What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2016-08-30 16:00:59 | A week in security (Aug 21 – Aug 27) (lien direct) |  A compilation of notable security news and blog posts from August 21st to August 27th. This week, we touched on a ransomware banking on Pokémon Go, two-factor authentication, Facebook, and a nefarious spyware.Categories:
Security world
Week in securityTags: recapweekly blog roundup(Read more...) |
|||
|
2016-08-29 17:36:53 | Mr. Chow\'s website serves up ransomware (lien direct) | Read more...) | |||
|
2016-08-29 16:00:04 | Browser-based fingerprinting: implications and mitigations (lien direct) |  This post covers the information disclosure bugs in Internet Explorer and Edge that we sometimes refer to as 'fingerprinting'. We review past flaws as well as a currently unpatched one used in the wild before exploring some long term mitigations.Categories:
ExploitsTags: EdgefingerprintingIEinformation disclosure(Read more...) |
|||
|
2016-08-28 00:40:46 | How to enable 2FA on the PlayStation Network (lien direct) |  Registered owners of PlayStation and PSP can now enable this new security feature the next time they log in. This is wonderful news, indeed, and can be considered another win for security as we continue to see companies of all sizes take online concerns seriously and actually do something about it. Better late than never, right?Categories:
Security world
TechnologyTags: 2faplaystationpsntwo-factor authentication(Read more...) |
|||
|
2016-08-26 18:36:38 | 10 easy ways to prevent malware infection (lien direct) |  We told you how to tell if you're infected with malware. We told you how to clean up the infection if you get it. Now, here's how to prevent malware infection from happening in the first place.Categories:
101
How-tosTags: exploit kitslayered securitymalvertisingphishingprevent malware infection(Read more...) |
|||
|
2016-08-26 16:30:27 | Blurry previews and Facebook phishing (lien direct) |  Here's a Facebook phish which uses the incredibly old technique of blurring the supposed page underneath the login prompt. This is supposed to tantalise victims with what they could see if only they hand over login details. This tactic has been around from Facebook and Tumblr all the way back to Myspace, most typically in the form of the infamous "See who visited your page" type scams of yesteryear.Categories:
Cybercrime
Social engineeringTags: facebookphishphishingscam(Read more...) |
|||
|
2016-08-25 19:00:54 | How complex are the digital lives of teens? The NCSA takes a look. (lien direct) |  A recent study reveals (if not confirm) what most people may have already perceived: that most teens navigate the Internet via their smartphones using various websites and apps, and that there is a “digital disconnect†between U.S. parents and their teen children, who are between 13-17 years of age.Categories:
101
FYITags: Keeping Up with Generation Appnational cyber security allianceNCSAstudyteen security(Read more...) |
|||
|
2016-08-25 16:32:44 | Unpacking the spyware disguised as antivirus (lien direct) |  Recently we got access to several elements of the espionage toolkit that has been captured attacking Vietnamese institutions. During the operation, the malware was used to dox 400,000 members of Vietnam Airlines.Categories:
Malware
Threat analysisTags: APTespionagehasherezadeKorplugspywareVietnam(Read more...) |
|||
|
2016-08-25 14:00:43 | Tech support scams and Google Chrome tricks (lien direct) |  In this article we take a look at some tricks that target Google Chrome users to dupe them with the infamous tech support scam pop ups. In particular, we examine the fake address bar and alert dialogs which people have come to trust and yet can be deceiving.Categories:
Social engineeringTags: chromeGoogletech support scamsTSS(Read more...) |
|||
|
2016-08-24 14:00:23 | How to secure your remote workers (lien direct) |  Remote workers are often the weakest link in a company's cybersecurity defenses. Find out how your company can protect its network and remote employees from threats.Categories:
101
BusinessTags: remote workersthe cloudvpn(Read more...) |
|||
|
2016-08-23 14:00:12 | File-in-the-middle hijackers (lien direct) |  This may be a new trend among browser hijackers, but it seems more than a coincidence that we found two browser hijackers using a very similar approach to reach their goal of taking victims to the sites of their choice.Categories:
Cybercrime
MalwareTags: dotdoHPDefenderHPRewriter2MultiplugPieter ArntzPUPrewrun3shortcuts(Read more...) |
|||
|
2016-08-22 20:00:48 | PokemonGo Ransomware comes with some clever tricks (lien direct) |  We have all seen the current popularity and craze with PokemonGo, it's no surprise cyber-criminals would plan on using this to their advantage and imitate the game with malicious substitutions. Categories:
Malware
Threat analysisTags: malwarepokemonpokemon GOransomware(Read more...) |
|||
|
2016-08-22 14:00:42 | Systweak Redux: our response (lien direct) |  On July 29, we published a blog titled "PUP Friday: Cleaning up with 5 star awards", taking a look at a registry cleaner called RegCleanPro made by Systweak. We detect the file in question as a PUP, and covered it as part of our regular PUP Friday series. The makers of Systweak software posted both to our blog comments (with no response to my reply, at time of writing) and also posted a blog on their website titled "How Malwarebytes Got It All Wrong with RegClean Pro".
