Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2017-07-25 16:30:06 |
FBI: Smart toys could harm children\'s privacy and physical safety (lien direct) |
Read more...)
|
|
|
|
|
2017-07-25 15:00:18 |
Going dark: encryption and law enforcement (lien direct) |
There's been a lot of talk recently about encryption and how law enforcement can't convict criminals without encryption keys. We beg to differ.
Categories:
Government
Privacy
Security world
Tags: backdoorencryptiongovernmentlaw enforcementprivacy
(Read more...)
|
|
|
|
|
2017-07-24 17:17:38 |
Bye, bye Petya! Decryptor for old versions released. (lien direct) |
This post shows you how to use the special decryptor for the petya family: Petya, Msicha, and Goldeneye. Not suitable for copycats of these.
Categories:
Malwarebytes news
Tags: decryptorgoldeneyemftMischapetyatoos
(Read more...)
|
|
|
|
|
2017-07-24 16:41:39 |
A week in security (July 17 – July 23) (lien direct) |
A compilation of security news and blog posts from the 17th of July to the 23rd. We discuss the recent Dark Web market take downs and lots more.
Categories:
Security world
Week in security
Tags: Alphabayarrest helathcareatmblackhatchester benningtonchipottlecitadelHansa MarketIoTnuanceplay protectRSATerror EKweekly blog roundup
(Read more...)
|
|
|
|
|
2017-07-21 18:04:56 |
Play Protect: Android\'s new security system is now available (lien direct) |
Read more...)
|
|
|
|
|
2017-07-21 15:00:43 |
7 tips to stay cyber safe this summer (lien direct) |
As much as you'd rather not think about safe Internet surfing while catching a real wave, it's much better than spending the rest of the summer picking up after a cybercrime.
Categories:
101
How-tos
Tags: summer travel safetytravel cyber scamstravel cybersecurity
(Read more...)
|
|
|
|
|
2017-07-20 17:53:48 |
Hansa Market on Dark Web was controlled by Dutch police (lien direct) |
Dutch and US authorities revealed the results of an international cooperation to take down markets on the Dark Web trafficking in drugs, weapons, malware, and stolen data.
Categories:
Government
Security world
Tags: AlphabayDark WebdrugsgunsHansa Marketmalwareseized by police
(Read more...)
|
|
|
|
|
2017-07-19 21:25:39 |
Terror EK actor experiments with URL shortener fraud (lien direct) |
We catch up with a small player in the exploit kit scene.
Categories:
Cybercrime
Exploits
Tags: AdFlyexploit kitsmalvertisingmalwarespamtech support scamTerror EK
(Read more...)
|
|
|
|
|
2017-07-19 15:00:46 |
Adware the series, the final: Tools section (lien direct) |
The final episode of our adware series talks specifically about the tools that we use in identifying adware and the places where it lurks on a system.
Categories:
PUP
Tags: adwareFileASSASSINfrstPieter Arntzprocess explorerResource Monitorrootkitthe more you knowtoolstrojan
(Read more...)
|
|
|
|
|
2017-07-17 19:43:31 |
(Déjà vu) A week in security (July 10 – July 16) (lien direct) |
A compilation of security news and blog posts from the 10th of July to the 16th. We go over our PowerShell, an overview of the Petya ransomware family, and more.
Categories:
Security world
Week in security
Tags: a week in securityEternalPetyamalwarenewspetyapowershellransomwareroundupsecurity
(Read more...)
|
|
|
|
|
2017-07-14 16:29:04 |
Keeping up with the Petyas: Demystifying the malware family (lien direct) |
Last June 27, there was a huge outbreak of a Petya-esque malware with WannaCry-style infector in the Ukraine. Since there is still confusion about how exactly this malware is linked to the original Petya, we have prepared this small guide on the background of the Petya family.
Categories:
Cybercrime
Malware
Tags: Anti-RansomwareEternalPetyaGoldeneye ransomwaregreen petyajanusMischa ransomwareNotPetyaPetrwrappetya originsPetya ransomwareransomwarered petya
(Read more...)
|
|
NotPetya
Wannacry
|
|
|
2017-07-12 15:00:52 |
A .NET malware abusing legitimate ffmpeg (lien direct) |
There is a growing trend among malware authors to incorporate legitimate applications in their malicious package. This time, we encountered a malware downloading a legitimate ffmpeg.
