Experts at Google’s Project Zero have once again shamed a security software company. This time Malwarebytes has become a ‘victim’.
Accroding to Project Zero, Malwarebytes security solution is not as much secure, because it is vulnerable to the Man-In-The-Middle attacks. But don’t worry, the company is already working on the fix.
MITM attacks are easy to initiate on the security software. The reason? Malwarebytes downloads updates without using encryption, thus allowing cyber crooks to replace original content of an update with an arbitrary code.
Original Source: Security Zap
View the full story here