Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2017-04-08 15:00:23 |
(Déjà vu) The top 5 dumbest cyber threats that work anyway (lien direct) |
The common conception of cyber attacks is kind of like bad weather: ranging from irritating to catastrophic, but always unpredictable. Hackers are simply too sophisticated to draw any reliable judgments on and we shouldn't try. As it turns out, some hackers are fairly predictable in their successful use of really dumb attacks.
Categories:
Cybercrime
Hacking
Social engineering
Tags: Business Email Compromisecyber attackcyber threatsddosmalwareransomwarescamsql
(Read more...)
|
|
|
|
|
2017-04-06 17:10:49 |
Malvertising on iOS pushes eyebrow-raising VPN app (lien direct) |
A malvertising campaign on iOS is pushing a scareware page tricking Apple users into installing a free VPN app that comes with serious privacy implications.
Categories:
Social engineering
Threat analysis
Tags: AppleiOSiPhonemalvertisingmalwareMyMobileSecurescarewarevpn
(Read more...)
|
|
|
|
|
2017-04-06 15:00:30 |
Diamond Fox – part 2: let\'s dive in the code (lien direct) |
Read more...)
|
|
|
|
|
2017-04-05 15:00:06 |
3, 2, 1, GO! Make backups of your data! (lien direct) |
One of the best defenses against ransomware is having a good backup strategy. Having good backups protects your data against all sorts of unpleasant mishaps. A useful rule of thumb called the "3-2-1 rule", learn about it here.
Categories:
101
How-tos
Tags: backupscybersecurityransomware
(Read more...)
|
|
|
|
|
2017-04-04 17:17:02 |
Your ISP, browsing history, and what to do about it (lien direct) |
In late March, Congress approved a bill lifting restrictions imposed on ISPs last year concerning what they could do with information such as customer browsing habits, app usage history, location data, and Social Security numbers. Given that the repealed restrictions hadn't yet come into effect, the immediate impact of the new bill is somewhat unclear. But given what typically happens with massive stores of aggregated, location-specific customer data, the prognosis is not good.
Categories:
Privacy
Security world
Tags: comcastData privacyencryptionInternet PrivacyISPprivacy
(Read more...)
|
|
|
|
|
2017-04-03 15:00:17 |
(Déjà vu) A week in security (Mar 27 – Apr 02) (lien direct) |
A compilation of notable security news and blog posts from March 26th to April 2nd. This week, we look back at phishing campaigns, adware, ransomware, and more.
Categories:
Security world
Week in security
Tags: adwareGitHubmalwarephishingransomwarerecapSage ransomwareweekly blog roundupworld of warcraft
(Read more...)
|
|
|
|
|
2017-03-31 15:00:17 |
Steam spammers have a night at the movies (lien direct) |
We take a look at a spammer pushing what are claimed to be free movies on Steam's videogame artwork section. Spoiler: they're not movies, and you may want to get a refund for those tickets.
Categories:
Cybercrime
Social engineering
Tags: fakerIMDBmoviephishingspamsteamsurveysurveyswebcams
(Read more...)
|
|
|
|
|
2017-03-30 15:00:54 |
Tech support scammers and their banking woes (lien direct) |
We all know about tech support scams by this point. Unfortunately for the scammers, banks know this as well, making it quite difficult at times to maintain an account to store the criminal's ill-gotten gains. So how does the enterprising criminal cash out with your money? Let's take a look.
Categories:
Cybercrime
Social engineering
Tags: fraudscamtech supporttech support scamsTSS
(Read more...)
|
|
|
|
|
2017-03-29 23:00:52 |
Websites compromised in \'Decimal IP\' campaign (lien direct) |
This URL is quite probably unlike anything you've ever seen before and yet still works and redirects to malware.
Categories:
Cybercrime
Exploits
Tags: 1760468715EKmalwareRIG EKRIG exploit kitsite hacks
(Read more...)
|
|
|
|
|
2017-03-29 15:00:24 |
Explained: Sage ransomware (lien direct) |
Sage is yet another ransomware that has become a common threat nowadays. Similarly to Spora, it has capabilities to encrypt files offline. The malware is actively developed and currently, we are facing outbreak of version 2.2. of this product.
