Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2017-12-11 16:00:08 |
How cryptocurrency mining works: Bitcoin vs. Monero (lien direct) |
Why do threat actors prefer mining for Monero rather than the very hot Bitcoin cryptocurrency? Let us point out the reasons.
Categories:
Security world
Technology
Tags: bitcoinBlockExplorerBlockHashblocknumbercryptocurrencyminingmonero
(Read more...)
|
|
|
|
|
2017-12-08 17:00:15 |
Napoleon: a new version of Blind ransomware (lien direct) |
The ransomware previously known as Blind has been spotted recently with a .napoleon extension and a bug fix that means files can no longer be decrypted by victims. In this post, we'll analyze the sample for its structure, behavior, and distribution method.
Categories:
Malware
Threat analysis
Tags: Blind ransomwaredecryptionLeChiffre ransomwareNapoleon ransomwareransomware
(Read more...)
|
|
|
|
|
2017-12-08 16:00:22 |
Interesting disguise employed by new Mac malware HiddenLotus (lien direct) |
A new piece of Mac malware called HiddenLotus is using a clever new trick to fool users into opening it.
Categories:
Mac
Threat analysis
Tags: Applefile quarantinehiddenlotusmacMac applicationsmac malwaremacOS
(Read more...)
|
|
|
|
|
2017-12-07 15:00:28 |
How we can stop the New Mafia\'s digital footprint from spreading in 2018 (lien direct) |
|
|
|
|
|
2017-12-06 19:42:54 |
Use TeamViewer? Fix this dangerous permissions bug with an update (lien direct) |
A potentially dangerous permissions bug in TeamViewer grants unauthorised access to either the client or the server-and patches may take up to a week to fully roll out.
Categories:
Cybercrime
Exploits
Tags: bugclientexploitserverteamviewer
(Read more...)
|
|
|
|
|
2017-12-06 17:00:00 |
Internet of Things (IoT) security: what is and what should never be (lien direct) |
Internet of Things technology may soon multiply in the billions. But security for these devices is practically non-existent. What needs to be done to secure IoT users now and in the future?
Categories:
101
Hacking
How-tos
Tags: Internet of ThingsIoTIoT securitypassword manager
(Read more...)
|
|
|
|
|
2017-12-06 16:00:28 |
How to harden AdwCleaner\'s web backend using PHP (lien direct) |
Read more...)
|
|
|
|
|
2017-12-05 18:20:53 |
Blockchain technology: not just for cryptocurrency (lien direct) |
We've talked about how cryptocurrency uses blockchain technology. Now we take a closer look at its other applications, and why blockchain is on the brink of changing the world.
Categories:
Security world
Technology
Tags: blockchaindecentralizeddistributedintermediaryledgersmart contracts
(Read more...)
|
|
|
|
|
2017-12-05 16:00:32 |
Children and young adults: the next-generation money mules (lien direct) |
Money laundering predates the Internet. But today's interconnectedness has made it a lot easier for criminals to lure unsuspecting users into becoming money mules. Their latest victims: children and young adults.
Categories:
Cybercrime
Social engineering
Tags: cifasdon't be fooled campaignfraud preventionmillenialsmoney launderingmoney mulesmurfer
(Read more...)
|
|
|
|
|
2017-12-04 22:48:49 |
Seamless campaign serves RIG EK via Punycode (lien direct) |
The most prolific gate to the RIG exploit kit is coming in a different flavor. The Seamless campaign is now using a domain name with foreign characters translated by Punycode.
Categories:
Exploits
Threat analysis
Tags: phishingPunycoderamnitRamnit TrojanRIGRIGEKSeamlesstrojan
(Read more...)
|
|
|
|
|
2017-12-04 18:30:33 |
A week in security (November 27 – December 03) (lien direct) |
A compilation of notable security news and blog posts from Monday, November 27 to Sunday, December 3, including smart toys, another security breach, ransomware, and things to ponder when shopping for gifts this Christmas season.
Categories:
Security world
Week in security
Tags: a week in securityconferencecryptocurrencyinsider threatsPayPalphishingprivacyransomwarerecaprevenge pornsmart toysTerror EKweekly blog roundupwhatsapp
(Read more...)
|
|
|
|
|
2017-12-04 17:05:12 |
Yet another flaw in Apple\'s “iamroot†bug fix (lien direct) |
|
|
|
|
|
2017-12-01 19:35:26 |
PayPal phish asks to verify transactions-don\'t do it (lien direct) |
Read more...)
|
|
|
|
|
2017-11-30 13:00:25 |
An IRISSCON 2018 roundup (lien direct) |
Last week, researcher Chris Boyd gave a talk at Ireland's longest running security event: IRISSCON. This post contains links to many of the top-rated talks from the event, along with links to additional content.