Below is a reply to both the comments made to our blog and their own post. The comments from their blog are numbered and in bold, green text, with our responses to each point underneath.Categories:
PUPs
Threat analysisTags: MalwarebytesPUPPUP Fridayregcleanprosystweak(Read more...) |
|||
|
2016-08-22 13:30:35 | A week in security (Aug 14 – Aug 20) (lien direct) | A compilation of notable security news and blog posts from August 14th to August 20th. This week, we touched on the Shakti Trojan, one 419 scam and one SMS scam, and some very naughty Mac PUPs.Categories:
Security world
Week in securityTags: recapweekly blog roundup(Read more...) |
|||
|
2016-08-19 18:47:00 | PUP Friday: MacKeeper (lien direct) |  We wrote an article in 2014 about some fraudulent behaviors involving MacKeeper. Fast forward to 2016, and unfortunately, the story is much the same.Categories:
PUPs
Threat analysisTags: ApplemacPUPPUPs(Read more...) |
|||
|
2016-08-19 15:00:23 | PCVARK plays dirty (lien direct) |  We very quickly found ourselves in a deep rabbit-hole of Mac crapware when researching a major developer of Mac PUPs (potentially unwanted programs), PCVARK.Categories:
PUPs
Threat analysisTags: ApplemacPCVARKPUP(Read more...) |
|||
|
2016-08-17 10:00:53 | Shakti Trojan: Technical Analysis (lien direct) |  Recently, we took a look at the interesting Trojan found by Bleeping Computer. Our small investigation on its background and possible attribution has led us to the conclusion that this threat is in reality not new – probably it has been designed in 2012 for the purpose of corporate espionage operations. Yet it escaped from...Categories:
Malware
Threat analysisTags: doxingespionageshaktistealertrojan(Read more...) |
|||
|
2016-08-17 07:00:46 | Parents, beware of this SMS scam (lien direct) |  The scam comes in the form of an SMS, which contains a message stating that “Sarahâ€, the purported sender, has been in a “small accident†and is asking the recipient to text back once they've received her message.Categories:
Cybercrime
Social engineeringTags: SMS fraudsms scamUK fraud(Read more...) |
|||
|
2016-08-16 07:49:48 | Soldiering on: the $5.6 million 419 scam (lien direct) |  419 scams most commonly drop into your mailbox, but they do occasionally appear via other channels such as snail mail and social media. Today we're going to take a look at an angle seemingly beloved of scammers everywhere - a specific character type clung to down the years for no other reason than to cheat people out of their money. That character would happen to be "awesome UN peacekeeper with inexplicable access to millions of dollars because reasons".Categories:
Cybercrime
Social engineeringTags: 419fakephishphishingscam(Read more...) |
|||
|
2016-08-15 21:55:20 | Shakti Trojan: Document Thief (lien direct) |  Recently, Bleeping Computer published a short article about an unrecognized Trojan that grabs documents from the attacked computer and uploads them into a malicious server. Looking at the characteristics of the tool, we suspect that it has been prepared for the purpose of corporate espionage. So far, no AV has given any meaningful identification to this malware-it is detected under generic names. Since not much is known about its internals, we decided to take a closer look.Categories:
Malware
Threat analysisTags: doxingshaktispywaretrojan(Read more...) |
|||
|
2016-08-12 19:22:04 | Venus Locker another .NET Ransomware (lien direct) |  The current cyber-threat landscape is an ever dynamic threat, we have state-sponsored cyber-threats and very sophisticated cyber-criminals to defend against. These threats come with their own motivations and objectives. We have all come to know ransomware, which, according to our study published earlier this month, has become one of the biggest cyber security threats in...Categories:
