Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-10-27 18:45:00 |
What is ransomware-as-a-service and how is it evolving? (lien direct) |
>Categories: BusinessDiving into how RaaS works, why it poses a unique threat to businesses, and how small-and-medium-sized (SMBs) businesses can prepare for the next generation of RaaS attacks.
(Read more...)
|
Threat
|
|
|
|
2022-10-27 17:15:00 |
Medibank customers\' personal data compromised by cyber attack (lien direct) |
>Categories: NewsTags: Medibank
Tags: data breach
Australian health care insurance company Medibank confirmed that the threat actor behind the cyberattack on the company had access to the data of at least 4 million customers
(Read more...)
|
Threat
|
|
|
|
2022-10-26 23:45:00 |
US agencies issue warning about DAIXIN Team ransomware (lien direct) |
>Categories: NewsCategories: RansomwareTags: DAIXIN
Tags: FBI
Tags: CISA
Tags: HHS
Tags: ransomware team
Tags: DAIXIN Team
Tags: ransomware
The FBI, CISA, and HSH have issued a joint advisory about a new threat to healthcare organizations
(Read more...)
|
Threat
Ransomware
|
|
★★
|
|
2022-10-25 04:00:00 |
An interview with cyber threat hunter Hiep Hinh (lien direct) |
>Categories: BusinessHiep Hinh is a Principal MDR Analyst at Malwarebytes, where he supports 24/7/365 Managed Detection and Response (MDR) efforts. In this post, we talk to Hiep about what he's learned about threat hunting over his 16+ year career.
(Read more...)
|
Threat
|
|
|
|
2022-10-18 14:00:00 |
Warning: "FaceStealer" iOS and Android apps steal your Facebook login (lien direct) |
>Categories: AwarenessCategories: NewsTags: FaceStealer
Tags: Facebook stealer
Tags: Facebook
Tags: Nathan Collier
Tags: Meta
Tags: fake Android apps
Tags: fake iOS apps
FaceStealer is back. As a seasoned threat to legitimate app stores, expect it to be gone and then back again.
(Read more...)
|
Threat
|
|
|
|
2022-10-13 16:15:00 |
Chinese APT\'s favorite vulnerabilities revealed (lien direct) |
>Categories: Exploits and vulnerabilitiesCategories: NewsTags: Chinese APT
Tags: advanced persistent threat
Tags: APT
Tags: CISA
Tags: NSA
Tags: FBI
Tags: security advisory
CISA, the NSA and the FBI have compiled a list of the vulnerabilities targeted by state-sponsorted threat actors from China.
(Read more...)
|
Threat
|
|
|
|
2022-09-29 17:00:00 |
Local government cybersecurity: 5 best practices (lien direct) |
>Categories: BusinessWith a few best practices, local governments can improve their cybersecurity posture and make it less likely that threat actors attack their systems. We'll break down five best practices for local government cybersecurity in this post.
(Read more...)
|
Threat
|
|
|
|
2022-09-15 10:00:00 |
Cyber threat hunting for SMBs: How MDR can help (lien direct) |
>Categories: BusinessThreat hunting can weed out malware before anything bad like a data breach can happen, but cyber threat hunting is more difficult for SMBs to do than it is for large organizations due to resource constraints. That's where Managed Detection and Response (MDR) can help.
(Read more...)
|
Threat
Data Breach
Malware
|
|
|
|
2022-09-07 12:00:00 |
Warning issued about Vice Society ransomware targeting the education sector (lien direct) |
>Categories: NewsCategories: RansomwareTags: FBI
Tags: CISA
Tags: StopRansomware
Tags: Vice Society
Tags: HelloKitty
Tags: SonicWall
Tags: PrintNightmare
Tags: LAUSD
The FBI, CISA, and the MS-ISAC have released a joint Cybersecurity Advisory after observing Vice Society threat actors disproportionately targeting the education sector with ransomware attacks.
