Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2019-10-09 15:00:00 |
How to protect against stalkerware, a murky but dangerous mobile threat (lien direct) |
Stalkerware has capabilities as dangerous as nation-state malware, but is often marketed as legitimate. So how do you protect against stalkerware when it's not always clear it's a threat?
Categories:
Stalkerware
Tags: domestic abusedomestic violencemonitoringmonitoring applicationsmonitoring appsnational cyber security awareness monthnational cybersecurity awareness monthNCSAMparental monitoring applicationsparental monitoring appsstalkerwaretrackerstracking applicationstracking apps
(Read more...)
|
Threat
|
|
|
|
2019-10-03 15:00:00 |
Magecart Group 4: A link with Cobalt Group? (lien direct) |
Malwarebytes threat intel partnered with security firm HYAS to connect the dots between Magecart Group 4 and the advanced threat group Cobalt.
Categories:
Threat analysis
Tags: carbanakcolbalt groupcredit cardsdata theftecommerceFIN7group 4HYASJavaScriptMagecartskimmersthreat actorthreat actor groupthreat actors
(Read more...)
|
Threat
|
|
|
|
2019-10-02 19:20:10 |
Explained: security orchestration (lien direct) |
Security orchestration is a regulator that makes sure security solutions, often from different vendors, work well together to automate response and keep organizations safe.
Categories:
Explained
Tags: automated threat responseIncident Responseincident response protocolsorchestrationsecuritysecurity orchestrationsiemsoar
(Read more...)
|
Threat
|
|
|
|
2019-09-24 17:19:23 |
15,000 webcams vulnerable to attack: how to protect against webcam hacking (lien direct) |
We take a look at the ever-present threat of webcam hacking, and what you can do to avoid being caught out.
Categories:
Hacking
Tags: camcameradeviceshackershackinghubInternet of ThingsIoTIoT devicesmonitorsecurity by designvulnerabilitieswebcamwebcam hacks
(Read more...)
|
Threat
|
|
|
|
2019-08-27 17:36:05 |
Study explores clickjacking problem across top Alexa-ranked websites (lien direct) |
We look at recent research exploring the threat of clickjacking, along with other solutions considered by site owners and analysts for protecting users against these online attacks.
Categories:
Web threats
Tags: advertisingalexaalexa-ranked websiteschromiumclickjackingclickjacking attacksclickjacking researchobserverrankingresearchstudyweb threatswebsites
(Read more...)
|
Threat
|
|
|
|
2019-08-14 13:00:00 |
Trojans, ransomware dominate 2018–2019 education threat landscape (lien direct) |
Trojans such as Emotet and TrickBot were the top threat for the education sector in the 2018–2019 school year. What threats will the new school year bring?
Categories:
Trojans
Tags: cyberthreatseducation cybersecurityemotetransomwareryukRyuk ransomwaretrickbotTrojans
(Read more...)
|
Threat
Ransomware
|
|
|
|
2019-08-08 14:00:00 |
Labs quarterly report finds ransomware\'s gone rampant against businesses (lien direct) |
Read more...)
|
Threat
Ransomware
|
|
|
|
2019-07-24 18:09:03 |
A deep dive into Phobos ransomware (lien direct) |
We take an in-depth look into Phobos ransomware which threat actors distribute via RDP and look at similarities with Dharma (AKA CrySis) ransomware.
Categories:
Threat analysis
Tags: crysisdharmaPhobosransomware
(Read more...)
|
Threat
Ransomware
|
|
|
|
2019-07-18 17:58:02 |
Threat Spotlight: Sodinokibi ransomware attempts to fill GandCrab void (lien direct) |
There's a new ransomware-as-a-service (RaaS) in town, and it can twist tongues for giggles as much as twist organizations' arms for cash. Get to know the Sodinokibi ransomware, including how to protect against this fledgling threat.
