Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-10-26 22:30:00 |
Point-of-sale malware used to steal 167,000 credit cards (lien direct) |
>Categories: NewsTags: POS
Tags: malware
Tags: credit card
Tags: credit identity theft
Tags: C2
Tags: MajikPOS
Tags: Treasure Hunter
Researchers have discovered the theft of 167,000 sets of credit card detials by MajikPOS and Treasure Hunter POS malware
(Read more...)
|
Malware
|
|
★★
|
|
2022-10-26 14:00:00 |
Malformed signature trick can bypass Mark of the Web (lien direct) |
>Categories: NewsTags: MOTW
Tags: mark of the web
Tags: signature
Tags: malformed
Tags: malware
Tags: ransomware
Tags: bypass
Tags: SmartScreen
We take a look at reports that malware authors are using what appears to be a years-old bug to bypass Mark of the Web alerts.
(Read more...)
|
Malware
|
|
|
|
2022-09-28 21:15:00 |
APT28 attack uses old PowerPoint trick to download malware (lien direct) |
>Categories: NewsTags: APT28
Tags: Fancy Bear
Tags: PowerPoint
Tags: PowerShell
Tags: One Drive
Tags: SyncAppvPublishingServer
The Russian APT known as Fancy Bear was caught using an old mouseover technique that doesn't need macros
(Read more...)
|
Malware
|
APT 28
|
|
|
2022-09-28 10:30:00 |
Erbium stealer on the hunt for data (lien direct) |
>Categories: NewsTags: erbium
Tags: malware
Tags: data theft
Tags: stealer
Tags: wallets
Tags: cryptocurrency
Tags: browsers
Tags: browser
Tags: infection
Tags: malware as a service
We take a look at reports of new data theft malware relying on sold old tricks
(Read more...)
|
Malware
|
|
|
|
2022-09-22 11:00:00 |
2K games helpdesk abused to spread RedLine malware (lien direct) |
>Categories: NewsTags: 2k games
Tags: redline
Tags: support
Tags:
The 2K games support helpdesk was abused to mail a link to download the RedLine infostealing malware to customers whose email address was in the system
(Read more...)
|
Malware
|
|
|
|
2022-09-15 10:00:00 |
Cyber threat hunting for SMBs: How MDR can help (lien direct) |
>Categories: BusinessThreat hunting can weed out malware before anything bad like a data breach can happen, but cyber threat hunting is more difficult for SMBs to do than it is for large organizations due to resource constraints. That's where Managed Detection and Response (MDR) can help.
(Read more...)
|
Threat
Data Breach
Malware
|
|
|
|
2022-09-07 22:45:00 |
Evasive Shikitega Linux malware drops Monero cryptominer (lien direct) |
>Categories: NewsCategories: ThreatsResearchers from the AT&T Alien Labs Resarch have discovered a stealthy new Linux malware.
(Read more...)
|
Malware
|
|
|
|
2022-09-07 11:00:00 |
Sextortionists used mobile malware to steal nude videos, contact lists from victims (lien direct) |
>Categories: NewsTags: interpol
Tags: sextortion
Tags: mobile malware
Tags: extortion
In an international police action supported by Interpol, law enforcement agencies have uncovered and dismantled an international sextortion ring.
(Read more...)
|
Malware
|
|
|
|
2022-08-31 15:00:00 |
James Webb telescope images used to hide malware (lien direct) |
>Categories: NewsCategories: ThreatsTags: Msdllupdate.exe
Tags: macros
Tags: James Webb
Tags: certutil
Tags: Golang
Tags: base64
Tags: steganography
Tags: OxB36F8GEEC634.jpg
In a recent malware campaign, images from the James Webb telescope were used to hide malware.
(Read more...)
|
Malware
|
|
|
|
2022-08-15 16:00:00 |
JSSLoader: the shellcode edition (lien direct) |
In this deep dive analysis, we look at the latest version of the JSSLoader malware tied to the FIN7 group.
(Read more...)
|
Malware
|
|
|
|
2022-08-15 14:00:00 |
Introducing Malwarebytes Cloud Storage Scanning: How to scan for malware in cloud file storage repositories (lien direct) |
>Categories: BusinessWe're excited to announce Malwarebytes Cloud Storage Scanning, a new service which extends Nebula malware scanning options to include files stored on cloud storage repositories that are part of your organization's digital ecosystem.