(Read more...)
|
Threat
Ransomware
|
|
|
|
2022-08-03 21:25:52 |
Woody RAT: A new feature-rich malware spotted in the wild (lien direct) |
>The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities.
|
Threat
Malware
|
|
|
|
2022-07-14 16:09:41 |
Elden Ring maker Bandai Namco hit by ransomware and data leaks (lien direct) |
>We take a look at a major ransomware attack impacting video game giant Bandai Namco, laced with the potential threat of data leakage.
|
Threat
Ransomware
|
|
|
|
2022-07-13 21:16:17 |
Ransomware rolled through business defenses in Q2 2022 (lien direct) |
>2022 is shaping up to be another banner year for ransomware, which continued to dominate the threat landscape in Q2.
|
Threat
|
|
|
|
2022-07-13 16:17:09 |
Cobalt Strikes again: UAC-0056 continues to target Ukraine in its latest campaign (lien direct) |
>While the war in Ukraine still rages, various threat actors continue to launch cyber attacks against its government entities. In this blog we review the latest campaign from the UAC-0056 threat group.
|
Threat
|
|
|
|
2022-07-01 21:40:25 |
Ransomware review: June 2022 (lien direct) |
>LockBit remained the most active threat in June, and “the costliest strain of ransomware ever documented” went dark while others surged.
|
Threat
Ransomware
|
|
|
|
2022-06-14 16:00:29 |
Karakurt extortion group: Threat profile (lien direct) |
>An obscure group called Karakurt has extorted organizations in the US and elsewhere. Know how to keep it away from your network.
|
Threat
|
|
|
|
2022-06-09 17:30:25 |
Cloud data breaches: 4 biggest threats to cloud storage security (lien direct) |
>Here are four big threats to cloud storage security that SMBs should be ready to address to help prevent cloud data breaches.
|
Threat
|
|
|
|
2022-06-09 14:18:13 |
ASyncRat surpasses Dridex, TrickBot and Emotet to become dominant email threat (lien direct) |
A review of what's changed in malware in 2022, and what hasn't, based on Adam Kujawa's talk at RSAC 2022.
|
Threat
Malware
|
|
|
|
2022-06-02 18:27:55 |
Introducing EDR for Linux: Remediating and isolating threats on Linux servers (lien direct) |
Our new EDR for Linux offering extends our advanced protection and response capabilities to Linux devices via Nebula and OneView.
|
Threat
|
|
|
|
2022-06-02 17:30:09 |
Introducing Malwarebytes DNS Filtering module: How to block sites and create policy rules (lien direct) |
Malwarebytes DNS Filtering is a new module that helps block access to malicious websites and limit threats introduced by suspicious content.
|
Threat
|
|
|
|
2022-05-19 12:42:13 |
VMWare vulnerabilities are actively being exploited, CISA warns (lien direct) |
>CISA has issued severe warnings about disclosed vulnerabilities in VMWare products that are actively being exploited, probably by APT threat actors.
|
Threat
|
|
|
|
2022-05-16 10:00:00 |
Custom PowerShell RAT targets Germans seeking information about the Ukraine crisis (lien direct) |
Malwarebytes Threat Intelligence has uncovered an attack using the lure of information about the war in Ukraine to target people in Germany.
|
Threat
|
|
|
|
2022-05-12 13:22:00 |
Cyberattacks on SATCOM networks attributed to Russian threat actors (lien direct) |
>CISA and the FBI are sharing information about the US attribution of cyberattacks on SATCOM networks that targeted Ukraine but spilled over into other European countries.
|
Threat
|
|
★★★★
|
|
2022-05-12 12:51:25 |
F5 BIG-IP vulnerability is now being used to disable servers (lien direct) |
>At least one group of threat actors is using the recently patched vulnerability in F5 BIG-IP to wipe the file system of vulnerable devices.
|
Threat
Vulnerability
|
|
|
|
2021-01-06 15:14:45 |
Retrohunting APT37: North Korean APT used VBA self decode technique to inject RokRat (lien direct) |
A North Korean threat group has swapped the usual Hangul Office lures for a cleverly packed Office macro.
Categories: Social engineeringThreat analysis
Tags: APT37HangulkoreaOfficerokratVBA
(Read more...)
|
Threat
Cloud
|
APT 37
|
|
|
2020-12-15 13:58:58 |
Threat profile: Egregor ransomware is making a name for itself (lien direct) |
The Egregror ransomware is quickly making a name for itself by victimizing big corporations. How does it work and what is its background?
Categories: RansomwareThreat spotlight
Tags: cobalt strikeegregorexfiltrated dataQakbotraassekhmet
(Read more...)
|
Threat
Ransomware
|
|
|
|
2020-10-28 15:00:00 |
Fake COVID-19 survey hides ransomware in Canadian university attack (lien direct) |
Universities are a hot target for malware right now. In this latest attack, a threat actor was targeting the University of British Columbia with the goal of distributing ransomware.
