A series of security errors and mishaps has cost personal loan provider OneMain $4.25m in penalties, issued by the New York State department of financial services. The fines, coming at the end of a detailed investigation into how security practices at the company were determined to be below-par, serve as a timely warning to other organisations. OneMain experienced “at least” three security incidents over three years, from 2018 to 2020. The business is a licensed lender and mortgage servicer and as SC Magazine notes, financial entities should adhere to a framework of security requirements. Thes ..read more

The US Cybersecurity and Infrastructure Security Agency (CISA) has an urgent message for US businesses: watch out for Volt Typhoon, a threat actor sponsored by the People’s Republic of China (PRC). The agency's joint Cybersecurity Advisory (CSA) published last week highlights a cluster of tactics, techniques, and procedures (TTPs) associated with the cyber actor—including their use of living off the land (LOTL) techniques. In this blog, we'll review Volt Typhoon, dig into how they evade detection, discuss CISA's protective recommendations, and see how Malwarebytes EDR can help eliminate such t ..read more

On May 20, Barracuda Networks issued a patch for a zero day vulnerability in its Email Security Gateway (ESG) appliance. The vulnerability existed in a module which initially screens the attachments of incoming emails, and was discovered on May 19. Barracuda's investigation showed that the vulnerability resulted in unauthorized access to a subset of email gateway appliances. A remote unauthenticated attacker could send a specially crafted archive to the appliance and execute arbitrary Perl commands on the target system. The affected versions of ESG are 5.1.3 - 9.2. Consequently ..read more

Last week on Malwarebytes Labs: Update now: 9 vulnerabilities impact Cisco Small Business Series ChatGPT: Cybersecurity friend or foe? Webinar recap: EDR vs MDR for business success Identity crisis: How an anti-porn crusade could jam the Internet, featuring Alec Muffett: Lock and Code S04E11 Malvertising via brand impersonation is back again Update now! Apple issues patches for three actively used zero-days Google to pay $40m for "deceptive and unfair" location tracking practices Employee guilty of joining ransomware attack on his own company AI generated Pentagon explosion photograph goes vi ..read more

WordPress plugins are under fire once more, and you’re advised to update your version of Beautiful Cookie Consent Banner as soon as possible. The plugin, which is installed on more than 40,000 sites, has been impacted by a “bizarre campaign”  being actively used since at least February 5 of this year. The plugin is designed to present users with a cookie banner “without loading any external resources from third parties”. Sadly the cookie has crumbled with a flaw leaving sites open to the possibility of rogue JavaScript abuse. The flaw was actually patched way back in January, but consider ..read more

On Friday May 19, 2023, the German arms producer Rheinmetall acknowledged a cyber-incident at one of it’s subsidiaries in the private sector. The BlackBasta ransomware group has already claimed responsibility for the attack through its leak-site. Entry for Rheinmetall on BlackBasta leak site Rheinmetall’s main activities are in the automobile industry and weapons manufacturing, and it descibes itself as one of the world’s largest manufacturers of military vehicles and ammunition. The company said the attack did not affect production in the arms division, but German media is reporting that the ..read more

We're excited to announce that our much-anticipated 4th edition of the Byte Into Security webinar series is right around the corner. Scheduled for May 31st at 10:00AM PST/1:00pm EST, this session is a goldmine for those facing the unique challenges of K-12 cybersecurity. The webinar is free, and you can register right now! We're bringing Logan Evans, Director of Information Systems at Coffee County Schools in Georgia, into conversation with Marcin Kleczynski, CEO of Malwarebytes. Together, they will explore the intricacies of maintaining robust cybersecurity for a rural school district with 75 ..read more

The Cybersecurity and Infrastructure Security Agency (CISA) has updated its #StopRansomware guide to account for the fact that ransomware actors have accelerated their tactics and techniques since the original guide was released in September of 2020. The #StopRansomware guide is set up as a one-stop resource to help organizations reduce the risk of ransomware incidents through best practices to detect, prevent, respond, and recover from them, including step-by-step approaches to address potential attacks. Specifically, the agency added: Recommendations for preventing common initial infection ..read more

Twitter’s recent changes to checkmark verification continue to cause chaos, this time in the realm of potentially dangerous misinformation. A checkmarked account claimed to show images of explosions close to important landmarks like the Pentagon. These images quickly went viral despite being AI generated and containing multiple overt errors for anyone looking at the supposed photographs. How did this happen? Until recently, the social media routine when an important news story breaks would be as follows: Something happens, and it’s reported on by verified accounts on Twitter This news filters ..read more

Google is going to pay $39.9 million to Washington State to put to rest a lawsuit about its location tracking practices which has been in play since last year. Google was accused of “misleading consumers” by State Attorney General Bob Ferguson. From the AG press release: Attorney General Bob Ferguson today announced Google will pay $39.9 million to Washington state as a result of his office’s lawsuit over misleading location tracking practices. Google will also implement a slate of court-ordered reforms to increase transparency about its location tracking settings. Ferguson’s lawsuit ag ..read more