Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2017-02-21 17:22:42 |
Rogue Chrome extension pushes tech support scam (lien direct) |
Google Chrome may be one of the more secure browsers but an increasing number of malicious extensions are being forced onto users. The one we analyze can hide itself and receive commands from a remote server in order to hijack the browser with incessant offers, fraud and even tech support scams.Categories:
Social engineering
Threat analysisTags: chromeChrome Extensionextensionfake chrome extensionGoogleGoogle Chromemalvertisingtech support scam(Read more...) |
|
|
|
|
2017-02-17 16:30:10 |
Explained: Bayesian spam filtering (lien direct) |
Bayesian spam filtering is based on Bayes rule, a statistical theorem that gives you the probability of an event. In Bayesian filtering it is used to give you the probability that a certain email is spam. The name Named after the statistician Rev. Thomas Bayes who provided an equation that basically allows new information to...Categories:
Security world
TechnologyTags: bayesianfilterPieter Arntzspamthe more you know(Read more...) |
|
|
|
|
2017-02-15 19:58:07 |
A week in security (Feb 6th – Feb 12th) (lien direct) |
A round up of the last week's notable security stories.Categories:
Security world
Week in securityTags: downloadermacsafer internet daySpigotweekly round up(Read more...) |
|
|
|
|
2017-02-14 10:00:48 |
Staying safe online on Valentine\'s Day (lien direct) |
Read more...) |
|
|
|
|
2017-02-13 16:00:13 |
Always read the EULAAARGH: Part 1 (lien direct) |
Part one of two blogs covering a talk given at IRISSCON in November 2016. How much do you really know about EULAs and Privacy Policies?Categories:
Conferences
Security worldTags: EULAGoogle PlayIRISSCONprivacysecurityterms of serviceToS(Read more...) |
|
|
|
|
2017-02-10 16:00:24 |
Microsoft Office macro malware targets Macs (lien direct) |
Macro malware have been around for quite some time, but have mostly just been a nuisance to Mac users. Unfortunately, that has now changed.Categories:
Cybercrime
MalwareTags: ApplemacMacro malwaremalwareMicrosoft Office(Read more...) |
|
|
|
|
2017-02-09 16:00:37 |
MacDownloader malware targeting defense industry (lien direct) |
Researchers Claudio Guarnieri and Collin Anderson recently discovered new Mac malware, which they have dubbed MacDownloader.Categories:
Mac
Malware
Threat analysisTags: Adobe Flash PlayerApplemacMacDownloadermacOSmalwarephishingspearphishing(Read more...) |
|
|
|
|
2017-02-08 18:00:03 |
Spigot browser hijackers (lien direct) |
Spigot browser hijackers of this family are easy to recognize and in our opinion hardly worth installing because they add no more functionality then a few bookmarks. We hope this post helps you to avoid them in the future.Categories:
PUP/PUMTags: browser hijackerPieter Arntzpotentially unwanted programsPUPSpigot(Read more...) |
|
|
|
|
2017-02-07 20:13:09 |
A week in security (Jan 30th – Feb 5th) (lien direct) |
A compilation of notable security news and blog posts from the 30th of January to the 5th of February. This week, we look back at phishing, ransomware, nation state attacks and banking malware.Categories:
Security world
Week in securityTags: democracyDRMLocky Bart ransomwarephishingpokemonransomwareweekly roundup(Read more...) |
|
|
|
|
2017-02-07 18:00:00 |
Wi-Fi Security 101 (lien direct) |
For anyone that travels, uses their phone in public, or stays constantly connected to the internet anywhere they go-which probably means you, Wi-Fi security should be a top priority.Categories:
101
FYITags: hackershotspotHTTPSsecurity breachSSIDWi-Fi(Read more...) |
|
|
|
|
2017-02-07 14:00:28 |
Celebrate Safer Internet Day (lien direct) |
Safer Internet Day is an awareness-raising campaign that started in Europe more than a decade ago and is now celebrated in more than 100 countries. See what you can do to participate.Categories:
101
FYITags: safer internet daySIDSID2017(Read more...) |
|
|
|
|
2017-02-03 16:00:28 |
2016 State of Malware Report (lien direct) |