Categories:
Malware
Threat analysis
Tags: encryptionhasherezademalwarephishransomwareSage ransomwareSpora Ransomware
(Read more...)
|
|
|
|
|
2017-03-29 14:00:25 |
What are exploits? (And why you should care) (lien direct) |
At one point in the not-so-distant past, exploits were responsible for delivering 80 percent of malware to people's systems. But exploits seem to be experiencing a lull today. Does this mean they're gone for good or is this simply the calm before the storm? Let's break down this stealthy threat so you can not only know your enemy, but also be appropriately prepared should the exploit attacks return.
Categories:
101
FYI
Tags: EKsexploit kitsexploitsmalvertisingransomwarevulnerabilities
(Read more...)
|
|
|
|
|
2017-03-28 22:40:11 |
(Déjà vu) A week in security (Mar 20th – Mar 26th) (lien direct) |
A compilation of notable security news and blog posts from the 20th to the 26th of March. This week, we look back at phishing campaigns, PUPs, ransomware, and more.
Categories:
Security world
Week in security
Tags: newsphishingPUPsransomwareweek in securityweekly roundup
(Read more...)
|
|
|
|
|
2017-03-28 15:00:14 |
World of Warcraft phish campaign lures victims with free pet (lien direct) |
We take a look at a World of Warcraft phish doing the rounds which could stand to do a spot of updating where it's branding is concerned.
Categories:
Cybercrime
Social engineering
Tags: battleblizzardphishphishingworld of warcraft
(Read more...)
|
|
|
|
|
2017-03-27 16:00:52 |
Mobile Menace Monday: Preinstalled adware and sometimes worse (lien direct) |
BLU manufactured mobile devices have been discovered with preinstalled adware known as Android/Adware.YeMobi.
Categories:
Cybercrime
Mobile
Tags: adwareAndroidGoogle PlayMobilepreinstalledsystem apptriple m
(Read more...)
|
|
|
|
|
2017-03-27 15:00:38 |
Explained: Packer, Crypter, and Protector (lien direct) |
In this article we will try to explain the terms packer, crypter, and protector in the context of how they are used in malware.
Categories:
Cybercrime
Malware
Tags: cryptermalwarepackerprotectorransomwarevirtualization
(Read more...)
|
|
|
|
|
2017-03-24 15:00:05 |
Advanis tech support screenlocker (lien direct) |
We briefly show you the workings of a tech support scammers lockscreen and introduce you to the person behind the scenes.
Categories:
Cybercrime
Malware
Tags: advanisbrgsinstallreports.comscreenlockertech supporttech support scamTSS
(Read more...)
|
|
|
|
|
2017-03-23 22:26:26 |
New targeted attack against Saudi Arabia Government (lien direct) |
Several Saudi Arabia organizations are being targeted in a new spear phishing campaign.
Categories:
Social engineering
Tags: anti exploitphishingsaudi arabiaspear phishing
(Read more...)
|
|
|
|
|
2017-03-23 15:00:40 |
Hackers threaten to wipe Apple devices (lien direct) |
According to a report from Motherboard, a group of hackers calling themselves "Turkish Crime Family" is threatening to remotely erase devices belonging to hundreds of millions of Apple customers. They will do this on April 7, they say, if Apple doesn't pay them a ransom.
Categories:
Cybercrime
Mac Cybercrime
Tags: AppleApple IDdata breachicloudiOSiPhonephishing
(Read more...)
|
|
|
|
|
2017-03-22 15:00:27 |
SMS phishing for the masses (lien direct) |
This post looks at a recent SMS phishing scam for the RBC bank and a tool the attackers may have used to bulk send fraudulent SMS messages.