Categories:
Malware
Threat analysis
Tags: .NETffmpegmalwarepayloadrat
(Read more...)
|
|
|
|
|
2017-07-11 15:00:15 |
Learning PowerShell: The basics (lien direct) |
Get acquainted with some of the basic principles of Powershell and get prepared for some basic usage of this versatile tool that is available on all modern Windows systems.
Categories:
101
How-tos
Tags: basiccmdletmalwarePieter Arntzpowershellrestrictions
(Read more...)
|
|
|
|
|
2017-07-10 18:15:47 |
Roundup: your malware infection stories (lien direct) |
We asked, you answered. Take a look at some of the most interesting malware infection stories from our readers, and what they did to clean up the mess.
Categories:
101
FYI
Tags: computer infectioninfection storiesransomware infections
(Read more...)
|
|
|
|
|
2017-07-10 17:18:30 |
A week in security (July 03 – July 09) (lien direct) |
A compilation of security news and blog posts from the 3rd of July to the 9th. We go over our latest Cybercrime Tactics & Techniques Report, summarize the Petya ransomware outbreak, and more.
Categories:
Security world
Week in security
Tags: a week in securityadgholasastrumEternalPetyamalvertisingrecapWanaCrypt0rWannaCryweekly blog roundup
(Read more...)
|
|
Wannacry
|
|
|
2017-07-06 19:06:53 |
Report: Second quarter dominated by ransomware outbreaks (lien direct) |
The second quarter of 2017 left the security world wondering, “What the hell happened?†With leaks of government-created exploits being deployed against users in the wild, a continued sea of ransomware constantly threatening our ability to work online, and the lines between malware and potentially unwanted programs continuing to blur, every new incident was a wakeup call.In this report, we are going to discuss some of the most important trends, tactics, and attacks of Q2 2017, including an update on ransomware, what is going on with all these exploits, and a special look at all the breaches that happened this quarter.
Categories:
Malwarebytes news
Tags: ad fraudadam kujawaAdam McNeiladwareAmazon PhishingArmando Orozcoastrumboaxxeebreachbreachescerbercybercrime tactics & techniquescybercrime tactics and techniquesdokDoublePulsarEKEternalBlueEternalPetyaexploit kitFindzipfireballhandbrakeJaffJean-Philippe TaggartJerome SegurakovterLockyMagnitudeMalwarebytesmalwarebytes labsMarcelo RiveroNathan CollierNotPetyaNSAnymain |
|
NotPetya
Wannacry
|
|
|
2017-07-06 18:15:09 |
All this EternalPetya stuff makes me WannaCry (lien direct) |
Get more background on the EternalPetya ransomware. Learn about its origin, attribution, decryption, and the methods of infection and propagation.
Categories:
Cybercrime
Malware
Tags: attributiondecryptionDoublePulsarEternalBlueEternalPetyaEternalRomancehasherazadem.e.docNotPetyaNSApetyaPetya ransomwareShadowBrokersWannaCryWannaCryptWannaCryptor
(Read more...)
|
|
NotPetya
Wannacry
|
|
|
2017-07-06 17:06:15 |
The key to old Petya versions has been published by the malware author (lien direct) |
As research concluded, the original author of Petya, Janus, was not involved in the latest attacks on Ukraine. As a result of the recent events, Janus released his private key, allowing all the victims of the previous Petya attacks, to get their files back.
Categories:
Cybercrime
Malware
Tags: ChimeraChimera ransomwareEternalPetyaGoldeneye ransomwarejanusNotPetyapetyaPetya ransomwareransomwareteslacrypt
(Read more...)
|
|
NotPetya
Tesla
|
|
|
2017-07-05 16:05:57 |
AdGholas malvertising thrives in the shadows of ransomware outbreaks (lien direct) |
Several large malvertising campaigns went unnoticed amidst the news of the latest ransomware outbreak.
Categories:
Cybercrime
Exploits
Tags: adgholasastrumEKexploit kitmalvertising
(Read more...)
|
|
|
|
|
2017-07-03 19:24:13 |
A week in security (June 26 – July 02) (lien direct) |
A compilation of security news and blog posts from the 26th of June to the 2nd of July. We delved deep into EternalPetya, the latest ransomware to make headlines last week. We also outed a fake WannaCry scanner and touched on other topics like adware, an educational campaign, and phishing.
