IoT cybersecurity bill passed by Senate

Days before taking a week-long Thanksgiving recess, the US Senate passed an almost mundane cybersecurity bill that, if approved by the President, will improve security guidelines and protocols for Internet of Things (IoT) devices purchased and owned by the Federal government. The bill, called the Internet of Things Cybersecurity Improvement...

16m

Spotify resets some user logins after hacker database found floating online

A team of researchers working for vpnMentor has found a treasure trove in the form of an unsecured Elasticsearch database containing over 380 million records. The trove contained login credentials and other data belonging to Spotify users. So what’s Spotify doing leaving its user data hanging around on an unsecured database? Answer: It’s...

19h

Apple security hampers detection of unwanted programs

Anyone who uses Malwarebytes software is probably familiar with the fact that, in addition to things like malware and adware, Malwarebytes detects potentially unwanted programs (PUPs). These are programs that exhibit a variety of unsavory behaviors, but that, for legal reasons, cannot be called malware. PUP (n): a program that may include advertising,...

1d

Looks like we’re stuck with Zoom: Is it any safer?

Earlier this month, Zoom’s stock price took a dive on news of two promising COVID vaccines offering over 90 percent effectiveness against the virus (a third vaccine was just announced). That’s nice. Glad to know some people think this nightmare is ending soon and we’ll all go back to the office and the classroom. But our ability to walk into...

1d

Lock and Code S1Ep20: Tracking the charities that track you online with Chris Boyd

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Chris Boyd, lead malware intelligence analyst for Malwarebytes, about charity organizations and online ad tracking. Though many might assume that these two topics have no overlap, they absolutely do. ...

1d

Black Friday 2020: How to shop safely online

Black Friday 2020 promises to be somewhat different from years gone by thanks to COVID-19. The annual surge of in-store chaos and trolley dashes isn’t compatible with social distancing, and so retailers will be looking to drive shoppers online. Friday 27th November is when things kick off this year, and yet some aspects will be radically...

5d

Demystifying two common misconceptions with e-commerce security

Online shopping has seen a dramatic increase in the months following the Covid-19 outbreak as more and more people opt-out of visiting physical stores. Such a phenomenon does not go unnoticed or without additional consequences. During the same time period, we have seen an increase in the usual scams but also digital skimming, the online equivalent of...

5d

IoT forecast: Running antivirus on your smart device?

In 2016, threat actors pulled off a basic but devastating botnet attack that harnessed the power of the Internet of Things (IoT). After gathering a list of 61 default username and password combinations for IoT devices, threat actors scanned the Internet for open Telnet ports and, when they found a vulnerable device, gained entry, eventually...

6d

Chris Krebs, director of Cybersecurity and Infrastructure Security Agency, fired by President

On Tuesday evening, President Donald Trump fired Chris Krebs, director of the Cybersecurity and Infrastructure Security Agency (CISA), just days after CISA called the recent presidential election the “most secure in American history.” In a tweet posted the same day, the President justified his removal of Krebs: “The recent statement by...

1w

WebNavigator Chromium browser published by search hijackers

A mystery Chromium browser recently made a sudden appearance, and is certainly proving popular. But what is it, and where did it come from? Malwarebytes detects the browser as PUP.Optional.WebNavigator, and we found several clues that this browser was brought to you by a notorious family of search hijackers. That family isn’t new to us—we...

2w