This week on the Lock and Code podcast… “Heidi” is a 36-year-old, San Francisco-born, divorced activist who is lonely, outspoken, and active on social media. “Jason” is a shy, bilingual teenager whose parents immigrated from Ecuador who likes anime, gaming, comic books, and hiking. Neither of them is real. Both are supposed to fight crime. […]
The AI chatbot cop squad is here (Lock and Code S06E09) Leggi tutto »
Last week on Malwarebytes Labs: On world password day, Microsoft says fewer passwords, more passkeys Apple AirPlay SDK devices at risk of takeover—make sure you update The 3 biggest cybersecurity threats to small businesses Zero-day attacks on browsers and smartphones drop, says Google Fake Social Security Statement emails trick users into installing remote tool Digital
A week in security (April 27 – May 3) Leggi tutto »
And we agree. If there is a cybersecurity themed day that we would like to get rid as soon as possible it’s world password day. Sorry, old friend, but you’re outdated, and it looks like your days are numbered. Let’s switch to passkeys. To quote Microsoft: “As the world shifts from passwords to passkeys, we’re
On world password day, Microsoft says fewer passwords, more passkeys Leggi tutto »
Researchers found a set of vulnerabilities in Apple’s AirPlay SDK that put billions of users at risk of their devices being taking over. AirPlay is Apple’s proprietary wireless technology that allows you to stream audio, video, photos, and even mirror your device’s screen from an iPhone, iPad, or Mac to other compatible devices like Apple
Apple AirPlay SDK devices at risk of takeover—make sure you update Leggi tutto »
In an online world filled with extraordinarily sophisticated cyberattacks—including organized assaults on software supply chains, state-directed exploitations of undiscovered vulnerabilities, and the novel and malicious use of artificial intelligence (AI)—small businesses are forced to prioritize a different type of cyberattack: The type that gets through. Without robust IT budgets or fully staffed cybersecurity departments, small
The 3 biggest cybersecurity threats to small businesses Leggi tutto »
Cybercriminals are having less success targeting end-user technology with zero-day attacks, said Google’s security team this week. While most attacks do still target personal technology like smartphones and browsers, the focus is moving increasingly to enterprise tech. Zero-day vulnerabilities are those that are exploited before vendors have a chance to patch them – and often
Zero-day attacks on browsers and smartphones drop, says Google Leggi tutto »
Fake emails pretending to come from the US Social Security Administration (SSA) try to get targets to install ScreenConnect, a remote access tool. This campaign was flagged and investigated by the Malwarebytes Customer Support and Research teams. ScreenConnect, formerly known as ConnectWise Control, is a remote support and remote access platform widely used by businesses
Fake Social Security Statement emails trick users into installing remote tool Leggi tutto »
A former Disney employee, Michael Scheuer, will serve three years in prison for computer fraud and aggravated identity theft after a digital sabotage campaign against his ex-employer. In addition to his sentence, he must pay nearly US$688,000 in restitution. Scheuer, a former menu production manager at Walt Disney World, launched his campaign after being fired
AI search service Perplexity AI doesn’t just want you using its app—it wants to take over your web browsing experience too. The company is planning to launch its own browser, called Comet, next month. But what does this mean for your privacy? Launched in 2022, Perplexity AI is an AI-powered search engine. It combines web
What privacy? Perplexity wants your data, builds browser to track you and serve ads Leggi tutto »
Unfortunately, spyware apps with poor reputations and even weaker security practices are all too common. I’ve lost count of how many blogs I’ve written about stalkerware-type apps that not only exposed the people they spied on but also ended up exposing the spies themselves. However, perhaps one would expect an employee monitoring app to be
Employee monitoring app exposes users, leaks 21+ million screenshots Leggi tutto »