(Read more...)
|
Malware
|
|
|
|
2022-08-03 21:25:52 |
Woody RAT: A new feature-rich malware spotted in the wild (lien direct) |
>The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities.
|
Threat
Malware
|
|
|
|
2022-07-25 12:26:37 |
Lightning Framework, modular Linux malware (lien direct) |
>Researchers at Intezer have published an analysis of a modular and versatile malware targeting Linux systems called Lightning Framework
|
Malware
|
|
|
|
2022-07-14 15:03:32 |
New variant of Android SpyJoker malware removed from Play Store after 3 million+ installs (lien direct) |
A researcher found eight malware-laden apps in the Play Store which have been downloaded over 3 million times.
|
Malware
|
|
|
|
2022-07-05 14:34:06 |
Cloud-based malware is on the rise. How can you secure your business? (lien direct) |
>Cloud-based malware in on the rise. In this post, we'll cover four ways you can help secure your business against cloud-based malware.
|
Malware
|
|
|
|
2022-07-01 17:35:43 |
YTStealer targets YouTube content creators (lien direct) |
>We take a look at reports of scammers targeting Youtuber's channels with malware called YTStealer, that eats authentication cookies.
|
Malware
|
Uber
|
|
|
2022-06-30 15:35:14 |
ZuoRAT is a sophisticated malware that mainly targets SOHO routers (lien direct) |
>Researchers have analyzed a long running campaign that compromises SOHO routers to further penetrate and eavesdrop on networks.
|
Malware
|
|
|
|
2022-06-30 13:33:23 |
Raccoon Stealer returns with a new bag of tricks (lien direct) |
Infamous malware Raccoon Stealer is reportedly back in business after a break.
|
Malware
|
|
|
|
2022-06-21 15:25:09 |
Russia\'s APT28 uses fear of nuclear war to spread Follina docs in Ukraine (lien direct) |
Threat actors associated with Russian intelligence are using the fear or nuclear war to spread data-stealing malware in Ukraine.
|
Malware
|
APT 28
|
|
|
2022-06-15 15:48:24 |
Stealthy Symbiote Linux malware is after financial institutions (lien direct) |
>Symbiote, the latest malware to hit Linux users, is a parasite more than anything. Protect against this banking credential stealer now!
|
Malware
|
|
|
|
2022-06-09 14:18:13 |
ASyncRat surpasses Dridex, TrickBot and Emotet to become dominant email threat (lien direct) |
A review of what's changed in malware in 2022, and what hasn't, based on Adam Kujawa's talk at RSAC 2022.
|
Threat
Malware
|
|
|
|
2022-06-09 13:50:41 |
BlackBasta is the latest ransomware to target ESXi virtual machines on Linux (lien direct) |
>BlackBasta, a newish ransomware group that is somehow linked to Conti, has a new Linux variant of its malware that targets VMware ESXi virtual machines.
|
Ransomware
Malware
|
|
|
|
2022-06-08 13:43:32 |
5 Linux malware families SMBs should protect themselves against (lien direct) |
>In this post, we'll give you an overview of five Linux malware families your SMB should be protecting itself against - and how they work.
|
Malware
|
|
★★★
|
|
2022-05-25 15:48:19 |
Massive increase in XorDDoS Linux malware in last six months (lien direct) |
>Malware attacks against Linux systems are on the rise. And when it comes to bot malware, XorDDoS is the frontrunner.
|
Malware
|
|
|
|
2022-05-19 15:16:00 |
How iPhones can run malware even when they\'re off (lien direct) |
Researchers have found there's a theoretical possibility that malware could run, even when an iPhone is off.
|
Malware
|
|
|
|
2022-05-16 12:28:53 |
How COVID-19 fuelled a surge in malware (lien direct) |
>Research from Malwarebytes reveals an enormous, coronavirus-fuelled surge in malware detections in 2021.
|
Malware
|
|
|
|
2022-05-10 12:04:27 |
“Chemical attack” email warnings deliver Jester Stealer malware (lien direct) |
An email warning of supposed chemical attacks that delivers Jester Stealer malware is being sent to people in Ukraine.
|
Malware
|
|
|
|
2020-12-24 16:30:14 |
VideoBytes: Offensive security tools and the bad guys that use them (lien direct) |
In this Videobyte, we're talking about what penetration testing tools malware gangs love to use and why they are better than what you can get on the black market.