Malware
Threat analysisTags: malwareransomware(Read more...) |
★★ | ||
|
2016-08-11 18:58:45 | Decrypting Chimera ransomware (lien direct) |  We take a technical look at validating the leaked Chimera ransomware keys as well as if we can decrypt files with these keys.Categories: CybercrimeMalwareTags: Chimeradecryptorhasherezaderansomware(Read more...) |
|||
|
2016-08-11 13:22:21 | Scammers sneak into customer support conversations on Twitter (lien direct) |  We've looked at the social engineering tactic of inserting a fake account into a conversation with legitimate support channels in the past, and today - thanks to Techhelplist - we can observe another one, this time going after Natwest bank logins. See how Twitter scammers are trying to steer potential victims away from legitimate support channels to phishing websites.Categories: CybercrimeSocial engineeringTags: bankbankingfakephishphishingscamSocial Engineeringtwitter(Read more...) |
|||
|
2016-08-10 16:36:02 | Malvertising campaign delivers two exploit kits, same payload (lien direct) |  It is a little odd to see an attack making use of two different exploit kits which serves the same malware payload. In this particular malvertising case, both RIG EK and Sundown EK are used to deliver the same threat, perhaps an indication that the actor behind this is doing some kind of testing or simply wants to maximize the infection rates by combining both EKs.Categories: ExploitsTags: EKsexploit kitsmalvertisingRIGsundown(Read more...) |
|||
|
2016-08-09 15:12:38 | New celebrity death hoax hits Facebook (lien direct) |  Celebrity death hoaxes are not new, yet every now and then someone with a public name can land on these bogus news headlines in an attempt by social engineers and hoaxers to gain traction and let the nature of the internet take its course.Categories: CybercrimeSocial engineeringTags: celebrity death hoaxfacebook hoaxhoaxjaden smith death hoax(Read more...) |
★★★★ | ||
|
2016-08-08 19:00:45 | A week in security (Jul 31 – Aug 06) (lien direct) | A compilation of notable security news and blog posts from July 31st to August 06th. This week, we talked about ransomware, Smoke Loader, a Facebook scam, and a new SEO scammer tactic.Categories: Security worldWeek in securityTags: recapweekly blog roundup(Read more...) |
|||
|
2016-08-05 18:30:27 | Smoke Loader – downloader with a smokescreen still alive (lien direct) |  This time we will have a look at another payload from recent RIG EK campaign. It is Smoke Loader (also known as Dofoil), a bot created several years ago. One of its early versions was advertised on the black marker in 2011.Categories: MalwareThreat analysisTags: DofoildownloaderRIG EKsmoke loader(Read more...) |
|||
|
2016-08-05 14:30:12 | PUP Friday: Adware family EoRezo (lien direct) |  EoRezo is a detection name that is in use for a big part of the adware family called Tuto4PC. The adware is bundled with other software and with tutorials (about software). The adware, although annoying, is usually harmless by itself, but that can't be said about the advertisements and sites it opens on the victim's computer.Categories: PUPsThreat analysisTags: eorezoPieter ArntzPUPsearch protecttuto4pc(Read more...) |
|||
|
2016-08-05 09:27:55 | The reality of Ransomware: an in-depth study (lien direct) |  We recently sponsored a deep-dive study conducted by Osterman Research on the subject of Ransomware, and the results are a stark insight into one of the biggest problems facing both enterprise and home networks at the moment. Some key UK-centric findings: 40% of businesses worldwide attacked, but Senior UK IT staff suffered the highest number of...Categories: CybercrimeMalwareTags: malwareMalwarebytesransomwareresearch(Read more...) |
|||
