Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2019-12-12 22:33:53 |
Threat spotlight: the curious case of Ryuk ransomware (lien direct) |
From comic book death god to ransomware baddie, Ryuk ransomware remains a mainstay when organizations find themselves in a crippling malware pinch. We look at Ryuk's origins, attack methods, and how to protect against this ever-present threat.
Categories:
Threat spotlight
Tags: AESaverage ransom amountBitPaymerBitPaymer ransomwareCryptoTechDeath NoteemotetFar Eastern International BankFEIBGabriela NicolaogandcrabHermesHermes 2.1Luciano Martinspseudo-ransomwareRansom.Ryukrdpremote desktop protocolRSARussian threat actorsryukRyuk ransomwareShinigami's revenge: the long tail of the Ryuk ransomwaretribune publishingtrickbotWake-on-LANWizard SpiderWoL
(Read more...)
|
Ransomware
Malware
Threat
|
|
|
|
2019-11-14 19:51:58 |
Stealthy new Android malware poses as ad blocker, serves up ads instead (lien direct) |
Since its discovery less than a month ago, a stealthy new Android malware has already been detected on over 500 devices, and it's on the rise. Learn how this clever threat pretends to be an ad blocker and then hides itself on mobile devices, all while serving up tons of ads.
Categories:
Android
Tags: ads blockerAndroidandroid malwareandroid trojanAndroid/Trojan.FakeAdsBlockAnti-Malwarefake ad blockerFakeAdsBlockmobile malwarestealth mobile malwaretrojanTrojans
(Read more...)
|
Malware
Threat
|
|
|
|
2019-09-11 19:29:03 |
Vital infrastructure: emergency services (lien direct) |
We all depend on emergency services to come to the rescue in case of serious problems. How does malware hinder them?
Categories:
Vital infrastructure
Tags: ambulanceemergencyfire departmentinfrastructurepoliceservicesvital
(Read more...)
|
Malware
|
|
|
|
2019-08-30 17:40:02 |
Unprecedented new iPhone malware discovered (lien direct) |
Google announced late last night that hacked websites have been used to drop iPhone malware on unsuspecting users over a two-year period. Thomas Reed investigates.
Categories:
Mac
Tags: AppleiOSios infectionios malwareiPhoneiphone malwaremacmalware infectiontridentzero dayzero-day vulnerability
(Read more...)
|
Malware
|
|
|
|
2019-08-02 15:00:00 |
Everything you need to know about ATM attacks and fraud: part 2 (lien direct) |
In part two of this two-part series on ATM attacks and fraud, we outline the final two ATM attack types-logical and social engineering-and provide info on how they are conducted, the different malware families used in these attacks, and how to protect against them.
Categories:
101
Tags: ALICEanunakassistance fraudatm attacksatm cash-out attacksatm fraudatm malwarebarnaby jackblack box attacksblog seriesc0decalccarbanakcutlet makerdaniel regaladodefrauding the elderlydistraction fraudeavesdroppingextensions for financial servicesgreendispenserjackpottinglogical attacksmalware-based attackpadpinploutussdeletesecure deleteshoulder surfingsocial engineering attacksstimulatorsucefultyupkinxfs middleware
(Read more...)
|
Malware
|
|
|
|
2019-07-08 15:08:03 |
A week in security (July 1 – 7) (lien direct) |
A roundup of cybersecurity news from July 1-7, including stalkerware, Bitcoin generators, app permissions, Chinese spyware, some giant leaks, and a new malware attack method.
Categories:
A week in security
Tags: bitcoinbitcoin generatorscash generatorschinaEquifaxgermanygodluaironpythonopenpgppermissionsryuksmart homestalkerware
(Read more...)
|
Malware
|
Equifax
|
|
|
2019-07-01 17:02:05 |
A week in security (June 24 – 30) (lien direct) |
A roundup of cybersecurity news from June 24–30, including top malicious web campaigns, updates on the GreenFlash Sundown exploit, a Malwarebytes initiative to double down on stalkerware detection and awareness, and more.
Categories:
A week in security
Tags: atm attacksatm fraudatm malware strainsATM scamAzurecryptocurrency scamsfacial recognitionfake jquerygreenflasInternet of ThingsIoTJavaScriptMassachusettesMicrosoft AzurescarewareSlackSlack outageSomervillespywarestalkerwareYandex
(Read more...)
|
Malware
|
|
|
|
2019-06-27 16:14:03 |
Fake jquery campaign leads to malvertising and ad fraud schemes (lien direct) |
We look for answers in a long-running and yet mysterious malware campaign that has compromised thousands of websites to date.