2016 was the year that reminded us how important prevention is, no matter what type of user you may be. Indeed ransomware dominated the threat landscape and was heavily distributed via phishing emails, compromised websites, or malicious ads. With such a threat that encrypts your valuable data, there is often times very little you can do...Categories:
Malwarebytes newsTags: botnetsddosmalwarephishransomwareState of Malware(Read more...) |
|
|
|
|
2017-02-01 16:00:23 |
Why do I care about someone else\'s data breach? (lien direct) |
|
|
|
|
|
2017-01-31 18:01:20 |
A look back at the Zyns iframer campaign (lien direct) |
Behind compromised sites or malvertising, you will often find trails that can take you back years and see how infection chains evolved, or didn't, over time.Categories:
Exploits
Threat analysisTags: campaigneitestexploit kitsiframemalvertisingmalwareransomwareZyns iframer(Read more...) |
|
|
|
|
2017-01-31 16:00:51 |
Locky Bart ransomware and backend server analysis (lien direct) |
The developers of Locky Bart already had very successful ransomware campaigns running called “Locky†and “Locky v2â€. After some users reported being infected with Locky Bart, we investigated it to find the differences as to gain greater knowledge and understanding of this new version.Categories:
Malware
Threat analysisTags: analysisAnti-Ransomwarebackend serverbartbinaryLockyLocky Bart ransomwareransomware(Read more...) |
|
|
|
|
2017-01-30 22:19:06 |
How do I get my employees to stop clicking on everything? (lien direct) |
If you've been given responsibility for network security in a non-technical area of the business, there's one eternal question that has been bedeviling. How do you get your employees to stop clicking on everything?Categories:
101
BusinessTags: Business Email Compromisebusiness securityCISOphishingscamThreat Intelworkforce(Read more...) |
|
|
|
|
2017-01-26 19:24:50 |
Zbot with legitimate applications on board (lien direct) |
Recently, among the payloads delivered by exploit kits, we often find Terdot.A/Zloader - a downloader installing on the victim machine a ZeuS-based malware.Categories:
Cybercrime
Malware
Malware
Threat analysisTags: bankerbanking malwaremalwareterdotzbotZeus malwareZloader(Read more...) |
|
|
|
|
2017-01-25 21:00:13 |
VirLocker\'s comeback; including recovery instructions (lien direct) |
Read more...) |
|
|
|
|
2017-01-25 16:00:34 |
Avoid these “Free Minecraft / Garry\'s Mod†adverts (lien direct) |
Read more...) |
|
|
|
|
2017-01-23 13:47:38 |
Mobile Menace Monday: AndroRAT Evolved (lien direct) |
An increasing amount of mobile malware known as Android/Trojan.AndroRAT has been seen in the wild lately.  AndroRAT is a contraction of Android and RAT (Remote Access Tool). This piece of malware is far from new, but has gradually become more evolved over the years. AndroRAT History As the story goes (according to its GitHub page),...Categories:
Cybercrime
MobileTags: AndroidAndroRATmalwareMobilemobile menace mondaymobile securitytriple m(Read more...) |
|
|
|
|
2017-01-20 16:00:41 |
(Déjà vu) Understanding the basics of Two-Factor Authentication (lien direct) |
With data breaches resulting in leaked passwords occurring almost daily, two-factor authentication has become an essential tool in the security toolkit.Categories:
101
FYITags: 2faauthenticationmfaMulti-Factor AuthorizationpasswordsPieter Arntzssotokentotptwo-factor authentication(Read more...) |
|
|
|
|
2017-01-19 18:00:45 |
Verified Twitter accounts compromised, get busy spamming (lien direct) |
Verified Twitter accounts tend to be a little more secure than those belonging to non-verified users due to the amount of extra hoop jumping required to get one of those ticks in the first place. A number of security requirements, including providing a phone number and setting up 2FA, are all things a would-be verified Twitter user needs to do. Unfortunately, things can still go wrong...Categories:
Cybercrime
Social engineeringTags: social mediaspamsponsored tweetstwitterverifiedVerified Twitter(Read more...) |
|
|
|
|
2017-01-19 16:00:11 |
Malwarebytes Labs Blog Comment Safari (lien direct) |