Categories: VideoBytes
Tags: cobalt strikeinterzer labsmimikatzpaul litvak
(Read more...)
|
Malware
|
|
|
|
2020-11-23 15:00:00 |
Lock and Code S1Ep20: Tracking the charities that track you online with Chris Boyd (lien direct) |
This week on Lock and Code, we talk to Chris Boyd, lead malware intelligence analyst for Malwarebytes, about charity organizations and online ad tracking.
Categories: Podcast
Tags: capcomcharitiescharitycharity organizationsChris KrebsdarksideFacebook MessengerforecastfunnydreamIoTMalsmokeonline ad trackingonline advertisement trackingonline advertisingplutonreal time biddingRTBwebnavigatorweek in security
(Read more...)
|
Malware
Guideline
|
|
|
|
2020-11-16 18:00:06 |
Malsmoke operators abandon exploit kits in favor of social engineering scheme (lien direct) |
Threat actors behind malsmoke, one of the largest malvertising campaigns we've seen in recent months, have switched malware delivery tactics.
Categories: ExploitsSocial engineeringThreat analysis
Tags: exploit kitsFalloutMalsmokemalvertisingsmoke loaderSocial Engineering
(Read more...)
|
Malware
|
|
|
|
2020-10-28 15:00:00 |
Fake COVID-19 survey hides ransomware in Canadian university attack (lien direct) |
Universities are a hot target for malware right now. In this latest attack, a threat actor was targeting the University of British Columbia with the goal of distributing ransomware.
Categories:
Cybercrime
Social engineering
Tags: phishphishingransomwareUBCuniversityvaggen
(Read more...)
|
Threat
Ransomware
Malware
|
|
|
|
2020-10-02 17:00:00 |
VideoBytes: Ransomware gets wasted! (lien direct) |
On today's VideoBytes, we look at how ransomware is on the rise, attacking corporations with malware that not only encrypts files, but also steals it.
Categories:
Ransomware
Tags: Anti-Ransomwareevil corpFOIAgarmingdprmalware monthlyMongoDBransomwareransomware-as-a-servicewastedlockerWindows Cache Manager
(Read more...)
|
Ransomware
Malware
|
|
|
|
2020-09-24 17:00:00 |
Sandbox in security: what is it, and how it relates to malware (lien direct) |
Sandboxes and virtual machines are tools that security researchers use to determine whether samples are malicious and what their payload is.
Categories:
Awareness
Tags: AIcontainerizationMazeMLsanboxessandboxingsecurity perimeterVirtual Machines
(Read more...)
|
Malware
|
|
|
|
2020-09-14 14:49:08 |
Lock and Code S1Ep15: Safely using Google Chrome Extensions with Pieter Arntz (lien direct) |
This week on Lock and Code, we talk to Pieter Arntz, malware intelligence researcher for Malwarebytes, about Google Chrome extensions.
Categories:
Podcast
Tags: advanced persistent threatsAPTCenter for Public Health ResearchCharming Kittencovid-19data breachddosDDos attackdistributed denial of service attackelection interferenceelectionsLugar CentremalvertisingNetflix scampandemic
(Read more...)
|
Malware
Conference
|
APT 35
|
|
|
2020-08-21 15:00:00 |
\'Just tell me how to fix my computer:\' a crash course on malware detection (lien direct) |
For the Luddites and the technologically challenged, this is your crash course on malware detection. Learn what it is, how it works, and why it's important.
Categories:
Awareness
Tags: 101anti-exploitAnti-Malwareantiviruscybersecurity awarenessmalwaremalware detectionmalware removalremediationremediation and preventionsecurity 101security awarenesswindows defender
(Read more...)
|
Malware
|
|
|
|
2020-08-10 16:30:05 |
SBA phishing scams: from malware to advanced social engineering (lien direct) |
SBA loan scams continue to make the rounds targeting small business owners, CEOS, and CFOs. Learn what to look out for.