Categories:
Threat analysis
Tags: ad fraudAndroidAPKfake jquerymalvertisingtraffic
(Read more...)
|
Malware
Guideline
|
|
|
|
2019-06-20 15:33:03 |
New Mac cryptominer Malwarebytes detects as Bird Miner runs by emulating Linux (lien direct) |
A new Mac cryptominer we call Bird Miner was found on pirated music production software that interestingly runs via Linux. Learn how this unique malware attempts, and ultimately fails, at stealth techniques.
Categories:
Mac
Tags: Bird Minercryptominercryptominersmacmac malwaremacOSmalwareMalwarebytes for Mac
(Read more...)
|
Malware
|
|
|
|
2019-06-12 16:03:02 |
MegaCortex continues trend of targeted ransomware attacks (lien direct) |
In this threat spotlight, we feature MegaCortex, another custom ransomware designed for targeted attacks on enterprises. Will this Matrix-inspired malware strike again?
Categories:
Threat spotlight
Tags: aes128ctrbusiness securitymegacortexransomransom.megacortexransomwareransomware attacktargeted ransomware
(Read more...)
|
Ransomware
Malware
Threat
|
|
|
|
2019-05-29 15:00:00 |
Everything you need to know about ATM attacks and fraud: Part 1 (lien direct) |
If you're familiar with skimming, you may have also heard of shimming, card trapping, and cash trapping. These are attacks and scams targeted at ATMs. Part 1 of our series explores various ATM attack scenarios and explains what users should look out for when using an ATM.
Categories:
101
How-tos
Tags: atmatm attacksatm card trappingatm cash trappingatm fraudatm industry associationatm malware strainsatm physical attackatm safety guidelinesATM scamatm security 101atm security working groupatm shimmingatm skimmingatmiaatmswgautomated teller machineeastenisaeuropean association for secured transactionsexplosivesglue trappolice service of northern irelandpsnoram raidingtaiwan heistterminal tamperingvulnerable atm
(Read more...)
|
Malware
|
|
|
|
2019-05-10 15:00:00 |
Vital infrastructure: Threats target financial institutions, fintech, and cryptocurrencies (lien direct) |
Losing trust in financial institutions can have a disrupting effect on society. And malware authors love to target these direct sources of money. How can we protect them?
Categories:
Business
Security world
Tags: APTsbanking appsbanking Trojansbanksbitcoincryptocurrenciescryptocurrencycryptowalletsemotetexploit kitsfinancial institutionsfinancialsfintechinformation stealersinfrastructuremalwarevital
(Read more...)
|
Malware
|
|
|
|
2019-04-30 15:00:00 |
Sophisticated threats plague ailing healthcare industry (lien direct) |
Black hat hackers are after patient healthcare data, and such breaches will only intensify. Which forms of malware are behind the attacks? We take a look at the advanced threats targeting a sector struggling to keep up.
Categories:
Cybercrime
Malware
Tags: 2019 data security incident response reportdecatur county general hospital breachEternalBluefiless malwarehealthcarehealthcare cybersecurityhealthcare malwarehealthcare securityHIPAARansom.WannaCryptransomwareriskwareriskware.mictrayriskware.tool.hckrootkit.fileless.mtgenspywarespyware.agentspyware.emotetspyware.trickbottrickbottrojan.bitcoinminertrojan.emotettrojan.fakemsTrojan.TrickBotTrojansWannaCryworm.pariteworm.qakbotworms
(Read more...)
|
Malware
|
Wannacry
|
|
|
2019-04-29 17:00:00 |
Electrum DDoS botnet reaches 152,000 infected hosts (lien direct) |
We've identified a new piece of malware that is connected to the Electrum botnet.
Categories:
Cybercrime
Tags: botnetElectrumElectrumDoSMinerTrojan.BeamWinHTTP
(Read more...)
|
Malware
|
|
|
|
2019-04-22 15:47:02 |
(Déjà vu) A week in security (April 15 – 21) (lien direct) |
A roundup of security news from April 15–21, including an explanation of like-farming, Ellen DeGeneres scam, flaws in VPN services, funky malware formats found in Ocean Lotus, and more.
