A history of ransomware: How did it get this far?
Today’s ransomware is the scourge of many organizations. But where did it start? If we define ransomware as malware that encrypts files to extort the…
Category: MalwareBytes
How Microsoft’s highly secure environment was breached
An investigation by Microsoft has finally revealed how China-based hackers circumvented its “highly isolated and restricted production environment” in May 2023. An investigation by Microsoft…
FreeWorld ransomware attacks MSSQL—get your databases off the Internet
A attack that uses a database as an entry point to a network reminds us that you should never expose your databases to the Internet.…
Smart chastity device exposes sensitive user data
We take a look at reports of an IoT chastity cage device which is exposing user data. A security breach or piece of inadvertent exposure…
X wants your biometric data
We take a look at plans to voluntarily upload identification to X, the site formerly known as Twitter. Users of X (formerly Twitter) paying for…
Mac users targeted in new malvertising campaign delivering Atomic Stealer
While malvertising delivering infostealers has largely been a Windows problem, Mac users are getting targeted as well. Summary Malicious ads for Google searches are targeting…
Password-stealing Chrome extension smuggled on to Web Store
Chrome browser extensions can steal passwords from the text input fields in websites, despite Chrome’s latest security and privacy standard, Manifest V3. Researchers at the…
Supply chain related security risks, and how to protect against them
We take a look at the importance of supply chain cybersecurity and share some tips to enhance it. By definition, a supply chain is the…
A firsthand perspective on the recent LinkedIn account takeover campaign
It started with a password reset email in the middle of the night. Not long ago I wrote about a recent campaign to hold LinkedIn…
Victim records deleted after spyware vendor compromised
We take a look at another compromise of a mobile spyware app maker, and ask whether this action comes with hidden danger. Anonymous hackers have…
Qakbot botnet infrastructure suffers major takedown
The Qakbot botnet has suffered a major setback after its infrastructure was heavily disrupted by US and European law enforcement agencies. The Qakbot botnet has…
Prompt injection could be the SQL injection of the future, warns NCSC
The NCSC has warned about integrating LLMs into your own services or platforms. Prompt injection and data poisoning are just some of the risks. The…