Categories:
Scams
Tags: loanphishingSBAscam
(Read more...)
|
Malware
|
|
|
|
2020-07-21 15:00:00 |
Chinese APT group targets India and Hong Kong using new variant of MgBot malware (lien direct) |
We uncovered an active campaign in early July that we attribute to a new Chinese APT group attacking India and Hong Kong with MgBot malware.
Categories:
Threat analysis
Tags: APTchinachinese aptgovernment of indiahong kongindialoaderMgBotmgbot malwarestate sponsored cyberattack
(Read more...)
|
Malware
|
|
|
|
2020-07-20 15:30:00 |
Lock and Code S1Ep11: Locating concerns of Bluetooth and beacon technology with Chris Boyd (lien direct) |
This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Chris Boyd, lead malware intelligence analyst for Malwarebytes, about Bluetooth and beacon technology. Last month, cybersecurity experts warned the public about the data collection embedded in the Donald Trump 2020...
Categories:
Podcast
Tags: atlas of surveillanceblackrockcisaconfidential vmsdnsgoldenhelperstalkerwaretwitterwebsite misconfigurations
(Read more...)
|
Malware
Guideline
|
|
|
|
2020-07-13 15:30:09 |
A week in security (July 6 – 12) (lien direct) |
A roundup of cybersecurity news from July 6 – 12, including a look at pre-installed malware on some Android phones, and a Mac malware mystery.
Categories:
A week in security
Tags: Androidawismalwarephishingransomwarescamssecuritysocial mediaweek in security
(Read more...)
|
Malware
|
|
|
|
2020-07-08 15:30:00 |
We found yet another phone with pre-installed malware via the Lifeline Assistance program (lien direct) |
We discovered yet another phone model with pre-installed malware provided from the Lifeline Assistance program via Assurance Wireless by Virgin Mobile.
Categories:
Android
Tags: android malwareAndroid/PUP.Riskware.Autoins.FotaAndroid/Trojan.Downloader.WotbyAndroid/Trojan.HiddenAdsMobilemobile malwarepre-installed mobile malware
(Read more...)
|
Malware
|
|
|
|
2020-07-07 17:20:00 |
Mac ThiefQuest malware may not be ransomware after all (lien direct) |
We discovered a new Mac malware, ThiefQuest, that appeared to be ransomware at first glance. However, once we dug in deeper, we found out its true identity-and intention.
Categories:
Mac
Tags: Appledecryptionmacmac antivirusmac malwaremac ransomwaremacOSmalwareransomwarestolen dataThiefQuestviruswiper
(Read more...)
|
Ransomware
Malware
|
|
|
|
2020-06-01 15:00:00 |
Coronavirus campaigns lead to surge in malware threats, Labs report finds (lien direct) |
Our latest, special edition for our quarterly CTNT report focuses on recent, increased malware threats which all have one, big thing in common-using coronavirus as a lure.
Categories:
Cybercrime
Malware
Reports
Scams
Social engineering
Threat analysis
Tags: Attack on home baseavemariaAZORultcoronaviruscovid-19CTNTCTNT reportcybercrime tactics & techniquescybercrime tactics and techniquesdanabotLokiBotMalwarebytesmalwarebytes labsnetwiredRCphishingphishing scamUNICEF
(Read more...)
|
Malware
Guideline
|
|
|
|
2020-04-07 18:27:46 |
Copycat criminals abuse Malwarebytes brand in malvertising campaign (lien direct) |
This fake, copycat Malwarebytes site was set up by cybercriminals to distribute malware in a malvertising campaign. We examine the campaign-and the criminals' motives.
Categories:
Exploits and vulnerabilities
Tags: copycat criminalscopycat sitesexploit kitexploit kitsfake malwarebytes siteFalloutFallout EKmalvertisingmalvertising campaignmalvertising campaignsMalwarebytesRaccoonraccoon stealerthreat actors
(Read more...)
|
Malware
|
|
|
|
2020-03-20 15:00:00 |
Coronavirus scams, found and explained (lien direct) |
Here are some of the many coronavirus email scams that Malwarebytes spotted in the wild, with full details on what they say, what they're lying about, and which malware they're trying to install on your machine.