Categories:
Cybercrime
Social engineering
Tags: phishphishingransomwareUBCuniversityvaggen
(Read more...)
|
Threat
Ransomware
Malware
|
|
|
|
2020-10-05 20:49:31 |
Mobile network operator falls into the hands of Fullz House criminal group (lien direct) |
The Fullz House threat group has struck again, this time inserting a credit card skimmer into a mobile phone operator and seller.
Categories:
Malwarebytes news
Tags: credit cardfullz houseMagecartskimmer
(Read more...)
|
Threat
|
|
|
|
2020-07-16 17:53:42 |
Coordinated Twitter attack rakes in 100 grand (lien direct) |
In a social engineering attack on Twitter, threat actors managed to scam $100,000 dollars in Bitcoin by taking over high-profile accounts.
Categories:
Social engineering
Tags: 2fabitcoinSocial Engineeringtweetstwitterverified accounts
(Read more...)
|
Threat
|
|
|
|
2020-07-10 18:10:37 |
Threat spotlight: WastedLocker, customized ransomware (lien direct) |
WastedLocker ransomware, attributed to the Russian Evil Corp gang, is such a targeted threat, you might call it a custom-built ransomware family.
Categories:
Threat spotlight
Tags: evil corpRansom.BinADSransomwarewastedwastedlocker
(Read more...)
|
Threat
Ransomware
|
|
|
|
2020-05-29 15:00:00 |
Maze: the ransomware that introduced an extra twist (lien direct) |
Maze ransomware attacks featured the first group of cyber-criminals to add the threat of publishing exfiltrated data to the ransomware business model
Categories:
Threat spotlight
Tags: dataFalloutMazepulseransomwareSpelevovpn
(Read more...)
|
Threat
Ransomware
|
|
|
|
2020-05-21 15:00:00 |
Shining a light on “Silent Night” Zloader/Zbot (lien direct) |
The latest Malwarebytes Threat Intel report focuses on Silent Night, a new banking Trojan recently tracked as Zloader/Zbot.
Categories:
Malware
Threat analysis
Tags: banking Trojanbanking TrojansHYASsilent nightterdotzbotZeusZloader
(Read more...)
|
Threat
|
|
|
|
2020-04-28 17:08:32 |
Threat actors release Troldesh decryption keys (lien direct) |
On GitHub a user called shade-team released hundreds of thousands of Troldesh decryption keys. Can victims of the ransomware safely use them to decrypt their files?
Categories:
Ransomware
Tags: decryption keysno more ransomshade-teamTroldesh
(Read more...)
|
Threat
Ransomware
|
|
|
|
2020-04-08 16:00:32 |
Online credit card skimming increased by 26 percent in March (lien direct) |
Criminals are known to take advantage of events that capture people’s attention. This is true for any kind of attack that relies on social engineering, such as the phishing emails exploiting the Covid-19 pandemic. Certain events such as the current crisis not only get the attention of threat actors but they also lead to changes...
Categories:
Cybercrime
Tags: coronaviruscoviMagecartshoppingskimmersskimming
(Read more...)
|
Threat
Guideline
|
|
|
|
2020-03-25 15:00:00 |
Criminals hack Tupperware website with credit card skimmer (lien direct) |
This latest hack from Magecart threat actors was well planned and executed.
Categories:
Hacking
Tags: credit cardMagecartskimmerskimmingsteganographytupperware
(Read more...)
|
Threat
Hack
|
|
|
|
2020-03-16 15:00:00 |
APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT (lien direct) |
We look at a spear phishing attack from APT36, an Advanced Persistent Threat group posing as the government of India and offering guidance on coronavirus. Instead, users are infected with a Crimson RAT that steals data.
Categories:
Threat analysis
Tags: APTAPT36coronaviruscoronavirus malwarecovid-19credential stealercrimson ratexploitexploitsinfo-stealermacromalicious macromalwarenation-state attackratremote administration toolSocial Engineeringspear phishingspear phishing attacktransparent tribe
(Read more...)
|
Threat
|
APT 36
|
|
|
2020-02-20 18:09:03 |
Threat spotlight: RobbinHood ransomware takes the driver\'s seat (lien direct) |
RobbinHood a is a ransomware family that specifically targets organizations using a vulnerable kernel driver to prepare systems for encryption. Learn how to protect against it.
