Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2017-10-27 07:01:46 |
Traditional AV solutions shown ineffective in real-time global heat map (lien direct) |
It's no secret that antivirus technology (AV) has faced increased scrutiny in the tech industry for quite some time. One way to truly gauge the effectiveness of today's traditional AV solutions is by analyzing real-world data. So, we did just that.
Categories:
CEO announcements
Malwarebytes news
Tags: antivirusheat mapmarcin kleczynskiremediationremediation maptraditional antivirush
(Read more...)
|
|
|
|
|
2017-10-26 20:44:30 |
Please don\'t buy this: smart locks (lien direct) |
|
|
|
|
|
2017-10-25 23:12:05 |
Our computers, ourselves: digital vs. biological security (lien direct) |
People often wonder how computer and biological viruses are the same. We compare the two, and what our computers and bodies do to fight them-it's digital vs. biological security.
Categories:
101
FYI
Tags: bacteriaHIVimmunitymalwareMBAMvirus
(Read more...)
|
|
|
|
|
2017-10-25 20:29:25 |
When cybersecurity isn\'t all cyber: What does it really take to work in cybersecurity? (lien direct) |
Read more...)
|
|
|
|
|
2017-10-24 23:08:18 |
BadRabbit: a closer look at the new version of Petya/NotPetya (lien direct) |
BadRabbit, a new version of NotPetya, also has an infector allowing for lateral movements. However, unlike NotPetya, it does not use EternalBlue and uses a website to drop its payload. We take a closer look at this new ransomware variant.
Categories:
Malware
Threat analysis
Tags: badrabbit ransomwareNotPetyaNotPetya ransomwareransomware
(Read more...)
|
|
NotPetya
|
|
|
2017-10-24 21:53:05 |
BadRabbit ransomware strikes Eastern Europe (lien direct) |
A new strain of malware by the authors of NotPetya called the BadRabbit ransomware is spreading through Eastern Europe, offering a fake Flash update to drop the infection.
Categories:
Cybercrime
Malware
Tags: bad rabbitBadRabbitnot petyapetyaPetya ransomwareransomware
(Read more...)
|
|
NotPetya
|
|
|
2017-10-24 17:00:21 |
Digital forensics: How to recover deleted files (lien direct) |
What happens exactly when you delete a file, and how easy or hard is it to recover deleted files? Learn the differences between delete, erase, and overwrite according to digital forensics.
Categories:
Security world
Technology
Tags: deleteerasefile recoveryformatoverwriterecoverrecover deleted files
(Read more...)
|
|
|
|
|
2017-10-23 17:24:14 |
A week in security (October 16 – October 22) (lien direct) |
A compilation of notable security news and blog posts from Monday, October 16 to Sunday, October 22. We talked about adware and malware in Google Play, a ransomware exclusively targeting South Korea, BYOD, a new 419 scam, cyptocurrency mining, and more.
Categories:
Security world
Week in security
Tags: 419 scambyodcoinhiveculture of securitydynamic data exchangefake elmedia playerKRACKmagniberransomwarerecapweekly blog roundup
(Read more...)
|
|
|
|
|
2017-10-20 20:41:36 |
More trouble in Google Play land (lien direct) |
After our mobile security experts repeatedly discovered adware on several apps on the Google Play store, our friends at Symantec have unearthed at least eight malicious apps that are found capable of adding affected mobile devices to a botnet.
Categories:
Cybercrime
Mobile
Tags: Android/Backdoor.Clientor.funBotbotnetGoogle PlayMobilesockbot
(Read more...)
|
|
|
|
|
2017-10-20 16:55:38 |
Mac malware OSX.Proton strikes again (lien direct) |
The hackers responsible for the Mac malware OSX.Proton have struck again, this time infecting a copy of the Elmedia Player app.
Categories:
Cybercrime
Mac Cybercrime
(Read more...)
|
|
|
|
|
2017-10-19 18:00:48 |
How to create an intentional culture of security (lien direct) |
A culture of security in the workplace has always existed; it just may be unrecognized, weak, or inconsistent. How can businesses get employees to accept and champion an intentional culture of security? And why should they? We'll show you how.