Categories:
Security world
Week in security
Tags: EternalPetyaransomwarerecapweek in securityweekly blog roundup
(Read more...)
|
|
Wannacry
|
|
|
2017-06-30 16:53:36 |
EternalPetya – yet another stolen piece in the package? (lien direct) |
Since 27th June we've been investigating the outbreak of the new Petya-like malware armed with an infector similar to WannaCry. Since the day one, various contradicting theories started popping up. Some believed, that it is a rip-off the original Petya, others - that it is another step in its evolution. However, so far, those were just different opinions, and none of them was backed up with enough evidence. In this post, we will try to fill this gap, by making a step-by-step comparison of the current kernel and the one on which it is based (Goldeneye Petya).
Categories:
Malware
Threat analysis
Tags: attributionEternalPetyahasherezadehexeditjanusMalwarebytesNotPetyaNSApetyapsexecransomware
(Read more...)
|
|
NotPetya
Wannacry
|
|
|
2017-06-29 16:39:24 |
EternalPetya and the lost Salsa20 key (lien direct) |
The latest Petya seems to be broken on purpose: the victims' keys are lost forever.
Categories:
Malware
Threat analysis
Tags: EternalPetyapetyaransomware
(Read more...)
|
|
|
|
|
2017-06-28 15:00:28 |
Solution Corner: Malwarebytes Endpoint Protection (lien direct) |
Introducing Malwarebytes Endpoint Protection, our latest endpoint security solution for business. This latest release unifies a number of technologies onto a single agent on the endpoint and adds a new machine learning detection engine into our layered approach to protection.
Categories:
Malwarebytes news
Product updates
Tags: Anomaly DetectionEndpoint ProtectionIncident ResponseMalwarebytes Endpoint ProtectionMalwarebytes Incident Response
(Read more...)
|
|
|
|
|
2017-06-28 15:00:13 |
Adware the series, part 6 (lien direct) |
In this part of the series, we are going to have a look at types of adware that are very hard to find and remove, like ADS, rootkits, and file-less infections.
Categories:
PUP
Tags: adsadware seriesfilelessPieter ArntzPUPsrootkittrojanwmi
(Read more...)
|
|
|
|
|
2017-06-27 20:26:29 |
Petya-esque ransomware is spreading across the world (lien direct) |
Ringing in with echoes of WannaCry, Petya (or Petrwrap, NotPetya), is a new ransomware strain outbreak affecting many users around the world.
Categories:
Cybercrime
Malware
Tags: EternalBlueexploitgermanymalwarebytes labsNotPetyaPetrwrappetyaransomwareSMBspreadingukraineUnited Kingdomunited statesWannaCryWannaCryptWannaCryptor
(Read more...)
|
|
NotPetya
Wannacry
|
|
|
2017-06-27 15:00:44 |
The smart, alert, strong, kind, and brave way to Internet awesome (lien direct) |
This National Internet Safety Month, Google launches Be Internet Awesome, a campaign that aims to teach kids to explore the internet safely, smartly, and confidently. Who said that learning internet safety should be technical and boring?
Categories:
101
FYI
Tags: be internet awesomechild security onlineGoogleinternet awesomenational internet safety month
(Read more...)
|
|
|
|
|
2017-06-26 15:27:04 |
A week in security (June 19 – June 25) (lien direct) |
A compilation of security news and blog posts from the 19th to the 25th of June. We touched on topics like Barclays phish, Robux scam, breaking the attack chain and Incident Response.
Categories:
Security world
Week in security
Tags: attack chainbarclayscyberteamhondaIncident ResponsenayanaransomwareRobuxSkypeWannaCryweekly blog roundupztorg
(Read more...)
|
|
Wannacry
|
|
|
2017-06-26 15:00:18 |
Mobile Menace Monday: Fake WannaCry Scanner (lien direct) |
With all the buzz around the PC ransomware WannaCry, it's no surprise that a fake antivirus (FakeAV) has emerged on Google Play.
Categories:
Cybercrime
Mobile
Tags: AndroidantivirusFakeAVGoogle Playmobile menace mondayransomwaretriple mWannaCryWannaCryptWannaCryptor
(Read more...)
|
|
Wannacry
|
|
|
2017-06-26 14:00:37 |
Something\'s phishy: How to detect phishing attempts (lien direct) |
|
|
|
|
|
2017-06-22 19:40:41 |
Solution Corner: Malwarebytes Incident Response (lien direct) |
Unless you've been stuck at a fiery music festival, I don't need to tell you the threat landscape is constantly evolving and that threats have become increasingly sophisticated at evading detection. Recent Malwarebytes Labs reports, including the 2017 State of Malware shine a light on just how fast these threats continue to spread around the...