Categories:
Conferences
Security world
Tags: Chris BoydconferenceconferencesIRISSCONQuentyn Taylor
(Read more...)
|
|
|
|
|
2017-11-29 18:00:10 |
Persistent drive-by cryptomining coming to a browser near you (lien direct) |
If you think closing your browser window to leave a site that runs a cryptominer will stop the mining process, think again. Persistent drive-by cryptomining has arrived.
Categories:
Cybercrime
Malware
Tags: coinhiveCryptojackingcryptominingDrive-by miningmoneropopunder
(Read more...)
|
|
|
|
|
2017-11-29 16:00:02 |
Serious macOS vulnerability exposes the root user (lien direct) |
A major macOS vulnerability in High Sierra was reported. Anyone can log in as "root" with an empty password. Learn more.
Categories:
Cybercrime
Mac Cybercrime
Tags: AppleHigh SierramacOSmacOS vunerabilityroot user
(Read more...)
|
|
|
|
|
2017-11-28 17:31:58 |
Please don\'t buy this: identity theft protection services (lien direct) |
Read more...)
|
|
Equifax
|
|
|
2017-11-27 20:00:34 |
Terror exploit kit goes HTTPS all the way (lien direct) |
A look at some techniques used by the Terror exploit kit to evade traffic-based detection.
Categories:
Exploits
Threat analysis
Tags: exploit kitsmalvertisingPropeller Ads Mediasmoke loaderTerror EKTerror exploit kit
(Read more...)
|
|
|
|
|
2017-11-27 19:25:39 |
Week in security (November 20 – November 26) (lien direct) |
Learn what happened in the world of security during the week of November 20 to November 26.
Categories:
Security world
Week in security
Tags: bitcoinsfacebookimgurImgur breachKRACKmac malwareOSX.ProtonsecurityTerdot TrojantrojanUber breachweek in security
(Read more...)
|
|
Uber
|
|
|
2017-11-27 16:30:33 |
Mobile Menace Monday: Chrome declares war on unwanted redirects (lien direct) |
Google initiates their plans to implement new changes in Chrome to defend against annoying web redirects.
Categories:
Cybercrime
Mobile
Tags: adschromeGooglepop-up blockerredirectssafe browsing
(Read more...)
|
|
|
|
|
2017-11-22 18:47:17 |
Terdot Trojan likes social media (lien direct) |
The Terdot Trojan is a banker, but it loves to steal your social networks credentials as well.
Categories:
Malware
Malwarebytes news
Threat analysis
Tags: bankerfacebooksocial mediaterdottrojantwitter
(Read more...)
|
|
|
|
|
2017-11-21 20:20:36 |
How the EU intends to battle fake news (lien direct) |
The EU has announced to launch of a public consultation and the setup of a high-level expert group in the battle against fake news and online disinformation.
Categories:
Government
Social engineering
Tags: EUfake newshigh level experts grouponline disinformationpublic consultation
(Read more...)
|
|
|
|
|
2017-11-21 16:00:00 |
Text messages and the Bitcoin Code: follow the money trail (lien direct) |
Text messages are being sent around claiming recipients are in possession of a Bitcoin. That would be quite a lot of free money...if it were true. Instead you get the Bitcoin Code, a dodgy trading site we recommend staying far away from.
Categories:
Cybercrime
Social engineering
Tags: bitcoinBitcoin CodebtcCoinDesksmsspam
(Read more...)
|
|
|
|
|
2017-11-20 18:29:16 |
OSX.Proton spreading through fake Symantec blog (lien direct) |
A new variant of the OSX.Proton malware is being promoted via a fake Symantec blog site.
Categories:
Mac
Threat analysis
Tags: CoinThiefmalwareOSX.ProtonprotonProton malwaresymantecSymantec blogSymantec Malware Detector
(Read more...)
|
|
|
|
|
2017-11-20 17:45:51 |
A week in security (November 13 – November 19) (lien direct) |
Learn what happened in the world of security during the week of November 13 – November 19.
Categories:
Security world
Week in security
Tags: camcatphishingcyber mondayemailfraudGoogle Playmalwarephishweek in securityweekly roundup
(Read more...)
|
|
|
|
|
2017-11-17 17:33:49 |
10 tips for safe online shopping on Cyber Monday (lien direct) |
The Internet has always been a lawless place, but it becomes particularly rough during the holiday shopping season. Here's your guide to safe online shopping on Cyber Monday and beyond.