Categories:
Threat spotlight
Tags: 177a571d7c6a6e4592c60a78b574fe0ebf9359046c4f5c24de0a9de28bbabd14caasCisco Taloscrime-as-a-serviceCVE-2018-8453CVE-2019-2725e713658b666ff04c9863ebecb458f174FruitArmor APTgandcrabHeaven's Gatemalvertisingmanaged service providersmsp hackOracle WebLogic vulnerabilityraasRansom.SodinokibiransomwareRansomware as a Servicerevilsalsa20shadow copysodinSodinokibivolume snapshot servicevssWin32k vulnerabilityzero-day vulnerability
(Read more...)
|
Threat
Ransomware
|
|
|
|
2019-06-12 16:03:02 |
MegaCortex continues trend of targeted ransomware attacks (lien direct) |
In this threat spotlight, we feature MegaCortex, another custom ransomware designed for targeted attacks on enterprises. Will this Matrix-inspired malware strike again?
Categories:
Threat spotlight
Tags: aes128ctrbusiness securitymegacortexransomransom.megacortexransomwareransomware attacktargeted ransomware
(Read more...)
|
Threat
Ransomware
Malware
|
|
|
|
2019-05-15 16:02:01 |
Threat spotlight: CrySIS, aka Dharma ransomware, causing a crisis for businesses (lien direct) |
CrySIS, aka Dharma, is a ransomware family making waves over the last two months, often being used in targeted attacks through RDP access. What other tricks are up its sleeve?
Categories:
Malware
Threat analysis
Tags: Anti-Ransomwarecrysisdharmamalwareransomransomwarerdprdp access
(Read more...)
|
Threat
Ransomware
|
|
★★★
|
|
2019-05-02 15:00:00 |
Cryptojacking in the post-Coinhive era (lien direct) |
Cryptojacking captured everyone's attention in 2017 and 2018. With Coinhive no longer in business, has this threat been completely snuffed out?
Categories:
Cybercrime
Tags: coinhivecoinimpCryptojackingcryptolootdrive-by cryptominingwebminepool
(Read more...)
|
Threat
|
|
|
|
2019-04-26 16:06:01 |
GitHub hosted Magecart skimmer used against hundreds of e-commerce sites (lien direct) |
Magecart threat actors upload their skimming code onto GitHub in the latest attack against Magento websites.
Categories:
Cybercrime
Tags: GitHubMagecartmagentoskimmer
(Read more...)
|
Threat
|
|
★★★★★
|
|
2019-04-19 18:37:05 |
Funky malware format found in Ocean Lotus sample (lien direct) |
Recently, one of our researchers presented at the SAS conference on "Funky malware formats"-atypical executable formats used by malware that are only loaded by proprietary loaders. In this post, we analyze one of those formats in a sample called Ocean Lotus from the APT 32 threat group in Vietnam.
Categories:
Malware
Threat analysis
Tags: APT 32atypical malware formatsBLOBCABcustom formatmalware formatocean lotusVietnam
(Read more...)
|
Threat
Malware
|
APT 32
|
|
|
2019-04-17 16:04:02 |
Malware targeting industrial plants: a threat to physical security (lien direct) |
When malware shuts down the computer systems of an industrial plant, it could threaten the physical security of those working in or living near it. Here's how to protect your workforce and your business from targeted threats.
Categories:
101
Business
Tags: controllerslockergogamanufacturingphysical securityproductionransomware
(Read more...)
|
Threat
Malware
|
|
|
|
2019-03-14 15:00:00 |
Emotet revisited: pervasive threat still a danger to businesses (lien direct) |
Emotet is often mentioned as one of the most annoying, effective, and costly present-day malware infections. We discuss the reasons why and the proper way to remove it.
Categories:
Cybercrime
Malware
Tags: banking TrojanbotnetemotetEternalBlueinformation stealerRyuk ransomwareSMB vulnerabilitiestrickbottrojan
(Read more...)
|
Threat
Malware
|
|
|
|
2019-03-12 16:27:00 |
The Advanced Persistent Threat files: Lazarus Group (lien direct) |
Lazarus Group, the threat actors likely behind the Sony breach and WannaCry outbreak, are in the news again. Here's what you need to know about this North Korean organization, and what you should do to protect against such nation-state attacks.
