Android phones can be taken over remotely – update when you can
Android phones are vulnerable to attacks that could allow someone to takeover a device remotely without the device owner needing to do anything. Updates for…
Category: MalwareBytes
How IT teams can conduct a vulnerability assessment for third-party applications
Google Chrome, Adobe Acrobat Reader, TeamViewer, you name it—there’s no shortage of third-party apps that IT teams need to constantly check for vulnerabilities. But to…
Windows 10 gets its own extended security updates program
The day that Windows 10 machines will get their last security updates is set for October 14, 2025. So if you want to stay secure,…
Adobe Coldfusion vulnerability used in attacks on government servers
The Cybersecurity and Infrastructure Security Agency (CISA) put out a Cybersecurity Advisory (CSA) to alert government agencies about cybercriminals using a vulnerability in Adobe Coldfusion…
Roblox and Twitch provider Tipalti breached by ransomware
Accounting software provider Tipalti says it is investigating a claim by ransomware group ALPHV that they have gained access to Tipalti’s systems. Tipalti makes software…
23andMe says, er, actually some genetic and health data might have been accessed in recent breach
In October we reported that the data of as many as seven million 23andMe customers were for sale on criminal forums following a password attack…
Why a ransomware gang tattled on its victim, with Allan Liska: Lock and Code S04E24
This week on the Lock and Code podcast… Like the grade-school dweeb who reminds their teacher to assign tonight’s homework, or the power-tripping homeowner who…
Update your iPhones! Apple fixes two zero-days in iOS
Apple has released emergency security updates for iOS 17.1.2 and iPadOS 17.1.2 to patch for two zero-day vulnerabilities that may have been actively exploited. Apple…
Social media giants to testify over failing to protect kids
US senators have urgently invited the CEOs of five of the major social media giants to testify about their failure to protect children online. The…
Explained: Domain fronting | Malwarebytes
Domain fronting is a technique of using different domain names on the same HTTPS connection. Put simply, domain fronting hides your traffic when connecting to…
Will ChatGPT write ransomware? Yes.
This morning I decided to write some ransomware, and I asked ChatGPT to help. Not because I wanted to turn to a life of crime,…
Associated Press, ESPN, CBS among top sites serving fake virus alerts
ScamClub is a threat actor who’s been involved in malvertising activities since 2018. Chances are you probably ran into one of their online scams on…