Categories:
101
How-tos
Tags: black fridaycyber mondayscams
(Read more...)
|
|
|
|
|
2017-11-16 17:30:00 |
When you shouldn\'t trust a trusted root certificate (lien direct) |
|
|
|
|
|
2017-11-15 17:46:00 |
Bad romance: catphishing explained (lien direct) |
You may have heard of catfishing, where people lure romancers online by faking their identity. But what about catphishing? This dangerous practice uses similar romantic triggers, only its goal is to dupe users and businesses out of personal info.
Categories:
Cybercrime
Social engineering
Tags: catfishingcatphishingespionageidentity fraudphishingsweetheart scam
(Read more...)
|
|
|
|
|
2017-11-15 00:07:53 |
New Android Trojan malware discovered in Google Play (lien direct) |
New Android Trojan malware has been found in Google Play masquerading as multiple apps. We call this malware Android/Trojan.AsiaHitGroup.
Categories:
Cybercrime
Mobile
Tags: AndroidAsiaHitGroupGoogle PlayMobile
(Read more...)
|
|
|
|
|
2017-11-14 18:24:53 |
Explained: the cloud (lien direct) |
The cloud. What is it? What are the pros and cons, and how can we make it as safe as possible? This post covers the basics.
Categories:
101
FYI
Tags: cloudcomplianceExplainediaasmultiplepaasprivate hybridpublicsecurity
(Read more...)
|
|
|
|
|
2017-11-13 20:47:53 |
A week in security (November 6 – November 12) (lien direct) |
Learn what happened in the world of security during the week of November 6 through 12. Bitcoin multiplier scams, exploit kits, cryptocurrency mining, and a bogus WhatsApp app.
Categories:
Security world
Week in security
Tags: a week in securitybitcoin multipliercryptocurrencycryptocurrency miningDisdain EKneutrino botpuppy scamPUPsrecapSingles' Daywhatsapp. magnitude ek
(Read more...)
|
|
|
|
|
2017-11-13 19:46:42 |
Augmented Reality games and real-world trolling (lien direct) |
The popular Augmented Reality game Ingress has had some issues with third-party tools causing headaches for players. Could your love for a mobile game result in real-world problems? Read on and find out.
Categories:
Social engineering
Threat analysis
Tags: ARaugmented realitygamesgamingingressvideo games
(Read more...)
|
|
|
|
|
2017-11-10 13:00:08 |
How to solve the Malwarebytes CrackMe: a step-by-step tutorial (lien direct) |
One of our analysts created a Malwarebytes CrackMe-an exercise in malware analysis-that was released to the community on Twitter and triggered a positive response.
Categories:
Malwarebytes news
Tags: crackmemalware analyst exerciseMalwarebytes CrackMe
(Read more...)
|
|
|
|
|
2017-11-10 03:00:00 |
Singles\' Day deal seekers beware (lien direct) |
Read more...)
|
|
|
|
|
2017-11-10 00:23:26 |
Disdain exploit kit and a side of social engineering deliver Neutrino Bot (lien direct) |
Exploits may not be enough as threat actors combine them with social engineering in a new Disdain exploit kit attack method.
Categories:
Exploits
Threat analysis
Tags: DisdainEKexploit kitneutrino
(Read more...)
|
|
|
|
|
2017-11-09 13:00:16 |
Winning the battle against PUPs – on your computer and in U.S. District Court (lien direct) |
This week, a United States District Court judge ruled in Malwarebytes favor, dismissing a lawsuit brought against us by Enigma Software Group USA LLC (“Enigmaâ€). Essentially, they sued us because we classified two of their software programs as Potentially Unwanted Programs (PUPs).
Categories:
CEO announcements
Malwarebytes news
PUP
Tags: EnigmaEnigma Softwarepotentially unwanted programsPUMPUPPUPsRegHunterSpyHunter
(Read more...)
|
|
|
|
|
2017-11-08 18:37:11 |
Of scammers and cute puppies (lien direct) |
We take a look at a cute puppy scam, in which criminals seek money for adorable dogs that don't exist.
Categories:
Cybercrime
Social engineering
Tags: 419advance fee fraudmoney mulescam
(Read more...)
|
|
|
|
|
2017-11-08 17:13:12 |
Phony WhatsApp used Unicode to slip under Google\'s radar (lien direct) |
Read more...)
|
|
|
|
|
2017-11-07 19:53:05 |
Part 2: All rise! Mind these digital crimes and arm your business against them (lien direct) |
In the first installment of this two-part series, we saw several crimes consumers should make sure they are on top of to significantly lessen the chances of encountering them in the future. For this post, we're going to look into each digital crimes that keep small businesses and large enterprises up on their toes. No, we don't have Advanced Persistent Threats (APTs) in the list. Yet.
