 |
|
| Riskware is a type of software that, while considered legitimate, can still put users at risk in some way. Learn why anti-malware vendors detect it, and how to tell whether the apps you use are riskware or not.
Categories: Tags: blog seriesExplainedpotentially unwanted programsPUPriskware |
The post Knowing when it’s worth the risk: riskware explained appeared first on Malwarebytes Labs.
 |
|
| It seems problems never quite go away for social media platforms, and more governments of the world are taking keen interest. Will the tech giants be able to sort things out before legislators steps into the fray?
Categories: Tags: EUfacebookgovernmentshate speechInstagramMastodonMyanmarsocial mediatrollstwitterukgov |
The post Governments increasingly eye social media meltdown appeared first on Malwarebytes Labs.
 |
|
| Even e-commerce sites that do not take payment information themselves can be abused by crooks. In this post, we show how a web skimmer is able to inject an artificial iframe into the checkout page to prompt users for their credit card information. Victims will only realize something’s not right when they are redirected to the real (and external) payment form.
Categories: Tags: credit carde-commercehacked websitehackingiframeMagecartmagentophishingskimmer |
The post Skimmer acts as payment service provider via rogue iframe appeared first on Malwarebytes Labs.
 |
|
| A roundup of security news from May 13–19, including ransomware attacks on the upswing, website hacking, pseudo-VPNs, bloatware, and more.
Categories: Tags: Androidbloatwarebreachescrysis ransomwareDDos attackdharmahackinghealthcare cybersecuritymdsMeltdownmicrosoftransomwareserver vulnerabilitiesSpectretyposquattingvpnvulnerabilitieswhatsapp |
The post A week in security (May 13 – 19) appeared first on Malwarebytes Labs.
 |
|
| The Department of Energy was subject to a DDoS attack that caused major disruptions in their operations. Is the smart grid ready for such an attack? Here are the lessons we can take away from the event.
Categories: Tags: botnetddosDDos attackdepartment of energydos attacksexploitmiraiMirai botnetpatchsmart gridvulnerability |
The post 4 Lessons to be learned from the DOE’s DDoS attack appeared first on Malwarebytes Labs.
 |
|
| This month marks two years since the infamous WannaCry attack. Now a Remote Desktop Protocol (RDP) vulnerability has been discovered that could be used in a similar large-scale attack—though Microsoft has released a patch. Have you updated yet?
Categories: Tags: exploitpatchingrdpremote desktop protocolvulnerabilityWannaCrywindows 7windows 8windows server 2003windows server 2008windows xpworm |
The post Microsoft pushes patch to prevent ‘WannaCry’ level vulnerability appeared first on Malwarebytes Labs.
 |
|
| CrySIS, aka Dharma, is a ransomware family making waves over the last two months, often being used in targeted attacks through RDP access. What other tricks are up its sleeve?
Categories: Tags: Anti-Ransomwarecrysisdharmamalwareransomransomwarerdprdp access |
The post Threat spotlight: CrySIS, aka Dharma ransomware, causing a crisis for businesses appeared first on Malwarebytes Labs.
 |
|
| A fix was rolled out for a WhatsApp vulnerability, which was used to inject spyware into mobile devices and target a human rights lawyer.
Categories: Tags: attackMobilespywaretargetedwhatsapp |
The post WhatsApp fix goes live after targeted attack on human rights lawyer appeared first on Malwarebytes Labs.
 |
|
| In this edition, we review active and unique exploit kits hitting consumers and businesses over the spring season.
Categories: Tags: EKsexploit kitsFalloutMagnitudeRIGRouter EKSpelevoUnderminer |
The post Exploit kits: spring 2019 review appeared first on Malwarebytes Labs.
|
|
| A roundup of security news from May 6–12, including breaches, privacy, financials, takedowns, and new ransomware tactics.
Categories: Tags: 5Gbaltimoreconfluencedata breachdharmaelectricfishfinancialfintechGooglemozillaprivacyseep dot webwolters kluwer |
The post A week in security (May 6 – 12) appeared first on Malwarebytes Labs.