Categories:
101
Business
FYI
Tags: culturecybersecuritypeople are the only linksecuritysecurity 101SMBSME
(Read more...)
|
|
|
|
|
2017-10-19 17:16:16 |
BYOD, why don\'t you? (lien direct) |
Read more...)
|
|
|
|
|
2017-10-19 00:29:23 |
Magniber ransomware: exclusively for South Koreans (lien direct) |
A few days ago, Magnitude EK resurfaced, this time with a new payload that targets only the country of South Korea. It's called Magniber ransomware.
Categories:
Malware
Threat analysis
Tags: asiamagnibermagnitude EKransomware
(Read more...)
|
|
|
|
|
2017-10-18 18:46:18 |
419 scammer offers USD $60 million-and a free child (lien direct) |
419 scammers offering up untold riches are nothing new. But untold riches and an adopted child for good measure? How could we not explore this one further?
Categories:
Cybercrime
Social engineering
Tags: 419fakephishphishingscam
(Read more...)
|
|
|
|
|
2017-10-18 17:28:43 |
When an “Outstanding†rating from CNET isn\'t enough (lien direct) |
|
|
|
|
|
2017-10-18 15:00:25 |
Why is Malwarebytes blocking CoinHive? (lien direct) |
Since September 19, the number two most frequently blocked website for our customers has been coinhive.com. This post will describe what CoinHive is, what it is doing, and why we are blocking it.
Categories:
Security world
Technology
Tags: adam kujawabitcoinblockingcoin hivecoinhivecoinhive.comcrypto minerscryptocurrencyexclusionjavascript minerMalwarebytesminersmoneroscript minerThe Pirate Bayweb protection
(Read more...)
|
|
|
|
|
2017-10-18 09:00:47 |
Exhibition: it-sa Nuremberg (lien direct) |
Malwarebytes attends it-sa in Germany-Europe's largest expo for IT security. Post written in English and German.
Categories:
Conferences
Security world
Tags: exhibitionit-saMalwarebytesNurembergransomware
(Read more...)
|
|
|
|
|
2017-10-17 16:44:37 |
Release the KRACKen: flaw in Wi-Fi security leaves users vulnerable (lien direct) |
A serious flaw in the wireless protocol that secures all modern protected Wi-Fi networks has been discovered. If your device supports Wi-Fi, it is most likely affected. This feasible attack, dubbed KRACK, could abuse design or implementation flaws in the Wi-Fi standard, not some specific hardware.Â
Categories:
Exploits
FYI
Mobile
Tags: cybersecurityfirmwareHTTPSKRACKWi-Fi
(Read more...)
|
|
|
|
|
2017-10-17 15:00:16 |
Old MS Office feature weaponized in malspam attacks (lien direct) |
An old Microsoft Office feature has been brought back to the forefront as way to distribute malware without relying on macros or exploits.
Categories:
Malware
Threat analysis
Tags: DDEDDEAUTOmacromalspammalwaremicrosoftOfficeword
(Read more...)
|
|
|
|
|
2017-10-17 07:25:29 |
Yet more mobile adware found in Google Play (lien direct) |
Two new mobile adware variants were found in the Google Play store-all in one week.
Categories:
Cybercrime
Mobile
Tags: adwareAndroidandroid adwareMobilemobile adwarepotentially unwanted programs
(Read more...)
|
|
|
|
|
2017-10-16 19:00:56 |
A week in security (October 9 – October 15) (lien direct) |
A compilation of notable security news and blog posts from Monday, October 9 to Sunday, October 15. We presented our quarterly report, won security awards, and lots more.
Categories:
Security world
Week in security
Tags: a week in securityandroid ransomwarebotnetcryptominersddosEquifaxhack backsphishingTransunion
(Read more...)
|
|
Equifax
|
|
|
2017-10-16 18:00:49 |
Phishes, pseudophishes, and bad email (lien direct) |
Everyone knows about phishing. But what about pseudophishing? When companies use poor design, no attribution, and broad requests for personal info, their legit emails look like a phish.