Categories:
101
Business
Tags: attacks on enterprisesbusiness attacksdigital crimesonline crime
(Read more...)
|
|
|
|
|
2017-11-07 13:00:12 |
A look into the global drive-by cryptocurrency mining phenomenon (lien direct) |
As drive-by downloads slow down, drive-by cryptocurrency mining emerges as the latest annoyance that hijacks our PCs' CPU.
Categories:
Cybercrime
Exploits
Privacy
Tags: coinhivecryptocurrenciesCryptojackingDrive-by miningJsMinermonero
(Read more...)
|
|
|
|
|
2017-11-06 18:30:00 |
Stay away from the Bitcoin multiplier scam (lien direct) |
Bitcoin multiplier scams: same old scam, different commodity. Scammers want your Bitcoins, and to get them, they promise to make you rich in less than an hour. Too good to be true? Absolutely.
Categories:
Cybercrime
Social engineering
Tags: bitcoincryptocurrencymultiplierscam
(Read more...)
|
|
|
|
|
2017-11-06 18:00:03 |
A week in security (October 30 – November 5) (lien direct) |
Learn what happened in the world of security during the week of October 30 through November 5. Data breaches, reports, vulnerabilities, and a look at the scariest malware monsters.
Categories:
Security world
Week in security
Tags: apaccybercrimecybercriminalsEstoniaIRISSCONTorMoilWannaCry
(Read more...)
|
|
Wannacry
|
|
|
2017-11-06 17:45:49 |
Explained: blockchain technology (lien direct) |
Continuing education about cryptocurrency, we provide some insight into the technology behind blockchain and explain what makes it secure.
Categories:
101
FYI
Tags: bitcoinblockchainminernodeproof of stakeproof of worksmart contracts
(Read more...)
|
|
|
|
|
2017-11-03 14:00:49 |
What is cryptocurrency and why do cybercriminals love it? (lien direct) |
Ever stumble into a conversation about Bitcoin and wonder, "What is cryptocurrency, anyway?" Read on to learn how it works and why cybercriminals love it.
Categories:
101
FYI
Tags: bitcoinblockchaincoinhivecrypto minerscryptocurrency
(Read more...)
|
|
|
|
|
2017-11-03 02:00:04 |
Why emerging APAC markets are prime targets for the malware of the future (lien direct) |
Cybercriminal activity continues to be heavily targeted toward the US and Europe. But emerging APAC markets are even more susceptible to malware attack. Here's why.
Categories:
Cybercrime
Malware
Tags: AndroidAsia-Pacificcybersecuritycybersecurity awarenessIoT
(Read more...)
|
|
|
|
|
2017-11-02 19:53:33 |
IRISSCON security conference comes to Dublin in November (lien direct) |
IRISSCON is coming to Dublin, Ireland in November. Will you be attending one of the best security conferences around?
Categories:
Conferences
Security world
Tags: conferencedublineventirelandIRISSCON
(Read more...)
|
|
|
|
|
2017-11-01 13:15:18 |
All rise! Mind these digital crimes and arm yourself against them (lien direct) |
News of attacks come and go so fast, sometimes it's hard to keep track. We've done the work for you, sifting through scores of reports to bring you a compilation of digital crimes that are on the rise and what you can do to protect yourself.
Categories:
101
How-tos
Tags: Androidcard skimmingcontactless card fraudcyberbullyinglinuxMac OSmalware
(Read more...)
|
|
|
|
|
2017-10-31 18:59:11 |
Analyzing malware by API calls (lien direct) |
As an alternative to reverse engineering malware that is protectively packed, we look at the option of analyzing malware by API calls to determine what a file might be up to.
Categories:
Technology
Threat analysis
Tags: apiflooderobfuscated malwarepackersPieter Arntztrojanvflooder
(Read more...)
|
|
|
|
|
2017-10-30 20:31:14 |
Know your threats: the nine scariest malware monsters (lien direct) |
It’s been a particularly ghoulish year in cybersecurity, from Russian hacks to ransomware outbreaks. The bad boogey man in the black hoodie has been pulling one over the collective public. It’s dark and creepy, but users refuse to stop peeking behind the door. It’s enough to make even the most grizzled IT admin run for...
Categories:
101
Infographics
Tags: botnetsmalspammalwareransomwarescariest malwarethreatsTrojans
(Read more...)
|
|
|
|
|
2017-10-30 20:01:41 |
A week in security (October 23 – October 29) (lien direct) |
A week in security features a roundup of news stories from the week of October 23 – October 29.
Categories:
Security world
Week in security
Tags: malwarenewsroundupscamSocial Engineeringweek in security
(Read more...)
|
|
|
|