Categories:
Threat spotlight
Tags: .enc_robbinhoodAnti-RansomwarebaltimorebitcoingreenvilleMalwarebytesransomransom noteransomwareransomware rollbackrobbinhoodrobbinhood ransomwarerollback
( |
Threat
Ransomware
|
|
|
|
2020-01-29 18:50:01 |
Spear phishing 101: what you need to know (lien direct) |
We look at the threat of spear phishing, why it's such a problem, and what organizations can do to lessen the chance of a successful attack.
Categories:
Social engineering
Tags: 101businessmalspamorganisationorganizationorganizationsphishphishingscamsmishingSocial Engineeringspamspear phishspear phishingwhaling
(Read more...)
|
Threat
|
|
|
|
2020-01-28 16:00:00 |
Explained: the strengths and weaknesses of the Zero Trust model (lien direct) |
Zero Trust is an information security framework that insists its users "never trust, always verify." Is this the best security model for organizations today? We examine its strengths and weaknesses.
Categories:
Explained
Tags: byodcloudframeworkidentity managementinsider threatsIoTlateral threat movementmfaperimeterrdpsecuritysecurity orchestrationstrategyzero trustzero trust modelzero trust security model
(Read more...)
|
Threat
|
|
|
|
2020-01-10 18:04:44 |
Threat spotlight: Phobos ransomware lives up to its name (lien direct) |
Phobos, which many believe was named after the Greek god of fear, isn't as widespread as it was before nor is it more novel than your average ransomware. Yet, it remains a threat to consumers and businesses alike. We dive into Phobos ransomware and show users how to face their fears and protect against it.
Categories:
Threat spotlight
Tags: brute forcecovewarecrysiscrysis ransomwaredharmaDharma ransomwaredisorganised crimemfaMulti-Factor AuthorizationPhobosPhobos NextGenPhobos NotDharmaPhobos ransomwareraasransomwareRansomware as a Servicerdpremote desktop protocolServer Message BlockSMBSodinokibivirtual private networksvpn
(Read more...)
|
Threat
Ransomware
|
|
|
|
2019-12-18 16:00:00 |
Spelevo exploit kit debuts new social engineering trick (lien direct) |
In order to maximize infection rate, threat actors are now launching the Spelevo exploit kit with a decoy adult site, social engineering users into downloading a malicious video player.
Categories:
Threat analysis
Tags: EKexploit kitGozimalvertisingQakbotQbotSocial EngineeringSpelevoUrsnif
(Read more...)
|
Threat
|
|
|
|
2019-12-16 18:40:06 |
Mac threat detections on the rise in 2019 (lien direct) |
For the first time ever, Mac threats broke into Malwarebytes' top five overall detections of 2019. Take a look at this and other telemetry that shows Mac malware is certainly on the rise.
Categories:
Mac
Tags: browser extensionsMac adwaremac malwaremac telemetrymac threat detectionsmac threatsnewtabpotentially unwanted programsPUPssafari
(Read more...)
|
Threat
Malware
|
|
|
|
2019-12-12 22:33:53 |
Threat spotlight: the curious case of Ryuk ransomware (lien direct) |
From comic book death god to ransomware baddie, Ryuk ransomware remains a mainstay when organizations find themselves in a crippling malware pinch. We look at Ryuk's origins, attack methods, and how to protect against this ever-present threat.
Categories:
Threat spotlight
Tags: AESaverage ransom amountBitPaymerBitPaymer ransomwareCryptoTechDeath NoteemotetFar Eastern International BankFEIBGabriela NicolaogandcrabHermesHermes 2.1Luciano Martinspseudo-ransomwareRansom.Ryukrdpremote desktop protocolRSARussian threat actorsryukRyuk ransomwareShinigami's revenge: the long tail of the Ryuk ransomwaretribune publishingtrickbotWake-on-LANWizard SpiderWoL
(Read more...)
|
Threat
Ransomware
Malware
|
|
|
|
2019-12-05 16:00:00 |
Report: Organizations remain vulnerable to increasing insider threats (lien direct) |
The risk and challenges insider threats pose to organizations are ever present, even before tech as we know it existed. The age of digitization only made it higher and far-reaching. How has insider threats evolved over time? Where are we now in terms of mitigating insider threat risk? Are businesses really doing something about it? We answer such questions-and more-in this post.
