A week in security (December 11 – December 17)

Posted: December 18, 2017 by Malwarebytes Labs Last updated: January 15, 2018 Last week we explained what fast flux is and how it’s being abused, we showed you all kinds of Bitcoin-related scams, presented a video recording of a tech support scammer trying to sell free software, and pointed out some free software to keep an … Read moreA week in security (December 11 – December 17)

Meltdown and Spectre: what you need to know

UPDATE (as of 1/12/18): Several vendors have produced patches for Meltdown and Spectre, however performance problems dog the fixes. Details on the patches were published here. UPDATE (as of 1/04/18): Since the Malwarebytes Database Update 1.0.3624, all Malwarebytes users are able to receive the Microsoft patch to mitigate Meltdown. If you’ve been keeping up with computer news over … Read moreMeltdown and Spectre: what you need to know

A week in security (January 1 – January 7)

Posted: January 9, 2018 by Malwarebytes Labs Last updated: January 15, 2018 New year, new threats, as 2018 gets underway. On our blog, we had dubious searches aplenty for those hunting for Malwarebytes information, and we also covered the huge Meltdown/Spectre bug, affecting hardware going back to 10 years. Other news Coin miners are at … Read moreA week in security (January 1 – January 7)

Of princes and perpetrators: Beware of getting ensnared in 419 scams

We’ve mentioned before that 419 scams don’t always originate from Nigeria. It’s a very simple and popular scam that can be attempted by pretty much anyone with a flair for social engineering. Indeed, 419 scams are so associated with the region that many scammers in non-Nigerian countries know they have an additional layer of “It … Read moreOf princes and perpetrators: Beware of getting ensnared in 419 scams

Meltdown and Spectre fallout: patching problems persist

Posted: January 11, 2018 by Jérôme Boursier Last updated: January 14, 2018 Last week, the disclosure by multiple teams from Graz and Pennsylvania University, Rambus, Data61, Cyberus Technology, and Google Project Zero of vulnerabilities under the aliases Meltdown and Spectre rocked the security world, sending vendors scurrying to create patches, if at all possible, and … Read moreMeltdown and Spectre fallout: patching problems persist

Alleged creator of Fruitfly indicted for 13 years of spying

Posted: January 12, 2018 by Malwarebytes Labs Way back at the start of last year, we took a look at something called Fruitfly, a Mac backdoor using old code that had been around for a long time and could (deep breath) upload files to computers, record images and video, snoop around in victims’ information, take screenshots, … Read moreAlleged creator of Fruitfly indicted for 13 years of spying

WPA3 will secure Wi-Fi connections in four significant ways in 2018

CES, the annual consumer electronics extravaganza in Las Vegas, isn’t just a showcase for virtual reality and poorly-timed power outages. It’s also an opportunity to get a peek at the future of network security. That’s why on the first day of CES, the Wi-Fi Alliance announced the newest security protocol for Wi-Fi devices: WPA3. The … Read moreWPA3 will secure Wi-Fi connections in four significant ways in 2018

Fake Spectre and Meltdown patch pushes Smoke Loader malware

The Meltdown and Spectre bugs have generated a lot of media attention, and users have been urged to update their machines with fixes made available by various vendors. While some patches have created more issues than they fixed, we came across a particular one targeted at German users that actually is malware. In fact, German … Read moreFake Spectre and Meltdown patch pushes Smoke Loader malware

A week in security (January 8 – January 14)

Posted: January 15, 2018 by Malwarebytes Labs It’s very early in the year, yet everyone has already had a complete meltdown (pun intended) over a number of serious vulnerabilities found in legacy and modern microprocessors. Last week, rightly so, vendors released patches for hardware and OSes to help mitigate these threats. However, problems in patching persisted. … Read moreA week in security (January 8 – January 14)