Categories:
Business
Security world
Tags: emailenterprisephishphishingpseudophishscam
(Read more...)
|
|
|
|
|
2017-10-16 17:00:16 |
Mobile Menace Monday: despicable adware (lien direct) |
Are you wondering how that mysterious icon ended up on your Android phone's start screen? Annoyed at the ads clogging your notification bar? It's adware, and you aren't alone.
Categories:
Cybercrime
Mobile
Tags: adwareAndroidandroid adwareMobilepotentially unwanted programs
(Read more...)
|
|
|
|
|
2017-10-13 15:00:41 |
Decoy Microsoft Word document delivers malware through a RAT (lien direct) |
A Remote Administration Tool (RAT) is delivered via an unusual route: a benign-looking Microsoft Word document with an ulterior motive.
Categories:
Exploits
Threat analysis
Tags: CVE-2017-0199CVE-2017-8759exploitsratWord exploits
(Read more...)
|
|
|
|
|
2017-10-12 21:42:28 |
Malvertising on Equifax, TransUnion tied to third party script (lien direct) |
Equifax's website is once again infected, this time with malvertising that redirects to a fake Flash player. Further investigation reveals TransUnion was also targeted.
Categories:
Malware
Threat analysis
Tags: EquifaxFlash PlayermalvertisingTransunion
(Read more...)
|
|
Equifax
|
|
|
2017-10-12 16:00:27 |
Labs report: summer ushers in unprecedented season of breaches (lien direct) |
In this edition of the Malwarebytes Cybercrime Tactics and Techniques report, we saw a number of high profile breaches targeting the personal information of hundreds of millions of people. We also observed shifts in malware distribution, the revival of some old families, and found cases of international tech support scams.
Categories:
Malwarebytes news
Tags: 3rd quarterandroid malwareastrumbreachcerbercybercrimecybercrime tactics and techniquesemotetEquifaxexploit kitfrancophonefruitflyglobeimposterLockymac malwaremalicious spammalspamMalwarebytesmalwarebytes labsnational health serviceNHSoceanlotusq3 2017reportRIGsmartscreensonictech support scamstrickbottrojan.clicker.hyjwhole foods
(Read more...)
|
|
Equifax
APT 32
|
|
|
2017-10-11 17:15:19 |
A new kind of Apple phishing scam (lien direct) |
A new method for phishing Apple ID passwords on iOS would be indistinguishable from a real iOS password request-what are the ramifications?
Categories:
Cybercrime
Mac Cybercrime
Tags: Appleapple phishingiOS phishingmac malwaremac phishingphishing
(Read more...)
|
|
|
|
|
2017-10-10 17:13:16 |
Make way for the GDPR: Is your business ready? (lien direct) |
On May 25th, 2018, the EU General Data Protection Regulation (GDPR) will come into full force. Although this law applies to data controllers and data processors within the European Union, SMEs in the US and other countries that handle online data of Europe and UK citizens are affected by this as well. Thus, there is a need for companies to comply. Where should B2Cs and B2Bs start? Read through our comprehensive guide here.
Categories:
101
FYI
Tags: gdprguidenational cybersecurity awareness monthNCSAM
(Read more...)
|
|
|
|
|
2017-10-09 20:26:06 |
(Déjà vu) A week in security (October 02 – October 08) (lien direct) |
A compilation of security news and blog posts from the 2nd of October to the 8th of October. We touched on the VB2017, National Cybersecurity Awareness Month, and more.
Categories:
Security world
Week in security
Tags: adwareIoTmalwarephishingVB2017
(Read more...)
|
|
|
|
|
2017-10-06 15:00:10 |
Out of character: Homograph attacks explained (lien direct) |
Online and on traditional media, we hear and read about different kinds of cybersecurity attacks that sometimes we get overwhelmed with the terminologies. Most of us grasp what phishing attacks and denial of service (DoS) attacks are, but how familiar are we with homograph attacks?
Categories:
101
FYI
Tags: Explainedhomograph attacksphishingscript spoofingSocial Engineeringtyposquattingvisual spoofing
(Read more...)
|
|
|
|
|
2017-10-05 16:19:25 |
Using ILSpy to analyze a small adware file (lien direct) |
ILSpy is an open-source .NET assembly browser and decompiler. We demonstrate its use looking at a simple adware file.