Categories:
Scams
Tags: 1 470 5982893 784 50 17Agent TeslaBoresha Credit Service Limitedbrennan@caesars.comCDCcenter for disease control and preventioncoronaviruscoronavirus malwareCovid 19 Tracker Appcovid-19COVID-19 WHO RECOMMENDED V.gzFormBookGuLoaderHawkEyeHawkEye keyloggerinfo@bcsl.co.kekeyloggerkeyloggersLastLineNetWireNetWire RATNetWire Remote Access TrojanNO 29 JERUSALEM STREETNovel CoronavirusransomwareredditRESEARCH HOSPITAL ISREALRiskIQsarah@who.comThugCrowdTRN No. 100269864300003trojanTrojanstwitterUS CDCWHOWorld Health Organizat |
Malware
|
|
|
|
2020-02-27 18:34:48 |
Mac adware is more sophisticated and dangerous than traditional Mac malware (lien direct) |
Adware and PUPs can actually be far more invasive and dangerous on the Mac than "real" malware. We demonstrate with analysis of Crossrider, a sophisticated Mac adware that uses evasion and persistence techniques more complex than nation-state malware.
Categories:
Mac
Tags: adwarebundlorecrossridermacMac adwaremac threatsmacOSmacspotentially unwanted programsPUPssurfbuyer
(Read more...)
|
Malware
|
|
|
|
2020-02-18 16:40:45 |
A week in security (February 10 – 16) (lien direct) |
A roundup of the previous week's security news, including Malwarebytes' release of the 2020 State of Malware Report, online dating woes, Emotet infection vectors, ransomware attacks, and more.
Categories:
A week in security
Tags: accusoftCISOcoronavirusDellemotetEquifaxgigabytegridworkshelixHollywoodnude photosonline datingrobbinhoodstate of malware reportxHelper
(Read more...)
|
Ransomware
Malware
|
Equifax
|
|
|
2020-02-11 08:01:00 |
Malwarebytes Labs releases 2020 State of Malware Report (lien direct) |
The 2020 State of Malware Report reveals how cybercriminals upped the ante on businesses, Mac threats outpaced PCs, and ransomware continued its targeted, deadly assault with new families in 2019. Learn all this and more in the full report, linked in our blog.
Categories:
Reports
Tags: 2020 state of malware reportadwareAndroidandroid malwareData privacyemotethacktoolsiOSmacmacOSransomwareryukSodinokibiState of Malwarestate of malware reporttrickbotTrojansweb threatswindows
(Read more...)
|
Ransomware
Malware
|
|
|
|
2020-01-13 16:29:59 |
A week in security (January 6 – 12) (lien direct) |
A cybersecurity news roundup from January 6–12, with a look at Phobos ransomware and a discovery of pre-installed malware on government-funded phones.
Categories:
A week in security
Tags: CESCES 2020Consumer Electronics Showeducation cybersecurityGooglePhobosPhobos ransomwarepre-installed mobile malwareransomwareretail industryRingsearch industrytiktok
(Read more...)
|
Ransomware
Malware
|
|
|
|
2020-01-09 16:00:00 |
United States government-funded phones come pre-installed with unremovable malware (lien direct) |
A US-funded government assistance program is selling budget-friendly mobile phones that come pre-installed with unremovable malicious apps. Malwarebytes Labs investigates the malware's origins.
Categories:
Android
Tags: android malwareAndroid/Trojan.Dropper.Agent.UMXAndroid/Trojan.HiddenAdschinaMobilemobile malwarepre-installed mobile malwarepre-installed softwaretrojan
(Read more...)
|
Malware
|
|
|
|
2019-12-16 18:40:06 |
Mac threat detections on the rise in 2019 (lien direct) |
For the first time ever, Mac threats broke into Malwarebytes' top five overall detections of 2019. Take a look at this and other telemetry that shows Mac malware is certainly on the rise.
Categories:
Mac
Tags: browser extensionsMac adwaremac malwaremac telemetrymac threat detectionsmac threatsnewtabpotentially unwanted programsPUPssafari
(Read more...)
|
Threat
Malware
|
|
|