Chaos in a cup: When ransomware creeps into your smart coffee maker

October 1, 2020 ~ Dade Murphy ~ Leave a comment

Malwarebytes Labs-- When the fledgling concept of the Internet of Things (IoT) was beginning to excite the world almost a decade ago, perhaps no coffee lover at that time would’ve imagined including the coffee machine in the roster of internet-connected devices—even in jest. True, the simple, utilitarian coffee machine may not be as popular now … Continue reading Chaos in a cup: When ransomware creeps into your smart coffee maker

VideoBytes: Twitter gets hacked!

October 1, 2020 ~ Dade Murphy ~ Leave a comment

Malwarebytes Labs-- Hello dear readers, and welcome to the latest and greatest from VideoBytes: a brand new, video feature that we announced just yesterday. On our debut post today, we’re talking to you about the Twitter hack, in which hackers accessed the Twitter accounts of 130 high profile figures, like Barack Obama, Joe Biden and … Continue reading VideoBytes: Twitter gets hacked!

Introducing VideoBytes, by Malwarebytes Labs

September 30, 2020 ~ Dade Murphy ~ Leave a comment

Malwarebytes Labs-- We have exciting news for avid readers of Malwarebytes Labs: This week, we’re launching a new, monthly video series that will feature the research, insights, and commentary of our own Adam Kujawa, security evangelist and a director for Malwarebytes Labs. Welcome to VideoBytes, our little corner of threat cinema on the web. The … Continue reading Introducing VideoBytes, by Malwarebytes Labs

Caught in the payment fraud net: when, not if?

September 29, 2020 ~ Dade Murphy ~ Leave a comment

Malwarebytes Labs-- Sometimes, I think there are three certainties in life: death, taxes, and some form of payment fraud. Security reporter Danny Palmer experienced this a little while ago, and has spent a significant amount of time tracking the journey of his card details from the UK to Suriname. His deep-dive confirmed that it is … Continue reading Caught in the payment fraud net: when, not if?

Lock and Code S1Ep15: Investigating digital vulnerabilities in our physical world with Samy Kamkar

September 28, 2020 ~ Dade Murphy ~ Leave a comment

Malwarebytes Labs-- This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Samy Kamkar, chief security officer and co-founder of Open Path, about the digital vulnerabilities in our physical world. If you look through a recent history of hacking, … Continue reading Lock and Code S1Ep15: Investigating digital vulnerabilities in our physical world with Samy Kamkar

Taurus Project stealer now spreading via malvertising campaign

September 24, 2020 ~ Dade Murphy ~ Leave a comment

Malwarebytes Labs-- For the past several months, Taurus Project—a relatively new stealer that appeared in the spring of 2020—has been distributed via malspam campaigns targeting users in the United States. The macro-laced documents spawn a PowerShell script that invokes certutil to run an autoit script ultimately responsible for downloading the Taurus binary. Taurus was originally … Continue reading Taurus Project stealer now spreading via malvertising campaign

Sandbox in security: what is it, and how it relates to malware

September 24, 2020 ~ Dade Murphy ~ Leave a comment

Malwarebytes Labs-- To better understand modern malware detection methods, it’s a good idea to look at sandboxes. In cybersecurity, the use of sandboxes has gained a lot of traction over the last decade or so. With the plethora of new malware coming our way every day, security researchers needed something to test new programs without … Continue reading Sandbox in security: what is it, and how it relates to malware

Phishers spoof reliable cybersecurity training company to garner clicks

September 23, 2020 ~ Dade Murphy ~ Leave a comment

Malwarebytes Labs-- “It happens to the best of us.” And, indeed, no adage is better suited to a phishing campaign that recently made headlines. Fraudsters used the brand, KnowBe4—a trusted cybersecurity company that offers security awareness training for organizations—to gain recipients’ trust, their Microsoft Outlook credentials, and other personally identifiable information (PII). This is according … Continue reading Phishers spoof reliable cybersecurity training company to garner clicks

A week in security (September 14 – 20)

September 21, 2020 ~ Dade Murphy ~ Leave a comment

Malwarebytes Labs-- Last week on Malwarebytes Labs, we looked at Fintech industry developments, specifically the differences between Europe and the US, and we analyzed how some charities and the advertising industry are tied together. We also told readers about what companies can do to counter domain name abuse. In our Lock and Code podcast we talked … Continue reading A week in security (September 14 – 20)

Is domain name abuse something companies should worry about?

September 18, 2020 ~ Dade Murphy ~ Leave a comment

Malwarebytes Labs-- Even though some organizations and companies may not realize it, their domain name is an important asset. Their web presence can even make or break companies. Therefor, “domain name abuse” is something that can ruin your reputation. Losing control There are several ways in which perpetrators can abuse your good name to make … Continue reading Is domain name abuse something companies should worry about?