Categories:
Malware
Threat analysis
Tags: .NETadwareassemblydecompiledotdograndfather.exeilspyPieter Arntz
(Read more...)
|
|
|
|
|
2017-10-02 19:00:03 |
National cybersecurity awareness month: simple steps for online safety (lien direct) |
National cybersecurity awareness month was created to ensure that every American has the resources they need to stay safer and more secure online. And now Malwarebytes is doing its part.
Categories:
101
FYI
Tags: cybersecurity awarenessnational cybersecurity awareness monthpassword managerphishingtech support scams
(Read more...)
|
|
|
|
|
2017-10-02 16:59:47 |
A week in security (September 25 – October 01) (lien direct) |
A compilation of security news and blog posts from the 25th of September to the 1st of October. We touched on that new macOS High Sierra keychain vulnerability, the Deloitte breach, BlueBorne, crypto mining, and others.
Categories:
Security world
Week in security
Tags: bluebornecrypto miningdavid sanchezdeloitte hackHigh SierraJerome Segurakeychain vulnerabilityNathan CollierrecapThomas Reedweekly blog roundupWilliam Tsing
(Read more...)
|
|
Deloitte
|
|
|
2017-09-29 15:00:11 |
BlueBorne – Bluetooth\'s airborne influenza (lien direct) |
Read more...)
|
|
Uber
|
|
|
2017-09-28 16:00:58 |
Deloitte breached by hackers for months (lien direct) |
On September 25, 2017, Deloitte announced that they detected a breach of the firm's global email server via a poorly secured admin email in March of this year. We go over the breach and provide suggestions for Deloitte's cybersecurity clients.
Categories:
Business
Security world
Tags: breachcybersecuritydata breachdeloittehackedhackers
(Read more...)
|
|
Deloitte
|
|
|
2017-09-28 14:58:32 |
Tech support scammers abuse native ad and content provider Taboola to serve malvertising (lien direct) |
See how scammers redirected visitors from MSN to their tech support scam page in this latest malvertising campaign.
Categories:
Social engineering
Threat analysis
Tags: click baitfraudmalvertisingmsnTaboolatech support scams
(Read more...)
|
|
|
|
|
2017-09-27 01:06:51 |
Elaborate scripting-fu used in espionage attack against Saudi Arabia Government entity (lien direct) |
In this post, we take apart a clever set of scripts used in a targeted attack against the government of Saudi Arabia.
Categories:
Malware
Threat analysis
Tags: espionagegovermentmacromicrosoft wordpowershellsaudi arabiascriptingtrojan
(Read more...)
|
|
|
|
|
2017-09-26 18:11:06 |
Keychain vulnerability in macOS (lien direct) |
On Monday, Patrick Wardle, a respected security researcher at Synack and owner of Objective-See, sent a tweet about a keychain vulnerability he had found in macOS High Sierra. As his tweet showed, it is possible for a malicious app to extract, and then exfiltrate, keychain data from High Sierra, with passwords clearly exposed in plain text.
Categories:
Cybercrime
Mac Cybercrime
Malware
Tags: AppleHigh SierramacmacOSmalwarePatreon
(Read more...)
|
|
|
|
|
2017-09-25 17:16:27 |
Drive-by mining and ads: The Wild Wild West (lien direct) |
Cryptomining in the browser is all the rage lately. But what are the impacts for users when it is being abused by dubious publishers?
Categories:
Social engineering
Threat analysis
Tags: adsbrowsercoinhivecryptominercryptominingcryptonightexploit kitJSmalvertisingmalware
(Read more...)
|
|
|
|
|
2017-09-25 16:24:17 |
A week in security (September 18 – September 24) (lien direct) |
A compilation of notable security news and blog posts from the 18th of September to the 24th of September. Read all about the CCleaner supply chain attack and a lot of other security news.