Categories:
Social engineering
Tags: Bank of MontrealBMOphishingRBCRoyal BankSendroidsms
(Read more...)
|
|
|
|
|
2017-03-21 15:48:54 |
Canada and the U.K. hit by Ramnit Trojan in new malvertising campaign (lien direct) |
This new malvertising campaign on adult websites was pushing the Ramnit information stealer.
Categories:
Exploits
Tags: exoclickmalvertisingramnitRIGRIGEK
(Read more...)
|
|
|
|
|
2017-03-20 15:00:03 |
Chinese PUPs and backdoor drivers: making systems less secure since 2013 (lien direct) |
In this blog, we expose a family of backdoor drivers that have been included in various PUPs of Chinese origin for several years.
Categories:
Malware
PUP/PUM
Threat analysis
Tags: IOCTLPUPPUPs
(Read more...)
|
|
|
|
|
2017-03-20 13:37:07 |
Twitter app spams Fappening bait and Amazon surveys (lien direct) |
With news of another so-called Fappening (nude photos of celebrities distributed without permission)Â doing the rounds, it was inevitable that scammers would look to take advantage. We've already seen message board aficionados warn others of dodgy download links and random Zipfiles claiming to contain stolen nude photos and video clips, but today we're going to look...
Categories:
Cybercrime
Social engineering
Tags: amazonappfappeningPaigespamsurveytwitter
(Read more...)
|
|
|
|
|
2017-03-17 15:00:41 |
Diamond Fox – part 1: introduction and unpacking (lien direct) |
In this short series of posts, we will take a deep dive in a sample of Diamond Fox delivered by the Nebula Exploit Kit (described here). We will also make a brief comparison with the old, leaked version, in order to show the evolution of this product.
Categories:
Malware
Threat analysis
Tags: Diamond FoxGornychmalwareVisual BasicVisual Basic Decompiler
(Read more...)
|
|
|
|
|
2017-03-14 19:58:50 |
A week in security (Mar 6th – Mar 12th) (lien direct) |
A compilation of notable security news and blog posts from the 6th to the 12th of March. This week, we look back at ransomware, exploit kits, and Mac security myths.
Categories:
Security world
Week in security
Tags: exploitmacransomwarescannertorweekly blog roundup
(Read more...)
|
|
|
|
|
2017-03-14 15:00:00 |
How not to phish a security researcher on Twitter (lien direct) |
What happens when a phisher decides to try and directly phish a security researcher on Twitter? This.
Categories:
Cybercrime
Social engineering
Tags: DMphishphisherphishingtwitter
(Read more...)
|
|
|
|
|
2017-03-13 18:18:36 |
Adware vs. Ad-fraud (lien direct) |
We explain what adware and ad fraud are and point out the differences by discussing the methods and the classification of the malware that is involved.
Categories:
Cybercrime
Malware
Tags: ad fraudad supportedadvertisingadwarespoofingstackingstuffing
(Read more...)
|
|
|
|
|
2017-03-10 18:00:09 |
Explained: Spora ransomware (lien direct) |
Spora ransomware has joined the family of ransomware created by professionals. Take a closer look at Spora.
Categories:
Malware
Threat analysis
Tags: malwareransomwareSporaSpora Ransomware
(Read more...)
|
|
|
|
|
2017-03-10 16:00:12 |
CryptoBlock ransomware and its C2 (lien direct) |
CryptoBlock is an interesting ransomware to keep an eye on. We expect this to be a ransomware that is in development to eventually develop into a RaaS (Ransomware as a Service).
Categories:
Malware
Threat analysis
Tags: CryptoBlockraasransomwareRansomware as a Servicevirustotal
(Read more...)
|
|
|
|
|
2017-03-09 20:08:35 |
Exploit kits: Winter 2017 review (lien direct) |
We take a look at the current exploit kit scene (Winter 2017) according to our telemetry and honeypots.
Categories:
Exploits
Threat analysis
Tags: EKexploit kitsMagnitudemalvertisingmalvertsmalwareneutrinoransomwareRIGsundown
(Read more...)
|
|
|
|
|
2017-03-09 18:00:58 |
Torify and analyze traffic for your VM (lien direct) |
Several solutions to isolate and analyze a VM network traffic for malware analysis purpose exist. Whonix, Tor and Virtual makes this process painless and efficient.
Categories:
How-tos
Threat analysis
Tags: networkprotectionsecurityVirtual MachinesVM
(Read more...)
|
|
|
|
|
2017-03-08 17:55:56 |
“Federal Ministry of Agriculture†419 spam (lien direct) |
We quickly shakedown a 419 spam mail currently in circulation.
Categories:
Cybercrime
Social engineering
Tags: 419emailfakescamspam
(Read more...)
|
|
|
|
|
2017-03-08 16:00:40 |
Mac security facts and fallacies (lien direct) |
There are many Mac security myths circulating among users. So how can you tell if the advice you're reading is fact or fallacy? Read on to find out!
Categories:
101
Mac
Tags: adwareApplemacMac securitymacOSmalwarePUPs
(Read more...)
|
|
|
|
|
2017-03-07 16:00:14 |
A multi-purpose fake online scanner (lien direct) |
Just to show you that behind some PUPs there are threat actors that are too lazy to be bothered, we offer you a fake online scanner that was used to promote the infamous MacKeeper and a Windows system optimizer called Advance-System-Care.
Categories:
Cybercrime
Malware
Tags: advance-system-carefakeMacKeeperonline scanPieter Arntz
(Read more...)
|
|
|
|
|
2017-03-06 18:04:31 |
Malwarebytes Labs Presents: The Cybercrime Tactics and Techniques Report (lien direct) |
In our first wrap-up of the threat landscape, we are going to cover the trends observed during the last few months of 2016, provide an analyst's view of the threats, and offer some predictions for the beginning of 2017. Moving forward, every quarter we will bring you a view of the threat landscape through the eyes of Malwarebytes researchers and analysts.
Categories:
Malware
Threat analysis
Tags: 2016ad fraudcerbercybercrimekovterLockymalwarebytes labspredictionsransomwarereporttrends
(Read more...)
|
|
|
|
|
2017-03-06 16:00:28 |
Mobile Menace Monday: Facebook Lite infected with Spy FakePlay (lien direct) |
A lite version of the popular mobile app Facebook has been infected with Android/Trojan.Spy.FakePlay.
Categories:
Cybercrime
Mobile
Tags: AndroidfacebookFacebook LiteGoogleMobilemobile menace mondaytriple mtrojan
(Read more...)
|
|
|
|
|
2017-03-03 16:00:07 |
Free antivirus coupon leads to tech support scam (lien direct) |
Yet another trick to watch out for with this free antivirus offer that misleads you into calling tech support scammers.
Categories:
Social engineering
Threat analysis
Tags: antiviruscouponGoogle ChromeMcAfeenortontech support scamTSS
(Read more...)
|
Guideline
|
|
|
|
2017-03-02 19:09:02 |
Coachella-gate: fire in the disco (lien direct) |
If you're registered on the Coachella website, you may have been swept up in a data breach hawking user details for sale on the Dark Web...
Categories:
Cybercrime
Malwarebytes news
Social engineering
Tags: Beyoncebreachcoachelladata breachphishphishing
(Read more...)
|
|
|
|
|
2017-03-02 16:00:57 |
Australians beware: myGov phishing on the prowl (lien direct) |
We look at a myGov phish which has been doing the rounds recently. There's even some peculiar antics going on late into the phish - shall we take a look?
Categories:
Cybercrime
Social engineering
Tags: bankbankingmyGovphishphishingscam
(Read more...)
|
|
|
|
|
2017-03-01 15:00:33 |
Two new Mac backdoors discovered (lien direct) |
On Valentine's Day, Mac users got a special "treat" in the form of new malware. Now, weeks later, there are signs of yet another piece of malware looming. This brings the count of malware (as opposed to adware or other threats) discovered for macOS this year up to 4, in only two short months.