|
2016-08-03 18:48:51 | A look into Neutrino EK’s jQueryGate (lien direct) | Read more...) | |||
|
2016-08-02 14:04:19 | Tech Support Scams, two for the price of one (lien direct) |  In what must be an attempt to drive victims crazy enough to call one of their numbers, Tech Support Scammers replace one logon lock-screen with another.Categories: MalwareTags: lockscreenPieter ArntzshellTechSupportScamswinlogon(Read more...) |
|||
|
2016-08-01 16:00:46 | Google’s featured snippets abused by SEO scammers (lien direct) | ||||
|
2016-07-29 20:44:34 | PUP Friday: Cleaning up with 5 star awards (lien direct) |  Systweak's RegClean Pro is quite a popular software. Top Ten Reviews, a consumer review portal based in Utah, has ranked it as number one in their “Registry Repair Software” category. It also boasts of having won more than a hundred 5-star awards. Yet in spite of these, something is amiss. With praises for it also...Categories: PUPsThreat analysisTags: PUPPUP Fridayregclean prosystweak(Read more...) |
★★★ | ||
|
2016-07-29 15:38:05 | Unpacking yet another .NET crypter (lien direct) |  We look at one of the malicious executables recently delivered by RIG Exploit Kit that was packed in a .NET cryptor and includes similar features as one we found some time ago.Categories: MalwareThreat analysisTags: .NETBeta BotcryptercryptorFUDNeurevt(Read more...) |
|||
|
2016-07-29 10:19:05 | The IPExpo / Infosec Europe / Blogger Awards roundup (lien direct) |  It's been a busy few months for the Malwarebytes team. Infosec Europe, Chelsea FC, radio interviews, and a certain Blogger Awards that you may have voted on recently. How did we do? You'll have to read on to find out!Categories: ConferencesSecurity worldTags: awardsbest corporate blogblogger awardschelseainfosec europeinfosec16(Read more...) |
|||
|
2016-07-28 15:01:48 | Five ways to stay safe online while playing Pokémon Go (lien direct) |  No one has expected to see a mobile gaming app become so popular so fast and affect people the way it has. Indeed, the introduction of Pokémon Go—plus the sharp rise of popularity of augmented reality—has opened a lot of opportunities for cross-industry innovation and growth. Unfortunately, it's not all fun and games for every player and those caught in the experience of others.Categories: 101FYITags: ARaugmented realitypokemon GOtips(Read more...) |
|||
|
2016-07-27 14:28:25 | From Locky with love – reading malicious attachments (lien direct) |  Read on to learn how the latest downloaders used to deliver Locky ransomware and show how to statically decipher their hidden URLs.Categories: MalwareThreat analysisTags: downloaderLocky(Read more...) |
|||
|
2016-07-27 03:03:05 | A look into some RIG exploit kit campaigns (lien direct) |  We've covered the Neutrino and Magnitude exploit kits. Now we take a look at number #3, RIG EK and the different distribution paths using packet captures collected by our honeypot. The campaigns for distribution involve malvertising and compromised sites (much like all other EKs) but there is a notable diversity in how many different ways RIG EK is being loaded and the type of payloads it is serving.Categories: ExploitsTags: EKexploitsRIG(Read more...) |
|||
|
2016-07-26 15:21:17 | Explained: Advanced Persistent Threat (APT) (lien direct) |  An Advanced Persistent Threat (APT) is a prolonged, aimed attack on a specific target with the intention to compromise their system and gain information from or about that target. The target can be a person, an organization or a business. Categories: Malware(Read more...) |
|||
|