Categories:
Security world
Week in security
Tags: atsccleanerEquifaxiceIRSmacnetflixweekly blog roundup
(Read more...)
|
|
CCleaner
Equifax
|
|
|
2017-09-22 17:32:46 |
Netflix scam warning (lien direct) |
Due to recent Netflix related phishing emails in the UK, we feel it's important to keep an eye out for this scam and others like it.
Categories:
Cybercrime
Social engineering
Tags: netflixphishPieter Arntzscam
(Read more...)
|
|
|
|
|
2017-09-21 20:24:29 |
Don\'t let these gaming threats give you a Game Over (lien direct) |
|
|
|
|
|
2017-09-21 15:00:24 |
Fake IRS notice delivers customized spying tool (lien direct) |
Threat actors leverage a Microsoft Office exploit to spy on their victims. In this blog post, we will review its delivery mechanism and analyze the malware we observed, a modified version of a commercial Remote Administration Tool (RAT).
Categories:
Malware
Threat analysis
Tags: CP2000CVE-2017-0199docexploitIRSmalspammalwareOfficephishingratremote administration toolRMSspyword
(Read more...)
|
|
|
|
|
2017-09-20 15:00:35 |
FTC providing partial refunds for Advanced Tech Support victims (lien direct) |
Last month, the FTC announced the recovery of 10 million dollars from Advanced Tech Support. If you were a victim of ATS, also known as Inbound Call Experts (ICE), you might be able to get a partial refund of what they scammed from you.
Categories:
Government
Security world
Tags: Advanced Tech SupportfraudFTCscamtech support scamTSS
(Read more...)
|
|
|
|
|
2017-09-19 15:00:31 |
How to tell if your Mac is infected (lien direct) |
It's time to start taking a closer look at your Mac. Is it acting like its normal, reliable self? Or is it exhibiting strange behavior? Here's how to tell if your Mac is infected.
Categories:
101
Mac
Tags: adwareanti-malware for MacApplemacMac infectedmac malwarePUPs
(Read more...)
|
|
|
|
|
2017-09-18 22:10:42 |
A week in security (September 11 – September 17) (lien direct) |
A compilation of security news and blog posts from the 11th - 17th September. We look at 0days, more Equifax developments, our usual smattering of blog posts, and more!
Categories:
Security world
Week in security
Tags: 0dayAndroidEquifaxLinkedInmalwarephishingroundupweek in security
(Read more...)
|
|
Equifax
|
|
|
2017-09-18 15:31:16 |
(Déjà vu) Infected CCleaner downloads from official servers (lien direct) |
In a supply chain attack that may be unprecedented in number of downloads download servers hosting CCleaner, distributed by Avast have been delivering a version of CCleaner with malware on top.
Categories:
Business
Security world
Tags: avastccleanermalwarePiriformserversTalos
(Read more...)
|
|
CCleaner
|
|
|
2017-09-15 15:00:08 |
Explained: YARA rules (lien direct) |
YARA is a tool that can be used to identify files that meet certain conditions. It is mainly in use by security researchers to classify malware.
Categories:
Security world
Technology
Threat analysis
Tags: ExplainedmalwarePieter Arntzrulesthe more you knowyara
(Read more...)
|
|
|
|
|
2017-09-14 16:00:50 |
Crowdsourced fraud and kickstarted scams (lien direct) |
Crowdsourced funding opportunities via Kickstarter, Patreon, and GoFundMe have removed many structural roadblocks for people to access capital quickly and conveniently. But they've also lowered the barrier to entry for many very old scams. So how do you tell the difference between a great cause or project to contribute to and a digital confidence scam? Let us take a look at pitfalls on two crowdfunding platforms.
Categories:
Cybercrime
Social engineering
Tags: 419crowdsourcingdonation scamfraudGoFundMeKickstarterPatreonscamToS
(Read more...)
|
|
|
|
|
2017-09-14 15:00:39 |
Equifax aftermath: How to protect against identity theft (lien direct) |
If you are one of the victims of the Equifax breach, you have a heightened risk of becoming a victim of identity theft. And even if you're not, you should take these precautions.
Categories:
101
How-tos
Tags: breachEquifaxEquifax breachidentity theftsocial security numbers
(Read more...)
|
|
Equifax
|
|