MalwareBytes – Page 198 – PossibleThreat Articles

MalwareBytes Security

Update now! Apple fixes several serious vulnerabilities in iOS and macOS

March 15, 2022 0 Comments cve-2022-22611, cve-2022-22612, cve-2022-22633, cve-2022-22634, cve-2022-22635, cve-2022-22636, cve-2022-22666, cve-2022-22667, Exploits and vulnerabilities, ios 15.4, ipados 15.4, kernel, montery 12.3, webkit

Credit to Author: Pieter Arntz| Date: Tue, 15 Mar 2022 21:28:21 +0000

Apple has released patches to fix several vulnerabilities that could allow an attacker to execute arbitrary code on an affected device.

The post Update now! Apple fixes several serious vulnerabilities in iOS and macOS appeared first on Malwarebytes Labs.

MalwareBytes Security

Stolen Nvidia certificates used to sign malware—here’s what to do

March 15, 2022 0 Comments Awareness, certificates, crl, lapsus, NVIDIA, untrusted

Credit to Author: Pieter Arntz| Date: Tue, 15 Mar 2022 17:20:32 +0000

Two Nvidia code signing certificates have been leaked by the LAPSUS$ ransomware group. We explain what it means and what you can do about it.

The post Stolen Nvidia certificates used to sign malware—here’s what to do appeared first on Malwarebytes Labs.

MalwareBytes Security

De-Googling Carey Parker’s (and your) life: Lock and Code S03E06

March 14, 2022 0 Comments amazon, Amazon web services, Android, Apple, Big Tech, chromebook, Data privacy, de-google, de-googling, facebook, Google, Google Chrome, Instagram, iPhone, kashmir hill, LinkedIn, lock and code, Microsoft, Podcast, privacy focused, privacy forward, teams, whatsapp, Windows

Credit to Author: Malwarebytes Labs| Date: Mon, 14 Mar 2022 20:41:07 +0000

This week on Lock and Code, we talk about taking the right steps to removing Google and its many services from your life.

The post De-Googling Carey Parker’s (and your) life: Lock and Code S03E06 appeared first on Malwarebytes Labs.

MalwareBytes Security

CISA list of 95 new known exploited vulnerabilities raises questions

March 14, 2022 0 Comments adam kujawa, adobe flash player, bod 22-01, cisa, Cisco, Exploits and vulnerabilities, Fancy Bear, fceb, known exploited vulnerabilities catalog, lazarus group, ripple20

Credit to Author: Pieter Arntz| Date: Mon, 14 Mar 2022 11:18:33 +0000

When CISA decided to add 95 known exploited vulnerabilities to its catalog in one day, we decided to do some digging.

The post CISA list of 95 new known exploited vulnerabilities raises questions appeared first on Malwarebytes Labs.

MalwareBytes Security

A week in security (March 7 – March 13)

March 14, 2022 0 Comments A week in security, autowarp, azure autowarp, Brave, brute force, bug-fixing time, dirty pipe, docs, extortion, facebook, fake dating profile, formbook, google docs, hbo, Patch Tuesday, Privacy, ragnarlocker, Ransomware, RDP, Tor, twitter, ukraine

Credit to Author: Malwarebytes Labs| Date: Mon, 14 Mar 2022 10:52:34 +0000

The most important and interesting security stories from the last seven days.

The post A week in security (March 7 – March 13) appeared first on Malwarebytes Labs.

MalwareBytes Security

Blunting RDP brute-force attacks with rate limiting

March 11, 2022 0 Comments brute force attacks, brute force protection, explained, honeypots, password guessing, rate limiting, RDP, threat intelligence

Credit to Author: Mark Stockley| Date: Fri, 11 Mar 2022 22:33:07 +0000

Rate limiting can slow a determined password guessing attack to a crawl, giving defenders months of extra time to respond.

The post Blunting RDP brute-force attacks with rate limiting appeared first on Malwarebytes Labs.

MalwareBytes Security

HBO sued for sharing subscriber data with Facebook

March 11, 2022 0 Comments angel mcdaniel, bursor & fisher, constance simon, hbo max, Privacy, video privacy protection act, vppa

Credit to Author: Malwarebytes Labs| Date: Fri, 11 Mar 2022 20:50:16 +0000

Some HBO Max subscribers have filed a class action suit against HBO for allegedly sharing their data with Facebook, without their consent.

The post HBO sued for sharing subscriber data with Facebook appeared first on Malwarebytes Labs.

MalwareBytes Security

Linux “Dirty Pipe” vulnerability gives unprivileged users root access

March 11, 2022 0 Comments Android, cve-2022-0847, dirty cow, dirty pipe, Exploits and vulnerabilities, linux kernel

Credit to Author: Pieter Arntz| Date: Fri, 11 Mar 2022 14:38:30 +0000

A vulnerability in the Linux kernel allows an unprivileged user to overwrite data in read-only files owned by root.

The post Linux “Dirty Pipe” vulnerability gives unprivileged users root access appeared first on Malwarebytes Labs.

MalwareBytes Security

Ransomware: February 2022 review

March 10, 2022 0 Comments avoslocker, blackbyte, blackcat, clop, conti, cuba, hivelekas, lockbit, locker, quantum, ragnar, ransomexx, Ransomware, snatch, suncrypts, threat intelligence

Credit to Author: Threat Intelligence Team| Date: Thu, 10 Mar 2022 17:59:42 +0000

Get the latest information on ransomware trends with our monthly review.

The post Ransomware: February 2022 review appeared first on Malwarebytes Labs.

MalwareBytes Security

Extortion scheme impersonates government officials, law enforcement

March 10, 2022 0 Comments data theft, erick kron, extortion, FBI, fbi psa, fraud, psa, scams, Social engineering

Credit to Author: Jovi Umawing| Date: Thu, 10 Mar 2022 13:31:14 +0000

The FBI has warned the public about a new fraud scheme that involves impersonating law enforcement and government personnel in order to steal money and data.

The post Extortion scheme impersonates government officials, law enforcement appeared first on Malwarebytes Labs.