Categories:
Criminals
Threat analysis
Tags: APTLazarusNorth Korea
(Read more...)
|
Threat
Medical
|
Wannacry
APT 38
|
|
|
2019-03-01 16:43:03 |
Spectre, Google, and the Universal Read Gadget (lien direct) |
A recently released paper by Google has resurrected the spirit of Spectre, a seemingly never-ending threat to most makes of processor. We take a look at what this means, and what the Universal Read Gadget means for most technology users.
Categories:
Cybercrime
Hacking
Tags: CPUexploitGoogleMeltdownmeltdown and spectreSpectreuniversal read gadgetvulnerability
(Read more...)
|
Threat
|
|
|
|
2019-02-22 17:59:01 |
The Advanced Persistent Threat Files: APT1 (lien direct) |
Next up in the Advanced Persistent Threat Files: APT1, a unit of the People's Liberation Army of China known for wide-scale and high-volume data collection on mostly English-speaking companies.
Categories:
Criminals
Threat analysis
Tags: advanced persistent threatsAPT groupsAPT1chinaChinese malwaremimikatz
(Read more...)
|
Threat
|
|
|
|
2019-02-08 19:09:03 |
Compromising vital infrastructure: communication (lien direct) |
In the series about vital infrastructure we look at communication. How vital is it? How is malware a threat and even how does malware show us the way to secure communication?
Categories:
Business
Security world
Tags: botnetsBreaking the internetcommunicationDDos attackDomain Generating Algorithmsencryptionhordesinfrastructureinternet backboneMisinformation and fake newsmobile telephone networksMyanmarredundancyvital
(Read more...)
|
Threat
Malware
|
|
|
|
2019-01-29 16:00:00 |
Interview with a malware hunter: Jérôme Segura (lien direct) |
In our series called "Interview with a malware hunter," we turn to Jerome Segura, Head of Threat Intelligence at Malwarebytes. In this Q&A session, we'll take you behind the scenes to get to know one of our malware intelligence crew.
Categories:
101
FYI
Tags: cybersecurity researcherexploit kitsJerome Seguramalware hunterresearchersecurity reseracher
(Read more...)
|
Threat
Malware
|
|
|
|
2019-01-23 08:01:03 |
2019 State of Malware report: Trojans and cryptominers dominate threat landscape (lien direct) |
The 2019 State of Malware report is here. Learn what Malwarebytes Labs researchers discovered about the top global threats for businesses and consumers in 2018, and predictions for 2019.
Categories:
CTNT report
Malwarebytes news
Tags: 2019 State of Malware reportAIbyoscryptominersemotetinformation stealersIoTlabs reportransomwarestate of malware reporttrickbotTrojans
(Read more...)
|
Threat
Malware
|
|
|
|
2019-01-18 16:00:00 |
Hosting malicious sites on legitimate servers: How do threat actors get away with it? (lien direct) |
Is money all hosting providers care about when it comes to allowing malicious sites on their servers? Or is there more at play? We embark on an investigation to discover their motives.
Categories:
Cybercrime
Malware
Tags: hostingmalicious sitesmalwaretakedownsweb security
(Read more...)
|
Threat
|
|
|
|
2019-01-16 17:00:00 |
The Advanced Persistent Threat files: APT10 (lien direct) |
While security companies are getting good at analyzing the tactics of nation-state threat actors, they still struggle with placing these actions in context and making solid risk assessments. So in this series, we're going to take a look at a few APT groups, and see how they fit into the larger threat landscape-starting with APT10.
Categories:
Cybercrime
Hacking
Tags: advanced persistent threatadvanced persistent threatsaerospaceAPTAPT10APTschinaChinese Ministry of State SecurityconstructionengineeringFireEyeMSSPlugXPoison Ivyscanboxsogutelecomsthreat actors
(Read more...)
|
Threat
|
APT 10
|
|
|
2019-01-02 18:15:04 |
The new landscape of pre-installed mobile malware: malicious code within (lien direct) |
We are now seeing malware authors target system apps that are required for mobile devices to function properly. By injecting malicious code within these necessary apps, threat actors have reshaped the landscape of pre-installed malware for the worse.
