MalwareBytes – Page 225 – PossibleThreat Articles

Everything you need to know about the Heartbleed vulnerability

August 30, 2019 0 Comments Cryptography, EKs, exploit kits, exploits, Exploits and vulnerabilities, heartbeat extension, heartbleed, heartbleed vulnerability, IT, IT teams, open-source, OpenSSL, SSL, TSL

Credit to Author: Malwarebytes Labs| Date: Fri, 30 Aug 2019 16:16:00 +0000

The Heartbleed vulnerability was discovered and fixed in 2014, yet today—five years later—there are still unpatched systems.

Categories:

Exploits and vulnerabilities

Tags: cryptography EKs exploit kits exploits heartbeat extension heartbleed heartbleed vulnerability IT IT teams open source OpenSSL SSL TSL

MalwareBytes Security

Making the case: How to get the board to invest in higher education cybersecurity

August 28, 2019 0 Comments boston college, Business, c-level, CIO, CISO, CISOs, enterprise, higher education, higher education cybersecurity, higher education security, investment in cybersecurity, non-profit, zero trust security model

Credit to Author: Joan Goodchild| Date: Wed, 28 Aug 2019 17:31:00 +0000

CISOs working in institutions of higher learning have their own considerations when communicating with the board about risk management. One of the top security officials at Boston College offers his takeaway on what it takes to get board buy-in on campus.

Categories:

Business

Tags: boston college c-level CIO CISO CISOs enterprise higher education higher education cybersecurity higher education security investment in cybersecurity non-profit zero trust security model

MalwareBytes Security

Study explores clickjacking problem across top Alexa-ranked websites

August 27, 2019 0 Comments advertising, Alexa, alexa-ranked websites, chromium, clickjacking, clickjacking attacks, clickjacking research, observer, ranking, research, study, Web threats, websites

Credit to Author: Christopher Boyd| Date: Tue, 27 Aug 2019 17:36:52 +0000

We look at recent research exploring the threat of clickjacking, along with other solutions considered by site owners and analysts for protecting users against these online attacks.

Categories:

Web threats

Tags: advertising alexa alexa-ranked websites chromium clickjacking clickjacking attacks clickjacking research observer ranking research study web threats websites

MalwareBytes Security

Nextdoor neighborhood app sends letters on its users’ behalf

August 27, 2019 0 Comments invitations, Marketing, neighborhood, neighborhood apps, nextdoor, nextdoor app, Privacy, Scam, scams, targeted marketing, user awareness, user privacy

Credit to Author: Pieter Arntz| Date: Tue, 27 Aug 2019 16:35:31 +0000

The Nextdoor neighborhood app sends out snail mail letters to neighbors on behalf of its users. Is this a scam—or an ill-conceived marketing plan?

Categories:

Privacy

Tags: invitations marketing neighborhood neighborhood apps nextdoor nextdoor app privacy scam scams targeted marketing user awareness user privacy

MalwareBytes Security

Mobile Menace Monday: Android Trojan raises xHelper

August 26, 2019 0 Comments Android, android malware, Android/Trojan.Dropper.xHelper, mobile malware, Mobile Menace Monday, xHelper

Credit to Author: Nathan Collier| Date: Mon, 26 Aug 2019 19:04:13 +0000

Since its introduction in May 2019, the xHelper dropper, an Android Trojan, has climbed to our top 10 list of most detected mobile malware.

Categories:

Android

Tags: Android android malware Android/Trojan.Dropper.xHelper mobile malware mobile menace monday xHelper

MalwareBytes Security

A week in security (August 19 – 25)

August 26, 2019 0 Comments A week in security, AhMyth, APT, awis, Bitcoin sextortion, Bolik banking Trojan, crypomining, DEF CON 27, facebook, facebook hoax, Fortnite, Google, hong kong, Instagram hoax, Key Negotiation of Bluetooth, KNOB attack, Magecart, misinformation, NordVPN, Ransomware, recap, Security Service of Ukraine, Sodinokibi, spyware, Syrk ransomware, twitter, Valve Corporation, week in security, weekly blog roundup, youtube, Yuzhnoukrainsk

Credit to Author: Malwarebytes Labs| Date: Mon, 26 Aug 2019 15:38:39 +0000

A roundup of the latest cybersecurity news for the week of August 19–25, including Magecart attacks on poker software, a new Bluetooth vulnerability, continuing ransomware attacks on US cities, Bitcoin sextortion, and a look back at one researcher’s DEF CON experience.

Categories:

A week in security

Tags: AhMyth APT awis Bitcoin sextortion Bolik banking Trojan crypomining DEF CON 27 facebook facebook hoax fortnite Google hong kong Instagram hoax Key Negotiation of Bluetooth KNOB attack Magecart misinformation NordVPN ransomware recap Security Service of Ukraine Sodinokibi spyware Syrk ransomware twitter Valve Corporation week in security weekly blog roundup youtube Yuzhnoukrainsk

(Read more…)

The post A week in security (August 19 – 25) appeared first on Malwarebytes Labs.

MalwareBytes Security

Ransomware continues assault against cities and businesses

August 23, 2019 0 Comments attack, backup, critical infrastructure, emotet, Florida, local government organisation, locked out, Louisiana, ransom, Ransomware, robinhood, ryuk, Ryuk ransomware, samsam ransomware, Texas, trickbot

Credit to Author: Christopher Boyd| Date: Fri, 23 Aug 2019 15:00:50 +0000

We take a look at the current chaos faced by local governments across the US, as ransomware continues to snap at its cities’ heels.

Categories:

Ransomware

Tags: attack backup critical infrastructure emotet Florida local government organisation locked out louisiana ransom ransomware robinhood ryuk Ryuk ransomware samsam ransomware texas trickbot

MalwareBytes Security

The lucrative business of Bitcoin sextortion scams

August 22, 2019 0 Comments 163qcNngcPxk7njkBGU3GGtxdhi74ycqzk, 3HXdb3HAw1wVzU9b7ZSigvGaStd8KoZ3zJ, bitcoin, Bitcoin sextortion, blackmail, Digital Shadows, EFF, Electronic Frontier Foundation, scams, sextortion email, sextortion scams

Credit to Author: Threat Intelligence Team| Date: Thu, 22 Aug 2019 15:00:00 +0000

Sextortion scams are back on the radar, and many say they’re on the uptick. We investigate an email campaign to see how lucrative the business of sextortion can be.

Categories:

Scams

Tags: 163qcNngcPxk7njkBGU3GGtxdhi74ycqzk 3HXdb3HAw1wVzU9b7ZSigvGaStd8KoZ3zJ bitcoin Bitcoin sextortion blackmail Digital Shadows EFF Electronic Frontier Foundation scams sextortion email sextortion scams

(Read more…)

The post The lucrative business of Bitcoin sextortion scams appeared first on Malwarebytes Labs.

MalwareBytes Security

Bluetooth vulnerability can be exploited in Key Negotiation of Bluetooth (KNOB) attacks

August 21, 2019 0 Comments Apple, Awareness, blackberry, bluetooth, Cisco, CVE-2019-9506, iOS, Key Negotiation of Bluetooth, KNOB attack, MacOS, man-in-the-middle attack, Microsoft, MITM, ret hat, watchOS, Windows

Credit to Author: Jovi Umawing| Date: Wed, 21 Aug 2019 15:56:45 +0000

Researchers called it KNOB, a clever attack against the firmware of a Bluetooth chip that can allow hackers to successfully hijack paired devices and steal their sensitive data. Are users at risk?

Categories: