Clik here to view.
Chrome’s Stored Passwords
An oddity in Google’s Chrome allows you to reveal stored passwords saved by the popular browser. Software developer Elliot Kember came across this while importing his Safari browser settings and...
View ArticleClik here to view.
vBulletin team denies claim of new zero-day in its forum software
A security breach involving the makers of the popular forum software vBulletin was announced late last week. According to their statement, hackers were able to access customers data including...
View ArticleClik here to view.
Gmail Security Flaw Allows for Password Theft
Security researcher Oren Hafif recently uncovered a vulnerability that tricks Gmail users into giving away their passwords. Walking through the Account Recovery process found at...
View ArticleClik here to view.
Compromised user accounts posted on Pastebin
Proof is a key component to hacking and some hackers have been taking to Pastebin to share their spoils. A recent study by Information Security Company High-Tech Bridge discovered over 300,000...
View ArticleBe Still My Bleeding Heart! Q&A on the HeartBleed Bug
What is it? It’s a bug in the method a server and you use to secure your communications back and forth. It is present when you see the little padlock in your browser and the URL begins with HTTPS....
View ArticleClik here to view.
Senpai has noticed me (and swiped my login)
Users of popular Manga site Mangatrader(dot)com are faced with the news that their account information has potentially been shared out to the wider world thanks to a hack over the last day or so. As...
View ArticleClik here to view.
Latest Celeb Media Hack Leads to Potential Scam, PUP
As you may have already seen in the news, Jennifer Lawrence, Rihanna, and Kate Upton were just a few of the latest A-list celebrities that got hacked and their private images and videos leaked to the...
View ArticleMassive “Gmail Credentials” Dump Posted Online
Another day, another large haul of logins posted to the web. While the linked article sounds a bit scary with mentions of a “big security breach” for Gmail, that isn’t the case here and there’s no need...
View ArticleClik here to view.
The Password and You
Everyone who uses a computer knows the importance of passwords. In several ways, these small textual nuggets have become the keys to much of our lives, if not all our digital lives. But even if you...
View ArticleLastPass Security Notice Issued
Way back in 2011, LastPass had a bit of a security wobble as they noticed a “Network traffic anomaly” on one of their non critical machines. They took appropriate action, and posted an awful lot of...
View ArticleClik here to view.
You’ve Won the Lottery! Hand Over Your Passwords
It’s lottery time, though I fear anybody taking part will be handing over things far more valuable than anything they might receive. megamillionsclaims(dot)tk claims to be “Mega Millions”, dispensing...
View ArticleClik here to view.
Elusive HanJuan EK Drops New Tinba Version (updated)
Update 07/03/15: AdFly contacted us and we are publishing their statement below: We are sorry for the inconvenience but this is something AdFly is obviously not letting happen on purpose. We count with...
View Article“Turn off your Two Factor Authentication…”
Going on holiday can cause headaches for people making use of two factor authentication – perhaps some of you reading this now are already familiar with the “I can’t receive SMS while overseas, may as...
View ArticleClik here to view.
An iCloud scam that may be worse than ransomware
Ransomware – malicious software that encrypts your files and then demands payment to unlock them – has become a major scourge of the Windows world. Mac users just had their first brush with such...
View ArticleClik here to view.
Avoid: “I just hacked my friend’s account” Twitter spam
We’re seeing references to a website which claims to let visitors hack Twitter feeds of their choosing. It is, of course, all highly technical and they can’t possibly reveal the secrets of how they do...
View ArticleClik here to view.
Amazon third party sellers: A new threat
On Monday, the Wall Street Journal reported a wave of hijacked Amazon seller accounts that proceeded to fleece buyers for large sums of money. As reported here, attackers would use credentials...
View ArticleIs FIDO the future instrument to prove our identity?
FIDO, short for Fast IDentity Online, is an industry consortium started in 2013 to address the lack of interoperability among strong authentication devices and the problems users face creating and...
View ArticleA week in security (August 12 – 18)
Last week on Malwarebytes Labs, we took a look at the potential pitfalls of facial recognition technology, looked at ways domestic abuse survivors can secure their data, and explored the education...
View Article5 simple steps to securing your remote employees
As remote working has become standard practice, employees are working from anywhere and using any device they can to get the job done. That means repeated connections to unsecured public Wi-Fi...
View ArticleA week in security (October 14 – 20)
Last week on Malwarebytes Labs, we tried to unlock the future of the password (its vulnerabilities, current alternatives, and possible future disappearance), analyzed the lagging response by many...
View Article