Categories:
Security world
Week in security
Tags: a week in securitycyber resilienceEllen DeGeneresfake Airbnb sitesFlame 2.0IE vulnerabilitylike-farmingnotre dame disinformationVPN flawweek in security
(Read more...)
|
Malware
|
APT 32
|
|
|
2019-04-19 18:37:05 |
Funky malware format found in Ocean Lotus sample (lien direct) |
Recently, one of our researchers presented at the SAS conference on "Funky malware formats"-atypical executable formats used by malware that are only loaded by proprietary loaders. In this post, we analyze one of those formats in a sample called Ocean Lotus from the APT 32 threat group in Vietnam.
Categories:
Malware
Threat analysis
Tags: APT 32atypical malware formatsBLOBCABcustom formatmalware formatocean lotusVietnam
(Read more...)
|
Malware
Threat
|
APT 32
|
|
|
2019-04-17 16:04:02 |
Malware targeting industrial plants: a threat to physical security (lien direct) |
When malware shuts down the computer systems of an industrial plant, it could threaten the physical security of those working in or living near it. Here's how to protect your workforce and your business from targeted threats.
Categories:
101
Business
Tags: controllerslockergogamanufacturingphysical securityproductionransomware
(Read more...)
|
Malware
Threat
|
|
|
|
2019-03-14 15:00:00 |
Emotet revisited: pervasive threat still a danger to businesses (lien direct) |
Emotet is often mentioned as one of the most annoying, effective, and costly present-day malware infections. We discuss the reasons why and the proper way to remove it.
Categories:
Cybercrime
Malware
Tags: banking TrojanbotnetemotetEternalBlueinformation stealerRyuk ransomwareSMB vulnerabilitiestrickbottrojan
(Read more...)
|
Malware
Threat
|
|
|
|
2019-02-26 16:00:00 |
New Golang brute forcer discovered amid rise in e-commerce attacks (lien direct) |
E-commerce sites are a hot commodity these days. We dig into how compromised PCs are helping to hack into them to inject skimmers, whether via vulnerabilities in the websites themselves or through a new malware we discovered gaining entry via brute force.
Categories:
Threat analysis
Tags: BotbotnetbruteforceGolanggoogletagmanagerMagecartmagentoskimmer
(Read more...)
|
Malware
Hack
|
|
|
|
2019-02-08 19:09:03 |
Compromising vital infrastructure: communication (lien direct) |
In the series about vital infrastructure we look at communication. How vital is it? How is malware a threat and even how does malware show us the way to secure communication?
Categories:
Business
Security world
Tags: botnetsBreaking the internetcommunicationDDos attackDomain Generating Algorithmsencryptionhordesinfrastructureinternet backboneMisinformation and fake newsmobile telephone networksMyanmarredundancyvital
(Read more...)
|
Malware
Threat
|
|
|
|
2019-02-04 17:00:04 |
A week in security (January 28 – February 3) (lien direct) |
A roundup of security news from January 28 – February 3, including disputes between Facebook and Apple, dubious malware hosting, privacy threats to mobile users, and more.
Categories:
Security world
Week in security
Tags: facebookhostingmalwarephishingsocial mediaweek in securityweekly round up
(Read more...)
|
Malware
|
|
|
|
2019-01-30 17:00:00 |
Analyzing a new stealer written in Golang (lien direct) |
We captured a new information-stealing malware written in Golang (Go). Read up on our analysis of its functionality, as well as the tools researchers can use to unpack malware written in this relatively new programming language.
Categories:
Malware
Threat analysis
Tags: GoGolangIDAGolangHelpermalware analysisnew malwareprogrammingprogramming languagesthreat analysis
(Read more...)
|
Malware
|
|
|
|
2019-01-29 16:00:00 |
Interview with a malware hunter: Jérôme Segura (lien direct) |
In our series called "Interview with a malware hunter," we turn to Jerome Segura, Head of Threat Intelligence at Malwarebytes. In this Q&A session, we'll take you behind the scenes to get to know one of our malware intelligence crew.
Categories:
101
FYI
Tags: cybersecurity researcherexploit kitsJerome Seguramalware hunterresearchersecurity reseracher
(Read more...)
|
Malware
Threat
|
|
|
|
2019-01-28 18:00:01 |
A week in security (January 21 – 27) (lien direct) |
A roundup of last week's security news from January 21 to 27, including Modlishka, Crytekk, PUPs, and the State of Malware report.