Categories:
Cybercrime
Mobile
Tags: adupsAndroidauto installerMobilemonitoring apppreinstalledpreinstalled malware
(Read more...)
|
Threat
Malware
|
|
|
|
2018-12-14 16:00:00 |
How threat actors are using SMB vulnerabilities (lien direct) |
SMB vulnerabilities have been so successful for criminals that they've been used in some of the most devastating ransomware and Trojan attacks of the last two years. Learn how they work and how your organization can protect against them.
Categories:
101
Business
Tags: EternalBlueEternalChampionEternalRomanceexploitsNSA toolsShadowBrokersSMB vulnerabilitiesvulnerabilities
(Read more...)
|
Threat
Ransomware
|
|
|
|
2018-11-14 15:00:03 |
TrickBot takes over as top business threat (lien direct) |
There's a newer, more sophisticated banking Trojan in town attempting to penetrate business networks and giving Emotet a run for its money. And its name is TrickBot. Learn how this threat is giving organizations a run for their money.
Categories:
101
Business
Tags: banking Trojanbanking Trojansemotetsmb vulnerabilitytrickbotTrojans
(Read more...)
|
Threat
|
|
|
|
2018-11-12 15:00:02 |
What\'s new in TrickBot? Deobfuscating elements (lien direct) |
Read more...)
|
Threat
|
|
|
|
2018-10-12 16:00:00 |
Workplace violence: the forgotten insider threat (lien direct) |
Among insider threats, workplace violence could be considered the most dangerous. And yet, the majority of organizations are not prepared. What should they do to protect their employees?
Categories:
101
Business
Tags: active shootingAlertALICECounterCriminal intentCustomer/ClientEvaluateInforminsider threatsLockdownPonemon InstituteWorkplace bullyingworkplace violenceWPV
(Read more...)
|
Threat
|
|
|
|
2018-10-09 15:00:00 |
When Endpoint Detection and Response (EDR) is not enough (lien direct) |
As cybercriminals continue to validate the reality that no security is going to stop every threat every time, companies are turning to endpoint detection and response solutions to close the gap. But is it enough to keep businesses and their data protected?
Categories:
Malwarebytes news
Product updates
Tags: business productsEDRendpoint protection and responseproductsremediation
(Read more...)
|
Threat
|
|
|
|
2018-09-26 17:13:02 |
Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT (lien direct) |
A threat actor implements a newer vulnerability exploited in Internet Explorer to serve up the Quasar RAT and diversify the portfolio of attacks.
Categories:
Exploits
Threat analysis
Tags: anti exploitCVE-2018-8174CVE-2018-8373exploitIndicators of compromiseIOCIOCspastebinpatchQuasarratremote administration toolvirustotalvulnerabilitiesvulnerability
(Read more...)
|
Threat
Vulnerability
|
|
|
|
2018-08-29 16:48:03 |
Fileless malware: getting the lowdown on this insidious threat (lien direct) |
In this series of articles, we provide an in-depth discussion of fileless malware and their related attacks. In part one, we cover a brief overview of the problems with and general features of fileless malware, laying the groundwork for technical analysis of various samples employing fileless and semi-fileless methods.
Categories:
Malware
Threat analysis
Tags: file historyfileless infectionsfileless malwarefileless malware attackskovtermagnitude EKpowelikspowershellRAMsamsamsamsam ransomwaresemi-filelessSOC teamwindows
(Read more...)
|
Threat
Malware
|
|
★★★★
|
|
2018-08-20 16:42:05 |
The enemy is us: a look at insider threats (lien direct) |
It could be the engineer in the IT department, the janitor mopping the lobby, one of the many managers two floors up, or the contractor who's been in and out the office for weeks now. Or, maybe it could be you. It could be the engineer in the IT department, the janitor mopping the lobby, one of the many managers two floors up, or the contractor who's been in and out the office for weeks now. Or, maybe it could be you. Who are the insider threats to organizations? And how can they be stopped?
Categories:
101
Business
Tags: accidental insidercert insider threat centerdr. park dietzinsider threatsintentional insidermalicious insidernegligent insidersprofessional insidertrue cost of cybercrimeunintentional insiderworkplace violence
(Read more...)
|
Threat
|
|
|
|
2018-07-10 15:00:00 |
So you\'ve been asked to start a threat intel program (lien direct) |
Read more...)
|
Threat
|
|
|