When Daniel
Bohannon released his excellent DOSfuscation
paper, I was fascinated to see how tricks I used as a systems engineer
could help attackers evade detection. I didn’t have much to contribute
to this conversation until I had to analyze a…
 |
|
| In this web skimming match between two Magecart groups, there can only be one winner.
Categories: Tags: brasilcredit cardexfiltrationhackJSONMagecartRiskIQskimmingumbroweb |
The post Web skimmers compete in Umbro Brasil hack appeared first on Malwarebytes Labs.
This is why you should always think twice before opening innocent looking email attachments, especially word and pdf files.
Cybersecurity researchers at Cisco Talos have once again discovered multiple critical security vulnerabilities in the Atlantis …
 |
|
| Consumer DNA testing kits were a top holiday present last season, and are expected to be big sellers again. But should you think twice before hitting the buy button? What’s really happening with all your genetic data? We take a deep dive into all the areas of concern—plus what the testing companies are getting right—when it comes to the security of your DNA and the privacy of your sensitive personal information.
Categories: Tags: data storagednagenetic datagenetic infoGINAPIIprivacyprivacy policy |
The post What DNA testing kit companies are really doing with your data appeared first on Malwarebytes Labs.
It seems as though not a day goes by without a new story breaking about a high-level cyber attack on a major corporation or national government.
Hackers are becoming increasingly adept at breaking through a variety of super-secure firewalls, and they’…
Two hackers have been sent to prison for their roles in hacking TalkTalk, one of the biggest UK-based telecommunications company, in 2015 and stealing personal information, banking, and credit card details belonging to more than 156,000 customers.
Mat…
Microsoft Windows – DfMarshal Unsafe Unmarshaling Privilege Escalation
MacOS 10.13 – ‘workq_kernreturn’ Denial of Service (PoC)
Ticketly 1.0 – Cross-Site Request Forgery (Add Admin)
Introduction
FireEye devices detected
intrusion attempts against multiple industries, including think
tank, law enforcement, media, U.S. military, imagery,
transportation, pharmaceutical, national government, and defense
contracting. Th…
 |
|
| A roundup of security news from November 12 to 18, including TrickBot, smart jewelry, Secret Sisters scam, and the compromise of air traffic control.
Categories: Tags: a week in securityair traffic controlbusiness automationchristmas threatscryptocurrency scamshijackrecapsecret sister scamsmart jewelry privacysmart jewelry securitytrickbotweekly blog roundup |
The post A week in security (November 12 – 18) appeared first on Malwarebytes Labs.
|
|
| A roundup of security news from November 12 to 18, including TrickBot, smart jewelry, Secret Sisters scam, and the compromise of air traffic control.
Categories: Tags: a week in securityair traffic controlbusiness automationchristmas threatscryptocurrency scamshijackrecapsecret sister scamsmart jewelry privacysmart jewelry securitytrickbotweekly blog roundup |
The post A week in security (November 12 – 18) appeared first on Malwarebytes Labs.
 |
|
| Recently released court documents show European-based cinema chain Pathé lost a small fortune to a business email compromise (BEC) scam in March 2018. The attack cost the company $21.5 million—that’s 10 percent of its total earnings. Learn how to avoid BEC scams and keep your company in the black.
Categories: Tags: 2faauthenticationbecBusiness Email CompromiseCEOCFOmfapathephishscamtwo-factor authentication |
The post Business email compromise scam costs Pathé $21.5 million appeared first on Malwarebytes Labs.
Instagram has recently patched a security issue in its website that might have accidentally exposed some of its users’ passwords in plain text.
The company recently started notifying affected users of a security bug that resides in a newly offered fea…
Type: Case StudiesCategory:Risk ManagementInformation SecurityFor an innovative manufacturing company like McLaren Group, nothing compares to speed. As McLaren’s security partner, we understand how vanishing perimeters and exponential data growth can …