Categories:
Security world
Week in security
Tags: 2019 State of Malware report2faALPRandroid malwareanprArs TechnicaBleeping Computercrytekkcrytekk ransomwareDark ReadingfortnightgdprGoDaddyHelp Net SecurityKrebsOnSecuritymitsubishimodlishkaphishingrecapSecurity WeekTechCrunchThe Wall Street Journalvishingvoicemail phishingvulnerabilityweek in securityweekly blog roundupyoutube
(Read more...)
|
Malware
|
|
|
|
2019-01-23 08:01:03 |
2019 State of Malware report: Trojans and cryptominers dominate threat landscape (lien direct) |
The 2019 State of Malware report is here. Learn what Malwarebytes Labs researchers discovered about the top global threats for businesses and consumers in 2018, and predictions for 2019.
Categories:
CTNT report
Malwarebytes news
Tags: 2019 State of Malware reportAIbyoscryptominersemotetinformation stealersIoTlabs reportransomwarestate of malware reporttrickbotTrojans
(Read more...)
|
Malware
Threat
|
|
|
|
2019-01-02 18:15:04 |
The new landscape of pre-installed mobile malware: malicious code within (lien direct) |
We are now seeing malware authors target system apps that are required for mobile devices to function properly. By injecting malicious code within these necessary apps, threat actors have reshaped the landscape of pre-installed malware for the worse.
Categories:
Cybercrime
Mobile
Tags: adupsAndroidauto installerMobilemonitoring apppreinstalledpreinstalled malware
(Read more...)
|
Malware
Threat
|
|
|
|
2018-12-11 16:00:00 |
Flurry of new Mac malware drops in December (lien direct) |
Multiple new pieces of Mac malware have appeared in December, all distributed through different means, but all opening backdoors on infected computers.
Categories:
Mac
Threat analysis
Tags: backdoorsmac malwaremacrosmicrosoft wordSocial Engineeringword
(Read more...)
|
Malware
|
|
|
|
2018-12-07 16:57:03 |
Mac malware combines EmPyre backdoor and XMRig miner (lien direct) |
New Mac malware is using the EmPyre backdoor and the XMRig cryptominer to drain processor power-and possibly worse.
Categories:
Mac
Threat analysis
Tags: backdoorcryptominersmacmac malwarepirated softwareXMRig
(Read more...)
|
Malware
|
|
|
|
2018-10-24 15:00:04 |
Mac malware intercepts encrypted web traffic for ad injection (lien direct) |
New Mac malware has been found that intercepts encrypted traffic for the purpose of injecting ads into web pages. But could this adware be used for more devious purposes in the future?
Categories:
Mac
Threat analysis
Tags: adwaremacMac adwaremacOSmalwaremitm
(Read more...)
|
Malware
|
|
|
|
2018-10-05 15:00:00 |
Fileless malware: part deux (lien direct) |
In part two of this series on fileless malware, our malware analyst walks readers through two demonstrations of fileless malware attacks and shows the problems with detecting them using static signatures.
Categories:
Malwarebytes news
Tags: dynamic detectionfileless malwarefileless ransomwaremalware analystsecurity researchersignaturesstatic detection
(Read more...)
|
Malware
|
|
|
|
2018-10-02 14:00:00 |
Fortnite gamers targeted by data theft malware (lien direct) |
If you've ever been tempted to cheat at Fortnite, think again-with the release of season six of the popular video game, we found a data theft malware masquerading as a cheat tool, ready to steal your browser sessions, cookies, and even your Bitcoin.
Categories:
Cybercrime
Malware
Tags: .EXEbitcoinbt-fortnite-cheats(dot)tkfortnitefortnite malwarefree V-BucksgamesgamingratstealersteamSub2UnlockTrojan.Malpackvideo gameswallet
(Read more...)
|
Malware
|
|
★★★★
|
|
2018-09-05 15:00:00 |
When spyware goes mainstream (lien direct) |
Considering using spyware to surveil a cheating partner or keep an eye on the kiddos? Think again. Not only is it an invasion of privacy, but it's illegal. Learn the telltale signs of spyware and why this suddenly mainstream malware needs to go back underground.
