Laws, lawsuits, and privacy.

Phishing emails abuse Windows search protocol to push malicious scripts

A new phishing campaign uses HTML attachments that abuse the Windows search protocol (search-ms URI) to push batch files hosted on remote servers that deliver malware. […] Read More 

A week in security (July 8 – July 14)

Last week on Malwarebytes Labs:

“Nearly all” AT&T customers had phone records stolen in new data breach disclosure

Fake Microsoft Teams for Mac delivers Atomic Stealer

Dangerous monitoring tool mSpy suffers data breach, exposes customer details

iPhone users in 98 countries warned about spyware by Apple

Peloton accused of providing customer chat data to train AI

Ticketmaster says stolen Taylor Swift Eras Tour tickets are useless

Shopify says stolen customer data was taken in third-party breach

“RockYou2024”: Nearly 10 billion passwords leaked online

Last week on ThreatDown:

Watch out for CRYSTALRAY, an open source aficionado with a hunger for crypto

Credential Dumping: How ransomware gangs steal login data and how to detect it

WorkersDevBackdoor and MadMxShell converge in malvertising campaigns

How the world’s worst ransomware gang avoids detection

Patch now! July Patch Tuesday fixes two actively exploited vulnerabilities

South Africa’s NHLS is recovering from a ransomware attack quickly, it just doesn’t feel that way

Alabama State Department of Education stops ransomware attack but the assault on US education continues

Stay safe!

Our business solutions remove all remnants of ransomware and prevent you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.

Summer mega sale

Go into your vacation knowing you’re much more secure: This summer you can get a huge 50% off a Malwarebytes Standard subscription or Malwarebytes Identity bundle. Run, don’t walk!

 Read More