Categories:
Malwarebytes news
Product updates
Tags: adwarecloudcyberthreatsforensicsIncident ResponseMac OSmalwareMalwarebytes Incident ResponsePUPsecuritythreat huntingwindows
(Read more...)
|
|
|
|
|
2017-06-22 15:00:26 |
Barclays Bank customers targeted by phishers (lien direct) |
Scammers go phishing for Barclays Bank customer details. Here's what to avoid...
Categories:
Cybercrime
Social engineering
Tags: bankbarclaysBarclays BankfinancialphishphishingscamSocial Engineering
(Read more...)
|
|
|
|
|
2017-06-21 15:00:10 |
The Roblox Robux generator is too good to be true (lien direct) |
We take a look at a website claiming to offer free Roblox currency. Does it work? Spoiler: nope. But it really tries hard to be convincing.
Categories:
Cybercrime
Social engineering
Tags: coinsfreerobloxRoblox RobuxRobuxsurveys
(Read more...)
|
|
|
|
|
2017-06-20 15:56:41 |
(Déjà vu) A week in security (Jun 12 – Jun 18) (lien direct) |
A compilation of notable security news and blog posts from the 12th to the 18th of June. We touched on topics like more tech support scams, a new Mac Malware as a Service, and more.
Categories:
Security world
Week in security
(Read more...)
|
|
|
|
|
2017-06-19 15:52:56 |
Breaking the attack chain (lien direct) |
The attack chain is evolving, out-thinking traditional, signature-based endpoint security. See how Malwarebytes breaks the chains, defeating advanced threats with new technologies.
Categories:
101
Business
Tags: attack chainattack vectormulti-layer protection
(Read more...)
|
|
|
|
|
2017-06-16 15:00:52 |
Tackling the myths surrounding cyberbullying (lien direct) |
Misconceptions abound when it comes to cyberbullying. In this post, we'll identify six of these "myths" and then explain why they're worth discrediting.
Categories:
101
FYI
Tags: child security onlinecyberbullyingmisconceptionsmythsonline bullyingonline harassmentteen security
(Read more...)
|
|
|
|
|
2017-06-15 15:00:07 |
Announcing Malwarebytes Endpoint Protection, a next-generation antivirus replacement for businesses (lien direct) |
Today, I am happy to announce Malwarebytes Endpoint Protection, its equivalent for businesses. Malwarebytes Endpoint Protection is an advanced threat prevention solution for Windows endpoints featuring a cloud-based management console, delivered through a unified endpoint agent.
Categories:
CEO announcements
Malwarebytes news
Tags: antivirusCoalfire SystemscybersecurityEndpoint ProtectionIncident ResponseMalwarebytes Endpoint ProtectionMalwarebytes Incident Responsemarcin kleczynski
(Read more...)
|
|
|
|
|
2017-06-14 15:00:01 |
New Mac Malware-as-a-Service offerings (lien direct) |
A couple weeks ago, two new Malware-as-a-Service (MaaS) offerings for the Mac became available. We take a closer look at these two offerings - a backdoor named MacSpy and a ransomware app named MacRansom.
Categories:
Malwarebytes news
Tags: anti-malware for MacAppleBleeping ComputerCatalin CimpanuMaaSmacMacRansomMacSpymalwareMalware-as-a-Serviceransomware
(Read more...)
|
|
|
|
|
2017-06-14 09:00:53 |
Cheers to a successful time at Infosec Europe 2017 (lien direct) |
With over 350 exhibitors, well over 10,000 visitors, and many widely respected speakers, Infosec Europe is one of Europe's biggest security events. Our stand there was very popular.
Categories:
Conferences
Security world
Tags: conferencescybersecurityinfosecinfosec europeInfosec Europe 2017marcin kleczynskiPieter Arntzsecurity
(Read more...)
|
|
|
|
|
2017-06-13 14:00:21 |
The numeric tech support scam campaign (lien direct) |
A new tech support scam campaign is being pushed in lieu of exploit kits. We take a look at its distribution method and how it is able to bring browsers to their knees.
Categories:
Social engineering
Threat analysis
Tags: eitestexploit kitmalvertisingscamSocial Engineeringtech supporttech support scamTSS
(Read more...)
|
|
|
|
|
2017-06-12 16:58:27 |
A week in security (Jun 05 – Jun 11) (lien direct) |
A compilation of notable security news and blog posts from the 5th of June to the 11th. We touched on topics like HTTPS, a nasty adware, LatentBot, and other fighters against tech support scams.
