Phishing campaign goes old school, dusts off Morse code

Sometimes new technology just doesn’t get the job done.

Read more

Edge’s Super Duper Secure Mode benchmarked: How much speed would you trade for security?

The Microsoft Edge browser’s Super Duper Secure Mode makes it more secure but slower. We measured how much greater security will cost you.

Read more

Falsifying and weaponizing certified PDFs

Certified PDFs are supposed to control modifications so that recipients know they haven’t been tampered with. It doesn’t always work.

Read more

Update your Chrome again as Google patches second zero-day in two weeks

Google has patched its second Chrome zero-day in two weeks. Users are urgently advised to update their browser.

Read more

Rocket Loader skimmer impersonates CloudFlare library in clever scheme

URLs can be deceiving, but the one used to mimic CloudFlare’s Rocket Loader in the latest Magecart attack takes it to a whole new level.

Read more

Domen toolkit gets back to work with new malvertising campaign

We describe the latest malvertising campaign that uses Domen, an advanced social engineering toolkit.

Read more

Magecart Group 4: A link with Cobalt Group?

Malwarebytes threat intel partnered with security firm HYAS to connect the dots between Magecart Group 4 and the advanced threat group Cobalt.

Read more

Magecart criminals caught stealing with their poker face on

This blog post details the curious case of a web skimmer encountered in a poker application.

Read more

A week in security (June 24 – 30)

A roundup of cybersecurity news from June 24–30, including top malicious web campaigns, updates on the GreenFlash Sundown exploit, a Malwarebytes initiative to double down on stalkerware detection and awareness, and more.

Read more

Google logins: JavaScript now required

Google now requires users to enable JavaScript before logging in for extra security measures. But wait, hasn’t JavaScript been used in cyberattacks? We take a look at the impact of Google’s decision.

Read more

Select your language