for VPN usageMyMobileSecurenetflixonion browserprivacyQueen Mary University of Londonrisk-freeRob MardisaluroguewareSapienza University of RomeSecnet VPNSimon MiglianoTheBestVPNtop 20 VPN appsTop10VPNtransparencyUC BerkeleyUniversity of South Walesvirtual private networksvpn (Read more…)

The post 300 shades of gray: a look into free mobile VPN apps appeared first on Malwarebytes Labs.

Read more

MalwareBytes Security 

A week in security (September 2 – 8)

September 9, 2019 admin a week in security, back to school, back to school cybersecurity, Capital One data breach, China, cyber insurance, deepfake, deepfake for voices, Facebook, iphone compromise, Paige Thompson, ransomware, remote workers, romance scam, scammers, Social engineering, spear phishing, Targeted Attacks, trickbot, Uyghur Muslims

Credit to Author: Malwarebytes Labs| Date: Mon, 09 Sep 2019 16:01:30 +0000

A roundup of the latest cybersecurity news for the week of September 2 – 8, including TrickBot’s new trick, a social engineering toolkit, and how to keep remote workers safe. Categories: A week in security Tags: back to schoolback to school cybersecurityCapital One data breachchinacyber insurancedeepfakedeepfake for voicesfacebookiphone compromisePaige Thompsonransomwareremote workersromance scamscammersSocial Engineeringspear phishingtargeted attackstrickbotUyghur Muslims (Read more…)

The post A week in security (September 2 – 8) appeared first on Malwarebytes Labs.

Read more

MalwareBytes Security 

When corporate communications look like a phish

September 9, 2019 admin Anti-phishing, bec, Business, Business Email Compromise, corporate communications, email communications, Emails, phishing, phishing training, training and awareness program

Credit to Author: William Tsing| Date: Mon, 09 Sep 2019 15:36:11 +0000

Before organizations engage in gnashing of teeth over the “ignorant user” and the cost of training, think about how much email users encounter and whether corporate communications look like phishes themselves. Categories: Business Tags: anti-phishingbecBusiness Email Compromisecorporate communicationsemail communicationsemailsphishingphishing trainingtraining and awareness program (Read more…)

The post When corporate communications look like a phish appeared first on Malwarebytes Labs.

Read more

MalwareBytes Security 

5 simple steps to securing your remote employees

September 4, 2019 admin 2fa, approved device list, bring your own device, Business, BYOD, encryption, Find My iPhone, Find my Mobile, governance, IDG Connect, jailbreak, Man In The Middle, man-in-the-middle attack, multi-factor authentication, passcode, Password, public wi-fi, RBAC, remote, remote employees, remote wiping, remote workforce, role-based access control, single-sign on, sso, two-factor authentication, VPN

Credit to Author: David Ruiz| Date: Wed, 04 Sep 2019 14:06:26 +0000

Modern businesses require modern cybersecurity, and modern cybersecurity means more than just implementing the latest tech. It also means implementing good governance. Categories: Business Tags: 2faapproved device listbring your own devicebyodencryptionFind my iPhoneFind my MobilegovernanceIDG Connectjailbreakman-in-the-middleman-in-the-middle attackmulti-factor authenticationpasscodepasswordpublic Wi-FiRBACremoteremote employeesremote wipingremote workforcerole-based access controlsingle sign-onssotwo-factor authenticationvpn (Read more…)

The post 5 simple steps to securing your remote employees appeared first on Malwarebytes Labs.

Read more