Categories: News Tags: Microsoft Tags: USB stick Tags: tech support scam Tags: scammers Tags: Office 365 Tags: fake Tags: phone call We take a look at a Microsoft warning related to tech support scammers sending out bogus USB sticks in the mail. |
The post Tech support scammers target Microsoft users with fake Office 365 USB sticks appeared first on Malwarebytes Labs.
Read moreCategories: Explained Categories: News Tags: Steganography Tags: encryption Tags: least significant bits Tags: rgb Tags: masking Tags: palette-based Tags: lossy Tags: compression Tags: cropping Steganography is the prime example of hiding something in plain sight. We look at the basics, some methods, and the hurdles of hiding messages in images. |
The post Explained: Steganography appeared first on Malwarebytes Labs.
Read moreCategories: News Categories: Privacy Tags: Krause Tags: inappbrowser.com Tags: Meta Tags: Facebook Tags: Instagram Tags: TikTok A developer and privacy expert created a platform that allows iOS users to see injected JavaScript in their in-app browsers |
The post Spying on the spies. See what JavaScript commands get injected by in-app browsers appeared first on Malwarebytes Labs.
Read moreCategories: Exploits and vulnerabilities Categories: News Tags: macOS Tags: iOS Tags: CVE-2022-32894 Tags: CVE-2022-32893 Tags: kernel privileges Tags: WebKit Tags: actively exploited Tags: watering hole Tags: exploit kit Apple has released emergency security updates to fix two zero-day vulnerabilities previously exploited by attackers to hack iPhones, iPads, or Macs. |
The post Urgent update for macOS and iOS! Two actively exploited zero-days fixed appeared first on Malwarebytes Labs.
Read moreCategories: News Categories: Social engineering Not all phishing campaigns are after your bank details. In the case of the Twilio breach, attackers were after three particular Signal accounts. |
The post Nearly 2,000 Signal users affected by Twilio phishing attack appeared first on Malwarebytes Labs.
Read moreCategories: Exploits and vulnerabilities Categories: News Tags: 104.0.5112.101 Tags: Google Tags: Chrome Tags: CVE-2022-2852 Tags: CVE-2022-2856 Tags: CVE-2022-2854 Tags: CVE-2022-2853 Tags: UAF Tags: heap buffer overflow Google issued an update that includes 11 security fixes. One of the vulnerabilities is labeled as “Critical” and one of the vulnerabilities that is labeled as “High” exists in the wild. |
The post Update Chrome now! Google issues patch for zero day spotted in the wild appeared first on Malwarebytes Labs.
Read moreCategories: News Categories: Ransomware Tags: ransomware Tags: Clop Tags: Thames Water Tags: hoax Tags: South Staffs Water Tags: vital infrastructure The Clop ransomware gang made a mistake in identifying who exactly their victim was, but they got it right in the end |
The post Ransomwater confusion, does the criminal know who the victim is? appeared first on Malwarebytes Labs.
Read moreCategories: Exploits and vulnerabilities Categories: News Tags: Zimbra Tags: ZVS Tags: cve-2022-27925 Tags: web shell Tags: cve-2022-37042 Tags: authentication Tags: RCE Researchers found that a known RCE vulnerability in Zimbra Collaboration was chained with a new authentication vulnerability to drop backdoor web shells on thousands of servers |
The post [updated] Thousands of Zimbra mail servers backdoored in large scale attack appeared first on Malwarebytes Labs.
Read moreCategories: News Categories: Ransomware Tags: Zeppelin Tags: ransomware Tags: RDP Tags: Sonicwall Tags: phishing Tags: malvertising Tags: backups Tags: authentication Tags: mfa Tags: patching Tags: EDR The FBI and CISA have issued a joint Cybersecurity Advisory (CSA) to raise awareness about Zeppelin ransomware |
The post CISA and FBI issue alert about Zeppelin ransomware appeared first on Malwarebytes Labs.
Read moreCategories: A week in security Categories: News The most important and interesting computer security stories from the last week. |
The post A week in security (August 8 – August 14) appeared first on Malwarebytes Labs.
Read more