Categories:
Awareness
Tags: Carnegie Mellon Universitycert insider threat centerCybersecurity InsidersDefense Counterintelligence and Security AgencyDepartment of Homeland SecurityespionagefraudGuruculinsider threatsmalicious insidermitigate insider threatsNational Counterintelligence and Security Centernational insider threat awareness monthNational Insider Threat Task ForceNCSCNITTFOffice of the Under Secretary of DefensePaige A. Thompsonscope of insider threatSEISoftware Engineering Institutetypes of insidersWilliam Evaninaworkplace violence
(Read more...)
|
Threat
|
|
|
|
2019-11-26 17:09:34 |
Sextortion scammers getting creative (lien direct) |
We’ve covered sextortion before, focusing in on how the core of the threat is an exercise in trust. The threat actor behind the campaign will use whatever information available on the target that causes them to trust that the threat actor does indeed have incriminating information on them. (They don’t.) But as public awareness of...
Categories:
Cybercrime
Social engineering
Tags: bitcoinscamsextortion scamsspam
(Read more...)
|
Threat
|
|
|
|
2019-11-14 19:51:58 |
Stealthy new Android malware poses as ad blocker, serves up ads instead (lien direct) |
Since its discovery less than a month ago, a stealthy new Android malware has already been detected on over 500 devices, and it's on the rise. Learn how this clever threat pretends to be an ad blocker and then hides itself on mobile devices, all while serving up tons of ads.
Categories:
Android
Tags: ads blockerAndroidandroid malwareandroid trojanAndroid/Trojan.FakeAdsBlockAnti-Malwarefake ad blockerFakeAdsBlockmobile malwarestealth mobile malwaretrojanTrojans
(Read more...)
|
Threat
Malware
|
|
|
|
2019-11-01 20:26:48 |
Cybersecurity for journalists: How to defeat threat actors and defend freedom of the press (lien direct) |
When it comes to cybersecurity, journalists need to protect themselves, their sources, and the freedom of the press. Which methods should they use?
Categories:
How-tos
Tags: communicationdataeavesdroppingencryptedjournalistsprivacysecuritytracking
(Read more...)
|
Threat
|
|
|
|
2019-10-25 15:37:31 |
How to protect yourself from doxing (lien direct) |
Doxing, or collecting and spreading private information about a user online, is a form of cyber harassment, stalking, and even a potential threat to physical safety. Here's what you can do to protect yourself against it.
Categories:
How-tos
Tags: doxdoxerdoxingIP addressmobile VPNsonline privacypassword managerpersonal datapersonally identifiable informationprivacySocial Engineeringsocial mediavpnVPNsWHOIS
(Read more...)
|
Threat
|
|
|
|
2019-10-23 18:43:07 |
Growing rate of robocalls threatens user privacy (lien direct) |
Robocalls aren't just a nuisance-they're a threat to personal data and privacy. And they're on the rise. Learn which new tactics scammers are using and how to protect against them.
Categories:
Privacy
Tags: Data privacydo not call registryFCCFTChigh-risk callsnuisance callsprivacyrobocallrobocall scamrobocallingrobocallsscam callsscammersTCPAuser privacy
(Read more...)
|
Threat
|
|
|
|
2019-10-21 15:45:45 |
A week in security (October 14 – 20) (lien direct) |
Cybersecurity news for October 14 – 20, including the future of the password, the lingering threat of ransomware, and new security features from Instagram.
Categories:
A week in security
Tags: amazonDark Webdomestic abusedomestic abuse survivordomestic abuse survivorsdomestic violencefacebookfacial recognitionInstagramjackpotjackpottingkindleMark Zuckerbergnational cybersecurity awareness monthNational domestic violence awareness monthOraclepasswordpasswordsphishphishingphishing scamransomwaretorTor browserUS Customs and Border Enforcementvpnvulnerabilitiesvulnerability
(Read more...)
|
Threat
|
|
|
|
2019-10-14 16:00:00 |
Europol: Ransomware remains top threat in IOCTA report (lien direct) |
The European Union Agency for Law Enforcement Cooperation, or Europol, just released its annual Internet Organized Crime Threat Assessment (IOCTA) report. We highlight their key findings and remind readers how to better protect themselves.
Categories:
Awareness
Tags: becBusiness Email Compromisechild sexual exploitationcseddoseuropolfraudinternet organized crime threat assessmentioctaphishingransomwarespear phishing
(Read more...)
|
Threat
Ransomware
|
|
|