Today we're looking at some comments on our blogs we got from spammers who apparently don't look too closely at which site they're at before they hit "Send".Categories:
Cybercrime
Social engineeringTags: 419Illuminatinigerianscamspamspammers(Read more...) |
|
|
|
|
2017-01-18 18:00:50 |
From a fake wallet to a Java RAT (lien direct) |
We take a look at Adwind, one of the most popular Java Remote Administration Tool. This RAT was distributed via a phishing email and amongst other things, can steal credentials or capture screenshots on the infected machine.Categories:
Cybercrime
MalwareTags: AdwindbitcoindecryptorhasherezadeJRAT botmalwarephishing(Read more...) |
|
|
|
|
2017-01-18 15:00:05 |
New Mac backdoor using antiquated code (lien direct) |
The first Mac malware of 2017 was discovered by an IT admin, who spotted some strange outgoing network traffic from a particular Mac. This led to the discovery of a new piece of malware unlike anything I've seen before and the first new piece of malware for the Mac in 2017.Categories:
Mac
Threat analysisTags: AppleInternet of ThingsIoTlinuxmacmalware(Read more...) |
|
|
|
|
2017-01-16 16:30:49 |
A week in security (Jan 08 – Jan 14) (lien direct) |
A compilation of notable security news and blog posts from the 8th of January to the 14th. This week, we look back at sponsored tweets that phish, fake Word documents that downloads and executes a bot, ad fraud, and, yes, selfies.Categories:
Security world
Week in securityTags: ad fraudBotneutrino botphishing scamrecapselfiesponsored tweetweekly blog roundup(Read more...) |
|
|
|
|
2017-01-13 17:18:37 |
Selfie safety: keeping your security picture perfect (lien direct) |
Selfies! Everybody likes the odd selfie, but are you keeping good security practices in mind when setting up the shot? There are dangers both online and off. We take a look at the latest possible security issue stemming from a quick snap, along with some of the things you should (and shouldn't) be doing when lining up your latest photo.Categories:
Cybercrime
PrivacyTags: Instagramselfieselfiessnapchatsocial mediasocial networktwitter(Read more...) |
|
|
|
|
2017-01-12 16:00:10 |
More phishy sponsored tweets (lien direct) |
Watch out: sponsored Tweets leading to phishing pages are doing the rounds once more. We take a look at the latest phishing scam being pushed to unsuspecting Twitter users, and show how the scammers are after a double-whammy of login credentials and credit card information.Categories:
Cybercrime
Social engineeringTags: phishphishingscamscammerssponsoredtweettwitter(Read more...) |
Guideline
|
|
|
|
2017-01-11 16:00:37 |
Post-holiday spam campaign delivers Neutrino Bot (lien direct) |
Spammers took a break over the holidays but are back in form with a campaign pushing the Neutrino Bot.Categories:
CybercrimeTags: ddosmacromicrosoftMicrosoft Security Officeneutrino botspam(Read more...) |
|
|
|
|
2017-01-10 19:07:40 |
Explained: Environmental variables (lien direct) |
This post is intended to make readers aware of the existence and use of environmental variables. A windows feature that is often only known to programmers and other advanced users. Categories:
101
FYITags: environmental variablesExplainedPieter Arntzthe more you knowwindows(Read more...) |
|
|
|
|
2017-01-10 15:51:11 |
Clickjacking campaign abuses Google Adsense, avoids ad fraud bots (lien direct) |
Ad fraud is a billion dollar problem for advertisers. When real users are tricked into clicking on ads they can't even see, (almost) everyone loses.Categories:
CybercrimeTags: ad frauddoubleclickEKexploit kitsGoogleGoogle AdsGoogle Adsensemalvertisingmalware(Read more...) |
|
|
|
|
2017-01-09 21:49:53 |
A week in security (Jan 01 – Jan 07) (lien direct) |
A compilation of notable security news and blog posts from the 1st of January to the 7th. This week, we touched on the Sundown exploit kit with a surprising payload and a fake technical support page that wreaked havoc on Mac systems.Categories:
Security world
Week in securityTags: denial of servicedosEKexploit kitrecapsundowntech supportweekly blog roundup(Read more...) |