2016-07-25 14:46:49 | The little 419 scam that could (lien direct) |  It has been six months since David and Carol Martin, a Scottish couple in the UK, received the highest National Lottery pay out made to any winner to date. And scammers have been taking advantage of it for half a year now. Don't be misled by this so-called "donation scam".Categories: CybercrimeSocial engineeringTags: 419 scamdavid and carol martindonation scamemail scamlottery(Read more...) |
★★★★★ | ||
|
2016-07-22 18:41:36 | Cross-platform malware Adwind infects Mac (lien direct) |  We examine a cross-platform malware with a Mac payload and found the hackers behind it really didn't put that much effort into making it work on the Mac.Categories: MacThreat analysisTags: Applemacmalwarerat(Read more...) |
★★★★★ | ||
|
2016-07-22 15:25:00 | How to protect your IP address (lien direct) |  When you jump online, your computer uses an IP address to communicate—something easily found and exploited by cybercriminals. Here's how to hide your IP address from prying eyes.Categories: 101How-tosTags: ddosIP address(Read more...) |
|||
|
2016-07-21 19:15:07 | Avoid this “Authorize your Twitter account” phishing scam… (lien direct) |  Scammers send a well known verified account a "Please authorize this app to become verified" message. Confusion follows.Categories: CybercrimeSocial engineeringTags: phishphishingscamscammertwitter(Read more...) |
|||
|
2016-07-20 14:31:40 | Window Range Manager (lien direct) |  A recently discovered adware called Window Range Manager aka Winrange uses Chrome components to display 3D advertisements, but fails to run on most systems.Categories: PUPsThreat analysisTags: adsMalwarebytesPUPs(Read more...) |
★★ | ||
|
2016-07-19 15:16:58 | Long lasting Magnitude EK malvertising campaign not affected by slowdown in EK activity (lien direct) |  We have been tracking a malvertising campaign distributing the Cerber ransomware linked to the actor behind the Magnitude exploit kit for months.Despite a global slowdown in exploit kit activity, this particular distribution channel has remained active and strong. In this post we take a look at some past and present indicators of compromise that show how fake identities remain an effective way to defeat ad platforms' security checks.Categories: ExploitsTags: cerberMagnitudemalvertisingransomware(Read more...) |
|||
|
2016-07-18 17:00:16 | Third time (un)lucky – improved Petya is out (lien direct) |  Petya's authors got it right at the third attempt. The currently launched wave of this ransomware finally seems to have the proper Salsa20.Categories: MalwareThreat analysisTags: Mischapetyaransomware(Read more...) |
|||
|
2016-07-15 17:00:46 | Explained: Bug poaching (lien direct) |  When we talk about online extortion, nowadays what comes to mind is ransomware, thanks to reports of new strains found almost every day of the week. For some, it may be scams—from online dating, to loan, to 419 fraud. For others, some examples may be hijacked accounts, sextortion, DDoS attacks, and data theft. These past few weeks, we have been introduced to a new type of digital extortion that, as some security experts claim, is currently on the rise: bug poaching.Categories: 101FYITags: bug bountybug poachingonline extortion(Read more...) |
|||
|
2016-07-15 14:06:57 | Our Pokemon Go blogpost becomes scammer bait… (lien direct) |  You know when you write about a Pokemon GO scam and casually mention how criminals use Lure Modules as bait for mugging victims? Of course you do (well, maybe not). As it turns out, the blogpost itself became a Pokemon-style lure - for comment section driveby scammers. I mean, whoops? Here was me thinking I'm supposed to go out and catch them all or whatever. I can't get fit and healthy waving my phone at trees and the occasional power plant if they turn up on the doorstep...Categories: CybercrimeSocial engineeringTags: pokecoinspokemonpokemon GOscamspamsurveysurveys(Read more...) |
To see everything:
Our RSS (filtrered)
