Category: MalwareBytes

FBI confirms Barracuda patch is not effective for exploited ESG appliances
30
Aug
2023

FBI confirms Barracuda patch is not effective for exploited ESG appliances

The FBI repeats the warning by Barracuda that all ESG appliances should immediately be replaced because the patch was ineffective….

A week in security (August 21 - August 27)
29
Aug
2023

A week in security (August 21 – August 27)

Last week on Malwarebytes Labs: Teenage members of Lapsus$ ransomware gang convicted Update now! Google Chrome’s first weekly update has…

2.6 million DuoLingo users have scraped data released
29
Aug
2023

2.6 million DuoLingo users have scraped data released

Using an openly available API, cybercrimnals were able to scrape the data of 2.6 million DuoLingo users. An unknown party…

Google strengthens its Workplace suite protection
29
Aug
2023

Google strengthens its Workplace suite protection

We take a look at how Google is strengthening protections across its Workplace products, and Gmail in particular. Google has…

Smart lightbulb and app vulnerability puts your Wi-Fi password at risk
26
Aug
2023

Smart lightbulb and app vulnerability puts your Wi-Fi password at risk

We take a look at reports that a smart lightbulb and app vulnerability could potentially put your Wi-Fi password at…

Update now! Google Chrome's first weekly update has arrived
26
Aug
2023

Update now! Google Chrome’s first weekly update has arrived

The first of Chrome’s now weekly security updates fixes five vulnerabilities. Google has published details about the first weekly update…

Teenage members of Lapsus$ ransomware gang convicted
26
Aug
2023

Teenage members of Lapsus$ ransomware gang convicted

A wave of video game developer compromises has come to a court-based conclusion for those responsible, with several convictions the…

Malwarebytes acquires Cyrus Security
25
Aug
2023

Malwarebytes acquires Cyrus Security

Cybersecurity isn’t limited to defending against malware anymore; it’s about ensuring your entire digital identity remains unscathed and your private…

Adobe ColdFusion vulnerability exploited in the wild
24
Aug
2023

Adobe ColdFusion vulnerability exploited in the wild

A second Adobe ColdFusion vulnerability that was patched in April has been added to CISA’s known exploited vulnerabilities catalog. The…

DarkGate reloaded via malvertising and SEO poisoning campaigns
24
Aug
2023

DarkGate reloaded via malvertising and SEO poisoning campaigns

The new version of the DarkGate malware is currently actively being distributed via malspam, malicious ads and SEO poisoning. In July…

Ivanti Sentry critical vulnerability—don't play dice, patch
24
Aug
2023

Ivanti Sentry critical vulnerability—don’t play dice, patch

There is some uncertainty about whether a vulnerability in Ivanti Sentry is being exploited in the wild, but why take…

Update now! WinRAR files can be abused to run malware
23
Aug
2023

Update now! WinRAR files can be abused to run malware

A new version of WinRAR is available that patches two vulnerabilities attackers could use for remote code execution. A new…