Categories:
Security world
Week in security
Tags: cybersecurityexploit kitfireballmalwarePieter ArntzrecapsecuritySocial Engineeringweekly blog roundup
(Read more...)
|
|
|
|
|
2017-06-09 14:00:36 |
Please stop posting your X-rays to social media (lien direct) |
Many people post unredacted medical images to Twitter and Instagram. They shouldn't because the details included on the image often can compromise personal identity online and in rare instances, lead to a possible attack on an exposed piece of medical IT infrastructure.
Categories:
Cybercrime
Privacy
Tags: doxxinghackinghealth recordsmedical recordsMRIprivacySocial Engineeringsocial mediaX-Ray
(Read more...)
|
Guideline
|
|
|
|
2017-06-08 18:49:21 |
New social engineering scheme triggers on mouse movement (lien direct) |
No macro, no exploit. This attack uses mouse movement to launch malicious code in booby-trapped documents.
Categories:
Social engineering
Threat analysis
Tags: PowerPointpowershellSocial Engineering
(Read more...)
|
|
|
|
|
2017-06-08 15:00:53 |
LatentBot piece by piece (lien direct) |
LatentBot is a multi-modular Trojan written in Delphi and known to have been around since 2013. Recently, we captured and dissected a sample distributed by RIG Exploit Kit.
Categories:
Malware
Threat analysis
Tags: hasherezadelatentbotmalwarebytes labsRIG EK
(Read more...)
|
|
|
|
|
2017-06-08 14:00:49 |
Adware the series, part 5 (lien direct) |
Part 5 of this adware series shows the reader how the can use Process Explorer to have a close look at other files that are interacting with a suspicious process.
Categories:
PUP
Tags: adwareDLLShandlesparent processPieter Arntzprocess explorerthe series
(Read more...)
|
|
|
|
|
2017-06-07 22:54:11 |
Fireball Chinese malware and you (lien direct) |
By now, you might have heard about an adware infection operation that has allegedly spread to 250 million systems called Fireball. The threat intelligence and research teams at Check Point wrote a blog post last week describing the operation, what the threat does the system and the alarming potential the malware has for doing some serious damage. We delve into the worst case scenario with this situation and how to remove Fireball if you are infected.
Categories:
Cybercrime
Malware
Tags: adam kujawaadwareadware.elexbrowserelexfireballhijackmalwarebytes labsrafotech
(Read more...)
|
|
|
|
|
2017-06-07 14:00:38 |
Tech support scams: what are other people doing? (lien direct) |
We've talked a lot about tech support scams over the past few years, typically focused on what we see ourselves, and the scammers who like to pose as Malwarebytes. But tech support scams are much bigger than that, targeting every tech company under the sun. So what are other people doing about it? Let's take a look at some of the other players working to keep you safe.
Categories:
Cybercrime
Social engineering
Tags: Fatsecurity.comIT Advocatemicrosoftscamsymantectech support scamThreat IntelTSS
(Read more...)
|
|
|
|
|
2017-06-06 14:00:43 |
HTTPS… Everywhere! (lien direct) |
We recently updated our redirections rule in HTTPS-Everywhere, a browser extension that automatically redirects you to the HTTPS version of the website you are trying to visit. Now is a good time for us to give a short overview of how important HTTPS is. We'll also talk about a few major HTTPS-related events that happened lately.
Categories:
Privacy
Security world
Tags: HTTPSprivacy awareness weekprotectionsecurityvulnerability
(Read more...)
|
|
|
|
|
2017-06-05 14:00:26 |
Interview with a malware hunter: Pieter Arntz (lien direct) |
Welcome to our new series: interview with a malware hunter. In these Q&A sessions, we'll take you behind the scenes to get to know our malware intelligence crew.
Categories:
101
FYI
Tags: cybersecurity researchermalware huntermalware researcherPieter Arntzresearcher
(Read more...)
|
|
|
|
|
2017-06-05 13:59:32 |
A week in security (May 29 – Jun 04) (lien direct) |
Ransomware, adware, fake reviews, and noteworthy security news are covered in this week's recap.
Categories:
Security world
Week in security
Tags: adwareDMA Lockerfake reviewsransomwarerecapweekly blog roundup
(Read more...)
|
|
|
|
|
2017-06-01 14:00:01 |
Spotting fake reviews – have healthy online skepticism (lien direct) |
In this blog, we discuss techniques to detect fake reviews, fake reviewers, and shady online image management techniques.
Categories:
Social engineering
Threat analysis
Tags: review sitesshillshill reviewssockpuppets
(Read more...)
|
|
|
|