Last week on Malwarebytes Labs: Gmail’s multi-factor authentication bypassed by hackers to pull off targeted attacks Thousands of private camera feeds found online. Make sure yours isn’t one of them Sextortion email scammers increase their “Hello pervert” money demands Many data brokers are failing to register with state consumer protection agencies Facial recognition: Where and […]
A week in security (June 23 – June 29) Leggi tutto »
On my daily rounds, I encountered a phishing attempt that used a not completely unusual, yet clever delivery method. What began as a seemingly routine DocuSign notification turned into a multi-layered deception involving Webflow, a shady redirect, and a legitimate Google login page. Webflow is a visual website builder that allows designers and developers to
Fake DocuSign email hides tricky phishing attempt Leggi tutto »
Cybercriminals are bypassing the guardrails that are supposed to keep AI models from carrying out criminal activities, according to researchers. We’ve seen the misuse of AI models by cybercriminals growing rapidly over the past several years, shaping a new era of digital threats. Early on, attackers focused on jailbreaking public AI chatbots, which meant they
Jailbroken AIs are helping cybercriminals to hone their craft Leggi tutto »
The “Do Not Call Registry” receives a lot of hate online for failing to do its job: Stop calls. “What’s the point of being on the Do Not Call list?” wrote one user on Reddit who shared a screenshot of ten declined phone calls received across one week. Though already registered with the Do Not
Why the Do Not Call Registry doesn’t work Leggi tutto »
Our remote team recently took a trip to our Estonian office. When we arrived from our various destinations, we started chatting about how our travel had been. Our senior privacy advocate, David Ruiz, mentioned that he’d opted out of facial recognition while at San Francisco International Airport. However, not everyone on the team knew this
Facial recognition: Where and how you can opt out Leggi tutto »
Hundreds of data brokers haven’t registered with state consumer protection agencies, according to The Electronic Frontier Foundation (EFF) and Privacy Rights Clearinghouse (PRC). There are different kinds of data brokers, but what they all have in common is that they gather personally identifiable information (PII) from publicly available data, datasets stolen in cybercrimes, and other places.
Many data brokers are failing to register with state consumer protection agencies Leggi tutto »
Every so often the sextortion emails that start with “Hello pervert” get a redesign. You may have received one yourself: The emails claim that the sender has been watching your online behavior and caught you red-handed doing activities that you would like to keep private. The email usually starts with “Hello pervert” and then goes
Sextortion email scammers increase their “Hello pervert” money demands Leggi tutto »
If you have internet-connected cameras in or around your home, be sure to check their settings. Researchers just discovered 40,000 of them serving up images of homes and businesses to the internet. Bitsight’s TRACE research team revealed the issue in a report released this month. The cameras were providing the images without any kind of
Thousands of private camera feeds found online. Make sure yours isn’t one of them Leggi tutto »
Russian hackers have bypassed Google’s multi-factor authentication (MFA) in Gmail to pull off targeted attacks, according to security researchers at Google Threat Intelligence Group (GTIG). The hackers pulled this off by posing as US Department of State officials in advanced social engineering attacks, building a rapport with the target and then persuading them into creating
Gmail’s multi-factor authentication bypassed by hackers to pull off targeted attacks Leggi tutto »
Last week on Malwarebytes Labs: The data on denying social media for kids (re-air) (Lock and Code S06E12) Reddit’s new AI-powered tools scan your posts to serve you better ads Smart air fryers ordered to stop invading our digital privacy WhatsApp to start targeting you with ads Scammers hijack websites of Bank of America, Netflix,
A week in security (June 15 – June 21) Leggi tutto »