Application Programming Interface (API) testing for PCI DSS compliance
This is the fourth blog in the series focused on PCI DSS, written by an AT&T Cybersecurity consultant. See the first blog relating to IAM and PCI DSS here. See the second blog on PCI DSS reporting details to ensure when contracting quarterly CDE tests here. The third blog on network and data flow diagrams for […]
VMware Releases Critical Patches for Workstation and Fusion Software
VMware has released updates to resolve multiple security flaws impacting its Workstation and Fusion software, the most critical of which could allow a local attacker to achieve code execution. The vulnerability, tracked as CVE-2023-20869 (CVSS score: 9.3), is described as a stack-based buffer-overflow vulnerability that resides in the functionality for sharing host Bluetooth devices with […]
GuLoader returns with a rotten shipment
GuLoader, a perennial favourite of email-based malware campaigns since 2019, has been seen in the wild once again. GuLoader is a downloader with a chequered history, dating back to somewhere around 2011 in various forms. Two years ago it was one of our most seen malspam attachments. Most popular attachments by tags in Malwarebytes email telemetry We also […]
Black Basta ransomware attacks Yellow Pages Canada
The Canadian Yellow Pages Group has confirmed it recently became victim of a cyberattack. The Black Basta ransomware group has claimed responsibility for this attack by posting about Yellow Pages on the “Basta News” leak site. When such a post shows up, it usually means that negotiations with the victim have stopped and that the ransomware group […]
Lazarus Subgroup Targeting Apple Devices with New RustBucket macOS Malware
A financially-motivated North Korean threat actor is suspected to be behind a new Apple macOS malware strain called RustBucket. “[RustBucket] communicates with command and control (C2) servers to download and execute various payloads,” Jamf Threat Labs researchers Ferdous Saljooki and Jaron Bradley said in a technical report published last week. The Apple device management company attributed it
Improving your bottom line with cybersecurity top of mind
In times of economic downturn, companies may become reactive in their approach to cybersecurity management, prioritizing staying afloat over investing in proactive cybersecurity measures. However, it’s essential to recognize that cybersecurity is a valuable investment in your company’s security and stability. Taking necessary precautions against cybercrime can help prevent massive losses and protect your business’s […]
Google Authenticator App Gets Cloud Backup Feature for TOTP Codes
Search giant Google on Monday unveiled a major update to its 12-year-old Authenticator app for Android and iOS with an account synchronization option that allows users to back up their time-based one-time passwords (TOTPs) codes to the cloud. “This change means users are better protected from lockout and that services can rely on users retaining access, increasing […]
Removing the human: When should AI be used in emotional crisis? Lock and Code S03E09
In January, a mental health nonprofit admitted that it had used Artificial Intelligence to help talk to people in distress. Prompted first by a user’s longing for personal improvement—and the difficulties involved in that journey—the AI tool generated a reply, which, with human intervention, could be sent verbatim in a chat box, or edited and fine-tuned to better […]
Adult content malvertising scheme leads to clickjacking
Malwarebytes’ researchers have found a malvertising scheme that leads to clickjacking. Clickjacking is a form of ad fraud which is also referred to as click fraud or click spam. It is a practice performed by certain dubious advertising networks, where they sometimes use automated programs—from simple to sophisticated bots and botnets—to interact with advertisements online. […]
Ransomware Hackers Using AuKill Tool to Disable EDR Software Using BYOVD Attack
Threat actors are employing a previously undocumented “defense evasion tool” dubbed AuKill that’s designed to disable endpoint detection and response (EDR) software by means of a Bring Your Own Vulnerable Driver (BYOVD) attack. “The AuKill tool abuses an outdated version of the driver used by version 16.32 of the Microsoft utility, Process Explorer, to disable EDR processes before […]