Hacking with AWS: incorporating leaky buckets into your OSINT workflow

When penetration testing for an organization, what OSINT tactics can researchers employ? We discuss how hacking with AWS buckets can provide more recon data and uncover any leaks.

Categories:

Tags:

(Read more…)

The post Hacking with AWS: incorporating leaky buckets into your OSINT workflow appeared first on Malwarebytes Labs.

Labs report: Malicious AI is coming—is the security world ready?

Malwarebytes Labs’ latest report looks at the near-future reality of malicious artificial intelligence (AI), evaluating how the technology is being used today, and how it realistically might be abused in the next few years.

Categories:

Tags:

(Read more…)

The post Labs report: Malicious AI is coming—is the security world ready? appeared first on Malwarebytes Labs.

A week in security (May 13 – 19)

A roundup of security news from May 13–19, including ransomware attacks on the upswing, website hacking, pseudo-VPNs, bloatware, and more.

Categories:

Tags:

(Read more…)

The post A week in security (May 13 – 19) appeared first on Malwarebytes Labs.

Electrum Bitcoin wallets under siege

Threat actors are relentlessly phishing and attacking Electrum Bitcoin wallet users, racking up millions of dollars.

Categories:

Tags:

(Read more…)

The post Electrum Bitcoin wallets under siege appeared first on Malwarebytes Labs.

Who is managing the security of medical management apps?

Because medical records are such a lucrative data set, attackers often target the healthcare industry, seeking out and eventually finding the weakest link in the supply chain. That’s why it’s important for stakeholders to consider the broader implications of cybersecurity weaknesses in medical management apps. But who should be held responsible?

Categories:

Tags:

(Read more…)

The post Who is managing the security of medical management apps? appeared first on Malwarebytes Labs.

A week in security (March 18 – 24)

A roundup of cybersecurity news from March 18–24, including Facebook’s privacy pivot, password reuse, new research on hospital phishing attacks, infected iPhone apps, and more.

Categories:

Tags:

(Read more…)

The post A week in security (March 18 – 24) appeared first on Malwarebytes Labs.

How threat actors are using SMB vulnerabilities

SMB vulnerabilities have been so successful for criminals that they’ve been used in some of the most devastating ransomware and Trojan attacks of the last two years. Learn how they work and how your organization can protect against them.

Categories:

Tags:

(Read more…)

The post How threat actors are using SMB vulnerabilities appeared first on Malwarebytes Labs.

A week in security (October 1 – 7)

A roundup of the security news from October 1–7 including National Cybersecurity Awareness Month, LoJack, fileless malware, and BYOS.

Categories:

Tags:

(Read more…)

The post A week in security (October 1 – 7) appeared first on Malwarebytes Labs.

Millions of accounts affected in latest Facebook hack

Facebook announced earlier today that its social network had been breached, resulting in 40 million accounts that were directly impacted. Learn more as the Facebook breach story develops.

Categories:

Tags:

(Read more…)

The post Millions of accounts affected in latest Facebook hack appeared first on Malwarebytes Labs.

Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT

A threat actor implements a newer vulnerability exploited in Internet Explorer to serve up the Quasar RAT and diversify the portfolio of attacks.

Categories:

Tags:

(Read more…)

The post Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT appeared first on Malwarebytes Labs.