Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2017-05-31 14:00:18 |
Adware the series, part 4 (lien direct) |
Adware loves to use Scheduled Tasks and Windows services as a timer to show you their advertisements at set intervals. This post tells you how to delete and disable them.
Categories:
PUP
Tags: adwarePieter ArntzPUPPUPsrootkitscheduled tasksservicesthe seriestrojan
(Read more...)
|
|
|
|
|
2017-05-29 17:48:06 |
A week in security (May 22 – May 28) (lien direct) |
Last week we informed you about several new threats, here is a roundup of our posts and other noteworthy cybersecurity news.
Categories:
Week in security
Tags: chromeRoughTedtencentweekly blog roundup
(Read more...)
|
|
|
|
|
2017-05-29 14:21:41 |
A stolen version of DMA Locker is making the rounds (lien direct) |
Pirated versions of DMA-locker are doing the rounds, but there is some good news. All the encrypted data can be decrypted with the same key and we can give it to you.
Categories:
Cybercrime
Malware
Malwarebytes news
Tags: decryptorDMA Lockerfakexptlock
(Read more...)
|
|
|
|
|
2017-05-25 14:00:52 |
RoughTed: The anti ad-blocker malvertiser (lien direct) |
A look at RoughTed, a purveyor of ad-blocker aware malvertising responsible for a range of scams, exploits, and malware.
Categories:
Cybercrime
Malware
Tags: ad-mavenadwareexploit kitsexploitsMagnitudemalvertisingPUPsRIGRoughTedscamstech support scamstrojan
(Read more...)
|
|
|
|
|
2017-05-24 18:39:46 |
5 Unsettling cyberthreats (lien direct) |
Cyberthreats are typically boring, repetitive, and require a reasonably predictable remediation process. Here are 5 cyberthreats that if you're not frightened by, you should be.
Categories:
Security world
Technology
Tags: botnetcyberthreatsddosIoTlawmiraiMirai botnetRATsvnc
(Read more...)
|
|
|
|
|
2017-05-23 14:00:26 |
Stealing Windows credentials using Google Chrome (lien direct) |
This article explains how Chrome users are at risk of spilling their Microsoft Authentication credentials by simply visiting the wrong site.
Categories:
Cybercrime
Exploits
Tags: Adylkuzzchromemicrosoft authenticationransomwarescfShell Command FileSMBWanaCryptWindows Explorer
(Read more...)
|
|
|
|
|
2017-05-22 14:00:31 |
Mobile Menace Monday: Ransomware targets Tencent users (lien direct) |
Because Android ransomware is on the raise, users should be extra cautious.
Categories:
Cybercrime
Mobile
Tags: AndroidAnti-MalwareKoler TrojanmalwareMobileransomwareSLockertriple mtrojan
(Read more...)
|
|
|
|
|
2017-05-22 13:59:59 |
A week in security (May 15 – May 21) (lien direct) |
A compilation of notable security news and blog posts from the 15th of May to the 21st. We covered WannaCry, Privacy Awareness week, and what to do when you suspect stolen personal data.
Categories:
Security world
Week in security
Tags: biohacketernalrocksprivacy awareness weekssd vulnerabilitystolen dataWannaCryweekly blog roundupwikileaks
(Read more...)
|
|
Wannacry
|
|
|
2017-05-19 20:11:28 |
WannaDecrypt your files? The WannaCry solution, for some (lien direct) |
A decryptor (Wanakiwi) that has been developed for WannaCry/WannaCrypt/wCrypt. There is a catch though, it only works for some operating systems.
Categories:
Cybercrime
Malware
Tags: Anti-RansomwaredecryptormalwareransomwareWana DecrptorWanaCrypt0rWanaKiwiWannaCryWannaCryptWannaCryptorWannakeyWCrypt
(Read more...)
|
|
Wannacry
|
|
|
2017-05-19 14:00:45 |
How did the WannaCry Ransomworm spread? (lien direct) |
Security researchers have had a busy week since the WannaCry ransomware outbreak that wreaked havoc on computers worldwide. How did it all happen?
Categories:
Cybercrime
Exploits
Malware
Tags: botnetDoublePulsarEternalBlueexploitJaff ransomwaremalspammalwareNecurs botnetNSAransomwareShadowBrokersspamWannaCryWannaCrypt
(Read more...)
|
|
Wannacry
|
|
|
2017-05-18 15:00:51 |
Information stolen? What now? (lien direct) |
Identifying and removing the malware is our job, but what do you need to do yourself, to control the aftermath of malware that steals interesting information from an infected computer?
Categories:
101
How-tos
Tags: cybersecurityinfoseckeyloggermalwarespywarethreat actortrojan
(Read more...)
|
|
|
|
|
2017-05-17 15:00:24 |
Privacy Awareness Week: A primer (lien direct) |
The Asia Pacific Privacy Authorities (APPA) began an initiative called Privacy Awareness Week, or PAW, with the purpose of educating users about current privacy issues and promoting the importance of keeping their personal information safe. This remains the core of why it exists for more than a decade now.
Categories:
101
FYI
Privacy
Tags: asia pacific privacy authoritycybersecuritycybersecurity awarenesspawprivacyprivacy awareness weekprivacy primer
(Read more...)
|
|
|
|
|
2017-05-15 21:25:02 |
Wanna Cry some more? Ransomware roundup special edition (lien direct) |
A special compilation of security news related to the recent Worldwide outbreak of ransomware which has caused chaos for multiple organizations.
Categories:
Cybercrime
Malware
Tags: malwareransomwarespamWanaCrypt0rWannaCryWannaCryptWCrypt
(Read more...)
|
|
Wannacry
|
|
|
2017-05-12 22:02:24 |
The worm that spreads WanaCrypt0r (lien direct) |
WanaCrypt0r is a ransomware infection that has spread through many corporate networks. Read a technical analysis of the worm that allowed it to do this.
Categories:
Malware
Threat analysis
Tags: microsoftNHSNHS WanaCryptornhs wannacryptorransomwareWana DecrptorWanaCrypt0rWcrywindows
(Read more...)
|
|
Wannacry
|
|
|
2017-05-12 18:07:55 |
WanaCrypt0r ransomware hits it big just before the weekend (lien direct) |
Reports of two massive ransomware attacks by a ransomware that Malwarebytes detects as Ransom.WanaCrypt0r. attacks in Europe are dominating the news.
Categories:
Cybercrime
Malware
Tags: NHS WanaCryptornhs wannacryptorransomwaretelefonicaWanaCrypt0rWannaCryWcry
(Read more...)
|
|
Wannacry
|
|
|
2017-05-11 17:11:12 |
New \'Jaff\' ransomware via Necurs asks for 2 BTC (lien direct) |
The dreaded Necurs botnet delivers a new ransomware with a high ransom ask in this newest spam campaign.
Categories:
Cybercrime
Malware
Tags: JaffJaff ransomwareLockyLocky ransomwarenecursransomwarespam
(Read more...)
|
|
|
|
|
2017-05-10 15:00:30 |
Adware the series, part 3 (lien direct) |
Part 3 in this series deals with removing programs and files responsible for the unsolicited advertisements.
Categories:
PUP
Tags: adwaredeletePieter Arntzprocess explorerPUProotkittrojanuninstallwindows
(Read more...)
|
|
|
|
|
2017-05-08 18:00:38 |
A week in security (May 01 – May 07) (lien direct) |
A compilation of notable security news and blog posts from the 1st of May to the 7th. We touched on topics like Mac malware, OWASP, and password management.
Categories:
Security world
Week in security
Tags: adwareGooglegoogle docsmacOSOSX.Dokrecapweekly blog roundupWorld Password Day
(Read more...)
|
|
|
|
|
2017-05-08 17:04:43 |
HandBrake hacked to drop new variant of Proton malware (lien direct) |
The website of the popular HandBrake DVD-ripping app has been hacked, and for 4 days, a maliciously-modified copy of the app was installing a new variant of the mysterious Proton malware.
Categories:
Mac
Threat analysis
Tags: apple phishingbackdoorEric Petithandbrake hackmacmac backdoormalwarephishproton
(Read more...)
|
|
|
|
|
2017-05-05 14:00:41 |
Snake malware ported from Windows to Mac (lien direct) |
Snake, also known as Turla and Uroburos, is backdoor malware that has been around and infecting Windows systems since at least 2008. It is thought to be Russian governmental malware and on Windows is highly-sophisticated. It was even seen infecting Linux systems in 2014. Now, it appears to have been ported to Mac.
Categories:
Mac
Threat analysis
Tags: Adobe Flash PlayerApplemacMac TrojanmalwareSnaketrojanTurlaUroburos
(Read more...)
|
|
|
|
|
2017-05-04 16:00:28 |
OWASP top ten – Boring security that pays off (lien direct) |
OWASP recently published a draft list of the top 10 security vulnerabilities of 2017. While intended for developers seeking to code more secure applications, the top 10 list is based on actual survey data of threats seen in the wild and serves as a great starting point for organizations struggling with security priorities. Let's take a look and see how long they've been around prior to publication.
Categories:
Security world
Technology
Tags: enterpriseOWASPThreat Intelzero day
(Read more...)
|
|
|
|
|
2017-05-04 14:00:33 |
Why you don\'t need 27 different passwords (lien direct) |
|
|
|
|
|
2017-05-03 19:51:53 |
Google Docs App spam goes phishing (lien direct) |
There's a very clever phishing scam going around at the moment involving Google Docs App. Originally thought to be targeting journalists given the sheer number of them mentioning it on their Twitter feeds, it's also been slinging its way across unrelated mailboxes - from orgs to schools/campuses.
Categories:
Cybercrime
Social engineering
Tags: Googlegoogle docsMailnatorphishphishingspam
(Read more...)
|
|
|
|
|
2017-05-03 15:00:12 |
Adware the series, part 2 (lien direct) |
In part 2 of our adware series, we focus on a few methods to reroute, intercept, and change your internet traffic.
Categories:
PUP
Tags: adwarednsdns hijackerLSP hijackerproxyproxy hijackerPUPPUPsrootkittrojan
(Read more...)
|
|
|
|
|
2017-05-02 15:00:56 |
An Infosec Spring clean (lien direct) |
Spring has indeed sprung, but it's never too late to have a wander through your security settings and features. Unfortunately, we have so many accounts these days that it's hard to keep track of them all, but this round-up may help you on your way.
Categories:
101
FYI
Tags: applicationsappscleanupemailsecuritysettingssocial mediaSpring Cleaningwebsite
(Read more...)
|
|
|
|
|
2017-05-01 18:16:41 |
Another OSX.Dok dropper found installing new backdoor (lien direct) |
On Friday a sophisticated Mac Trojan was discovered, called OSX.Dok, which installs malware designed to intercept all HTTP and HTTPS traffic. This morning, Adam Thomas, a Malwarebytes researcher, found a variant of the OSX.Dok dropper that behaves altogether differently and installs a completely different payload.
Categories:
Mac
Threat analysis
Tags: AppleDokument.appmacmac malwareMac TrojanmalwareOSX.Doktrojan
(Read more...)
|
|
|
|
|
2017-05-01 17:07:19 |
A week in security (Apr 24 – Apr 30) (lien direct) |
A compilation of notable security news and blog posts from the 24th of April to the 30th. We covered a lot of different subject, exploit kits, adware, Tech Support Scams, Android and Mac threats. And how to fight security fatigue.
Categories:
Security world
Week in security
Tags: adwareeitestOSX.Doktech support scamsTerror EKweekly blog roundup
(Read more...)
|
|
|
|
|
2017-04-28 18:00:07 |
New OSX.Dok malware intercepts web traffic (lien direct) |
Most Mac malware tends to be unsophisticated. Although it has some rather unpolished and awkward aspects, a new piece of Mac malware, dubbed OSX.Dok, breaks out of that typical mold.
Categories:
Mac
Threat analysis
Tags: AppleDokument.zipmacmacOSmalwareOSX.Dokphishing
(Read more...)
|
|
|
|
|
2017-04-27 15:00:25 |
System optimizers turning to Tech Support Scams (lien direct) |
PUPs and more specifically system optimizers have been found turning to tech support scams to increase the amount of money they can take from their unsuspecting customers.
Categories:
Cybercrime
PUP
Tags: potentially unwanted programsPUPsystem optimizertech supporttech support scamTSS
(Read more...)
|
|
|
|
|
2017-04-26 19:45:58 |
A story of fonts by the EITest HoeflerText campaign (lien direct) |
The HoeflerText campaign is known for a fake font download that delivers the Spora ransomware. But did you know it also uses special characters in the dropper's file name?
Categories:
Cybercrime
Social engineering
Tags: chromeeitestfonthoeflertextmalwareransomwareSpora Ransomware
(Read more...)
|
|
|
|
|
2017-04-26 15:00:50 |
Adware the series, part 1 (lien direct) |
In this series, we will be using the below flowchart to follow the process of determining which adware we are dealing with. The idea is to give you an idea of how many different types of adware are around for Windows systems.
Categories:
PUP
Tags: ad fraudadwarecacheextensionspotentially unwanted programsPUP
(Read more...)
|
|
|
|
|
2017-04-26 13:00:46 |
Terror EK going \'pro\'? Not quite yet (lien direct) |
A quick peek into some changes to Terror EK, an underdog exploit kit in development.
Categories:
Cybercrime
Exploits
Tags: exploit kitsSundown EKTerror EK
(Read more...)
|
|
|
|
|
2017-04-25 16:00:07 |
iCloud support scams (lien direct) |
Stay on the lookout for a new iCloud scam. A Malwarebytes employee reported receiving multiple calls claiming to be from Apple Support and asking for her credentials.
Categories:
Cybercrime
Mac Cybercrime
Tags: AppleApple IDcelebgateicloudiCloud IDiOS App StoreiPhonemacMac App Storescamtech supporttech support scamTSS
(Read more...)
|
|
|
|
|
2017-04-25 15:00:49 |
Do I have Malwarebytes or a tech support scam? (lien direct) |
A lot of companies don't make it all too clear who their tech support is. Given the wide variety in how legitimate companies handle their support, how can you tell the difference between tech support and a tech support scam? We point out how to differentiate us from a tech support scammer.
Categories:
101
How-tos
Tags: fraudMalwarebytesscamtech supportTSS
(Read more...)
|
|
|
|
|
2017-04-25 14:00:55 |
How to fight security fatigue (lien direct) |
Feeling overwhelmed by the deluge of cybersecurity news and the accompanying complex advice to fight it? You just might have security fatigue.
Categories:
101
How-tos
Tags: cybersecuritycybersecurity awarenesssecurity fatigue
(Read more...)
|
|
|
|
|
2017-04-24 15:00:31 |
Mobile Menace Monday: Securing your privacy on Android (lien direct) |
If you work at a company that allows you to use your mobile device to login email, access company data, and/or connect to company Wi-Fi, you could be more of a risk than you think.
Categories:
Cybercrime
Mobile
Tags: AndroidcybersecurityMobileprivacytriple m
(Read more...)
|
|
|
|
|
2017-04-24 14:59:43 |
A week in security (Apr 17 – Apr 23) (lien direct) |
A compilation of notable security news and blog posts from the 17th of April to the 23rd. We focused on the return of Locky ransomware, Moker Trojan, and more.
Categories:
Security world
Week in security
Tags: binary optionsexploit kitLockyMokerMoker TrojanransomwarerecapRIG-Vtrojanweekly blog roundup
(Read more...)
|
|
|
|
|
2017-04-21 23:38:53 |
Locky ransomware is back, but we already protect against it (lien direct) |
For a while, it appeared that Locky ransomware had completely disappeared and allowed for Cerber to take the number one spot as the most distributed piece of ransomware. But after a long absence, Locky returns in full swing.
Categories:
Cybercrime
Social engineering
Tags: cerberCerber ransomwareLockyLocky ransomwareransomware
(Read more...)
|
|
|
|
|
2017-04-21 18:44:58 |
Elusive Moker Trojan is back (lien direct) |
We finally have gotten our hands on a sample of Moker Trojan (that was discovered in 2015). This article will be a deep dive in its capabilities.
Categories:
Malware
Threat analysis
Tags: EKexploit kithasherezademalwareMokerratRIG EKtrojan
(Read more...)
|
|
|
|
|
2017-04-20 15:00:55 |
Binary Options malvertising campaign drops ISFB banking Trojan (lien direct) |
We take a look at a widespread and yet stealthy malvertising campaign distributing the ISFB banking Trojan via decoy websites.
Categories:
Exploits
Threat analysis
Tags: binary optionsdreambotEKexploit kitGoziISFBmalvertisingmalwareRIGRIG exploit kittrojan
(Read more...)
|
|
|
|
|
2017-04-14 18:03:09 |
ShadowBrokers releases more stolen information (lien direct) |
ShadowBrokers shocked the security world again today by releasing another cache of exploits, files, and operational documents purportedly stolen from Equation Group last summer. As you may recall from our earlier publications, Equation Group is reportedly a clandestine hacking group that has been linked with NSA hacking tools.
Categories:
Cybercrime
Hacking
Tags: CIAexploitsmore informationNSANSA-FTS327releaseShadowBrokerssnowdenwindows
(Read more...)
|
|
|
|
|
2017-04-14 15:00:06 |
Amazon third party sellers: A new threat (lien direct) |
On Monday, the Wall Street Journal reported a wave of hijacked Amazon seller accounts that proceeded to fleece buyers for large sums of money. As reported here, attackers would use credentials harvested from other breaches to take over the account, then either simply redirect funds to their own deposit account or create lots of fake...
Categories:
Cybercrime
Privacy
Tags: amazonfraudleakpasswordscamtwo-factor authenticationWall Street JournalWSJ
(Read more...)
|
|
|
|
|
2017-04-13 09:00:09 |
Report: Cybercrime climate shifts dramatically in first quarter (lien direct) |
The first quarter of 2017 brought with it some significant changes to the threat landscape and we aren't talking about heavy ransomware distribution either. Threats which were previously believed to be serious contenders this year have nearly vanished entirely, while new threats and infection techniques have forced the security community to reconsider collection and analysis efforts.
Categories:
Malware
Threat analysis
Tags: adwareandroid malwarecelebgatecerberChris Boydcybercrimecybercrime tactics and techniquesdridexeitestexit scamexploit kitfappeningFindziphiddenads.lckhoeflertextintra market fraudjisutLockymac malwaremalspamMalwarebytesmalwarebytes labsnecurspotentially unwanted programspowershellPUPQ1 2017ransomwareRIG exploit kitsageSocial EngineeringSporasurvey scamstech support scammersvault 7windows malware |
|
|
|
|
2017-04-12 15:00:03 |
What is a zero day? (lien direct) |
You have probably heard the term zero-day or zero-hour malware, but what exactly does it mean?
Categories:
101
FYI
Tags: malwarezero dayzero day exploitzero hour malware
(Read more...)
|
|
|
|
|
2017-04-11 21:12:19 |
Sundown EK gone missing, Terror EK flavours seen in active drive-by campaigns (lien direct) |
With another player out at the moment, we take a look at a rebranded exploit kit in current malware campaigns.
Categories:
Exploits
Threat analysis
Tags: exploits kitsSundown EKTerror EK
(Read more...)
|
|
|
|
|
2017-04-11 15:00:18 |
Mastodon: different social network, additional risks (lien direct) |
Learn about the additional risks you can face when using Mastodon, a social network with important differences to traditional ones.
Categories:
Security world
Technology
Tags: Mastodonphishingsocial mediasocial network
(Read more...)
|
|
|
|
|
2017-04-10 22:05:31 |
GameStop customer data allegedly siphoned in possible breach (lien direct) |
GameStop confirmed with KrebsOnSecurity that they are currently investigating reports of hackers breaching their network and siphoning customer information.
Categories:
Cybercrime
Hacking
Tags: breachcard fraudfraudgamestopgamestop breachhackingmalware
(Read more...)
|
|
|
|
|
2017-04-10 17:49:20 |
ShadowBrokers fails to collect 1M bitcoins – releases stolen information (lien direct) |
ShadowBrokers finally made good on their promise to release the decryption key to unlock the stolen 'auction' file purportedly filled with NSA hacking tools.
Categories:
Cybercrime
Hacking
Tags: Equation GroupexploitshackhackingNSAopsecPresident TrumpShadowBrokers
(Read more...)
|
|
|
|
|
2017-04-10 15:00:43 |
USPS-themed malspam now delivering 1-2-3 knock-out (lien direct) |
We've detected an uptick in USPS-themed malspam walloping users with a 1-2-3 knock-out of nasty malware designed to infiltrate your system and steal all your most valuable information. This malware-laced email is actively being distributed with various Subject and Body messages containing references to missing and/or late USPS parcels.
Categories:
Malware
Threat analysis
Tags: JavaScriptmalspammalwaretrojanTrojan.BoaxxeTrojan.KovterUSPS
(Read more...)
|
|
|
|
|
2017-04-10 14:59:26 |
A week in security (Apr 03 – Apr 09) (lien direct) |
A compilation of notable security news and blog posts from the 3rd of April to the 9th. We focused on the 3-2-1 rule, further dissected Diamond Fox, and revealed a malvertising campaign targeting iOS users.
Categories:
Security world
Week in security
Tags: 3-2-1 ruleApplecyber threatDiamond FoxiOSransomwarerecapweek in securityweekly blog roundup
(Read more...)
|
|
|
|