|
|
|
|
2017-01-07 01:29:06 |
The curious case of a Sundown EK variant dropping a Cryptocurrency Miner (lien direct) |
A strange variant or copycat of Sundown EK drops an unexpected payload that we decided to look deeper into.Categories:
CybercrimeTags: bitcoincryptomoneroSundown EKsundownek(Read more...) |
|
|
|
|
2017-01-05 15:00:26 |
Tech support scam page triggers denial-of-service attack on Macs (lien direct) |
Tech support scammers are up to dirty tricks again, trying to cause your computer to freeze by simply visiting a webpage.Categories:
MacTags: browser alertmacMac OSmalwaresafaritech supporttech support scamTSS(Read more...) |
|
|
|
|
2016-12-28 17:00:38 |
Closing the gender gap in tech with RGSoC (lien direct) |
The last couple of years saw a growth in diversity- and women-focused tech events and programs; suddenly, everyone seems to be worried about diversity in our industry. But why is diversity in technology something we should care about?Categories:
Malwarebytes newsTags: female executivesgender equalitygender gapphilanthropyRail Girls Summer of CodeRGSoCtechtechnologywomen that code(Read more...) |
|
|
|
|
2016-12-26 17:06:27 |
Mobile Menace Monday: Safe Practices with Your Mobile Device (lien direct) |
'Tis the season for gift giving, and who wouldn't be excited about receiving a brand new mobile device! Before you start loading your new device with various apps, we shared in this post several safe practices to make sure your holidays stay malware-free.Categories:
Cybercrime
MobileTags: AndroidMobilemobile menace mondaymobile securitytriple m(Read more...) |
|
|
|
|
2016-12-22 16:37:09 |
Why Malwarebytes detects PC Pitstop as Potentially Unwanted (lien direct) |
PC Pitstop makes several products including PC Matic, PC Magnum, Optimize, Driver Alert, and Disk MD. As of a few weeks ago, we detect these products as PUP.Optional, here is why.Categories:
PUP/PUMTags: Disk MDDriver AlertMalwarebytesOptimizePC MagnumPC MaticPC PitstopPotentially UnwantedPUPPUP.Optional(Read more...) |
|
|
|
|
2016-12-21 17:00:52 |
Malwarebytes teams up with America SCORES (lien direct) |
Malwarebytes was proud to participate in America SCORES Bay Area's Corporate Cup this winter. The local non-profit helps provide after school soccer and poetry programs at public schools in low-income communities. Categories:
Malwarebytes newsTags: America SCORESlow-incomenon-profitphilanthropypoetrysoccer(Read more...) |
|
|
|
|
2016-12-20 17:00:12 |
Vetting your vendors: money isn\'t everything (lien direct) |
|
|
|
|
|
2016-12-19 20:49:58 |
A week in security (Dec 11 – Dec 17) (lien direct) |
A compilation of notable security news and blog posts from the 11th of December to the 17th. This week, we talked about ransomware, screen lockers, Goldeneye--not the James Bond movie--and Malwarebytes' 2017 predictions.Categories:
Security world
Week in securityTags: goldeneyepredictionsransomwarerecaptech supporttech support scamsTSSVinCEweekly blog roundup(Read more...) |
|
|
|
|
2016-12-19 19:00:34 |
Scam as a service 2: the B team (lien direct) |
Interest in Tor based threats is increasing to the extent that some vendors will scoop up all activity they find on Tor and provide you a nice front end to search through it at your leisure. This might lead the casual observer to assume that the darkness is a one stop shop for cyber threats, but criminals existed on the internet prior to Tor, and still do quite well for themselves without it. In fact, bad guys with good OPSEC tend to be the exception, rather than the rule. So let's take a quick look at some unpleasant stuff and the nadir of bad OPSEC, Facebook.Categories:
Cybercrime
Privacy
Social engineeringTags: darknetfacebookscamsocial mediatech supporttech support scam(Read more...) |
Guideline
|
|
|
|
2016-12-15 19:00:45 |
Tech support scams, stolen data, and botnets (lien direct) |
We've found a scam in a box company that also offers intelligence leads. That is, they'll sell you the scam and point you at the most vulnerable targets first.Categories:
Criminals
Threat analysisTags: botnetBPO Experts GlobalBPOreseroucesDellscams as a servicetech supporttech support scamTSSwinlogon(Read more...) |
Guideline
|
|
|
|
2016-12-15 16:00:14 |
Goldeneye Ransomware – the Petya/Mischa combo rebranded (lien direct) |
From March 2016 we've observed the evolution of an interesting low-level ransomware, Petya. Now, we are facing an outbreak of the fourth version - this time under a new name - Goldeneye, and, appropriately, a new, golden theme.Categories:
Malware
Threat analysisTags: Cerber ransomwareGoldeneye ransomwarehasherezademalwareMischa ransomwarePetya ransomwarephishingransomwareSatana ransomware(Read more...) |
|
|
|
|
2016-12-14 19:00:42 |
A closer look at a tech support screen locker (lien direct) |
As a demonstration of how Tech Support Scammers operate and try to lure victims into calling their number, we show you some snippets of the code, explaining what they're up to.Categories:
Cybercrime
MalwareTags: bsodescapelockscreenmalwareMalwarebytes 3.0Pieter ArntzPUPscammertech supporttech support scammersVinCEwindows(Read more...) |
|
|
|
|
2016-12-14 17:00:04 |
Security in 2017: Ransomware will remain king (lien direct) |
2016 was the year of ransomware, with hackers focusing their attention on exploiting Internet users and businesses around the world for profit.Categories:
Malware
Threat analysisTags: cybersecuritypredictionsransomwaresecurity(Read more...) |
|
|
|
|
2016-12-13 17:06:16 |
Ransomware tries its hand at being a deadly viral meme (lien direct) |
Memes are weird things, and weren't always about lolcats or frogs or whatever the latest terrible image macro doing the rounds happens to be. I quite like this line from Wikipedia on said subject: Proponents theorise that memes are a viral phenomenon that may evolve by natural selection...Memes that propagate less prolifically may become extinct, while others may survive, spread, and (for better or for worse) mutate. The plot of The Ring is pretty much the concept of a meme made deadly - pass on this cursed videotape within 7 days, or you die horribly. How far will you go to save yourself? Well, our old friend 2016 is here to ask that question one more time, because Ransomware authors have decided to tweak their victim's get out of jail method. Categories:
Cybercrime
MalwareTags: infectmalwareMalwarebytes 3.0memeransomwarespread(Read more...) |
|
|
|
|
2016-12-12 23:29:58 |
A week in security (Dec 04 – Dec 10) (lien direct) |
A compilation of notable security news and blog posts from the 4th of December to the 10th. This week, we talked about DGA, a rootkit, another malvertising campaign, and a fake news about "smart drugs".Categories:
Security world
Week in securityTags: dgafake newsmalvertisingMalwarebytes 3.0recaprootkitweekly blog roundup(Read more...) |
|
|
|
|
2016-12-08 12:59:33 |
Announcing Malwarebytes 3.0, a next-generation antivirus replacement (lien direct) |
Announcing the launch of our next-generation online security product, Malwarebytes 3.0! This product is built to provide comprehensive protection against today's sophisticated threats so that you can finally replace your traditional antivirus software.Categories:
Malwarebytes news
Product updatesTags: anti exploitAnti-MalwareAnti-RansomwareantivirusexploitmalwareMalwarebytesMalwarebytes 3.0marcin kleczynskiproduct announcementransomware(Read more...) |
|
|
|
|
2016-12-07 17:02:24 |
Simple userland rootkit – a case study (lien direct) |
In this article, we will have a case study of a simple userland rootkit, that uses a technique of API redirection in order to hide own presence from the popular monitoring tools.Categories:
Malware
Threat analysisTags: malwarerootkit(Read more...) |
|
|
|
|
2016-12-06 20:57:09 |
AdGholas malvertising: business as usual (lien direct) |
The AdGholas malvertising group was once again exposed after a short summer interruption. We review the highlights of this high impact campaign that flew under the radar for over three months.Categories:
ExploitsTags: adgholasastrumEKexploitexploit kitmalvertising(Read more...) |
|
|
|