Categories:
101
Cybercrime
FYI
Malware
Tags: android spyingAndroid spywarecfaacomputer fraud and abuse adctconsumer spywarecydia appfind my friendsinternet spy prevention actios spyingmspyspywarestalkerwarestealwaresurveillancewarethe i-spy acttrusted contacts
(Read more...)
|
Malware
|
|
|
|
2018-08-30 15:41:03 |
Reversing malware in a custom format: Hidden Bee elements (lien direct) |
When we recently analyzed payloads related to Hidden Bee (dropped by the Underminer EK), we noticed something unusual. After reversing the malware, we discovered that its authors actually created their own executable format. Follow our step-by-step analysis for a closer look.
Categories:
Malware
Threat analysis
Tags: custom malwarehidden beehidden bee minerpayloadreverse engineeringreversing malware
(Read more...)
|
Malware
|
|
|
|
2018-08-29 16:48:03 |
Fileless malware: getting the lowdown on this insidious threat (lien direct) |
In this series of articles, we provide an in-depth discussion of fileless malware and their related attacks. In part one, we cover a brief overview of the problems with and general features of fileless malware, laying the groundwork for technical analysis of various samples employing fileless and semi-fileless methods.
Categories:
Malware
Threat analysis
Tags: file historyfileless infectionsfileless malwarefileless malware attackskovtermagnitude EKpowelikspowershellRAMsamsamsamsam ransomwaresemi-filelessSOC teamwindows
(Read more...)
|
Malware
Threat
|
|
★★★★
|
|
2018-08-09 18:52:05 |
Osiris dropper found using process doppelgänging (lien direct) |
Process doppleganging, a rare technique of impersonating a process, was discovered last year, but hasn't been seen much in the wild since. It was an interesting surprise, then, to discover its use in a dropper of the Osiris banking Trojan. We unpack the code to show how malware authors used this process.
Categories:
Malwarebytes news
Tags: dropperkronososirisOsiris dropperprocess dopplegangingtrojan
(Read more...)
|
Malware
|
|
|
|
2018-07-30 15:57:01 |
A week in security (July 23 – July 29) (lien direct) |
A round up of the security news from July 23 – July 29, including the introduction of Malwarebytes Browser Extensions, and new malware HiddenBee, Proton, and MobiDash.
Categories:
Security world
Week in security
Tags: Android Phidden beeMalwarebytes Browser ExtensionsmobidashprotonTrojansweek in security
(Read more...)
|
Malware
|
|
|
|
2018-07-24 15:00:00 |
New strain of Mac malware Proton found after two years (lien direct) |
A new variant of the Mac malware Proton, which was rampant on macOS last year, has been found dating back to at least two years ago. Learn how this could still affect your Mac today.
Categories:
Mac
Threat analysis
Tags: AppleCalistomacProton malware
(Read more...)
|
Malware
|
|
|
|
2018-07-09 17:00:00 |
A week in security (July 2 – July 8) (lien direct) |
A roundup of the security news from July 2 - July 8, including a macro-less infection tecnique, online project management tools and crypto-mining malware campaigns.
Categories:
Security world
Week in security
Tags: crypto miningmacro-lessproject managementroundupweek in security
(Read more...)
|
Malware
|
|
|
|
2018-07-02 21:12:04 |
New macro-less technique to distribute malware (lien direct) |
The latest macro-less technique to distribute malware via Office documents does not involve exploits. Just a little bit of social engineering.
Categories:
Threat analysis
Tags: deeplinkmacro-lessmalwareOfficesettingcontent-ms
(Read more...)
|
Malware
|
|
|
|
2018-07-02 18:36:01 |
Mac malware targets cryptomining users (lien direct) |
A new Mac malware called OSX.Dummy is being distributed on cryptomining chat groups that, even after being removed, leaves behind remnants for future malware to find.
Categories:
Malwarebytes news
Tags: cryptominingcryptomining forumsmac malwareMalwarebytes for MacOSX.Dummy
(Read more...)
|
Malware
|
|
|
|
2018-06-27 18:29:04 |
World Cup 2018: malware attacks gunning for goal (lien direct) |
The World Cup is in full swing, and attackers are busy both on and off the pitch. Which of the competing nations are under fire from malware authors? Who is sailing through qualifying rounds mostly untouched? What are the most popular threats in the midst of the biggest footballing nations? Read on to find out.
Categories:
Cybercrime
Malware
Tags: cyberfootballhackingmalwarerussiaworld cup
(Read more...)
|
Malware
|
|
|