Categories:
Cybercrime
Mac
Tags: Anti-MalwareAppleiOSiPhonemacmacOSmalwareXAgentXProtect
(Read more...)
|
|
|
|
|
2017-02-28 16:00:47 |
Decrypting after a Findzip ransomware infection (lien direct) |
The Findzip ransomware was discovered on February 22, 2017. At that time, it was thought that files would be irreversibly encrypted by this ransomware, with no chance of decryption. Turns out, that's not quite true.
Categories:
Cybercrime
Mac
Tags: AppleFilecoderFindzipFindzip ransomwaremacmacOSransomware
(Read more...)
|
|
|
|
|
2017-02-27 21:00:23 |
A week in security (Feb 20th – Feb 27th) (lien direct) |
A compilation of notable security news and blog posts from the 20th of February to the 27th of February. This week, we look back at tech support scams, tax tips, updating your social media privacy settings, and more.
Categories:
Security world
Week in security
Tags: AndroiddronesGooglemalwarepasswordsteamspyweekly round up
(Read more...)
|
|
|
|
|
2017-02-27 19:30:31 |
New Neutrino Bot comes in a protective loader (lien direct) |
We take another look at the Neutrino bot, known for its diverse feature set ranging from snooping on victims to performing DDos attacks. This latest version includes a hardened protective layer aimed at defeating sandboxes and hiding the bot from discovery.
Categories:
Cybercrime
Malware
Threat analysis
Tags: exploit kitmalvertisingmalwareneutrino botneutrino ekpacker
(Read more...)
|
|
|
|
|
2017-02-27 18:00:54 |
DNSSEC: why do we need it? (lien direct) |
We take a look at what DNSSEC is and why we need it. Plus an overview of how far the implementation has progressed in the Netherlands based on a SIDN report.
Categories:
Security world
Technology
Tags: authenticationcertificatednssecdomain name securityPieter Arntz
(Read more...)
|
|
|
|
|
2017-02-24 20:12:36 |
Fake FBI mail: “Send us $112 or we\'ll lock your iCloud account†(lien direct) |
Read more...)
|
|
|
|
|
2017-02-24 18:00:25 |
Who else crushed it at RSA? (lien direct) |
Malwarebytes was proud to once again take part in this spectacular week-long event. Thousands of customers, new businesses, students, press, and industry analysts made their way to our new booth to catch our giant threat theater presentation, see a demo, grab a new collectible T-shirt, and say “Hi†to our robot (who was officially named ZERO).
Categories:
Conferences
Security world
Tags: cybersecurityMalwarebytes EventsransomwareRSARSA ConferenceRSA Conference 2017
(Read more...)
|
|
|
|
|
2017-02-24 17:00:50 |
Malwarebytes teams up with Cybersecurity Factory (lien direct) |
Malwarebytes is proud to support Cybersecurity Factory, a 10-week summer program for early-stage cybersecurity companies.
Categories:
Malwarebytes news
Tags: Cybersecurity FactoryentrepreneursHighland Capital PartnersMalwarebytesmentorshipphilanthropy
(Read more...)
|
|
|
|
|
2017-02-23 18:00:04 |
What to do after recovering from a cyberattack (lien direct) |
More companies are falling victim to cyberattacks, as a wide range of harmful software, social engineering schemes and scams threaten to compromise the personal information and online safety of their clients. With cybercrime rates on the increase every year, it is important for businesses of all sizes to have a recovery plan in place to mitigate any losses. In the unfortunate event of a data breach, these are the steps you should take to recover.
Categories:
101
Business
Tags: cyberattackcybersecuritydata breachSecure Thoughtstwo-factor authentication
(Read more...)
|
|
|
|
|
2017-02-23 16:00:31 |
Mac ransomware on piracy sites (lien direct) |
February has been a relatively busy month in the world of Mac malware, and now it has gotten busier with the appearance of the second piece of ransomware ever to affect macOS.
Categories:
Mac
Threat analysis
Tags: Adobe Premier ProAppleFindzipmacmacOSmalwareMicrosoft Officeransomware
(Read more...)
|
|
|
|
|
2017-02-23 14:00:07 |
How do I secure my social media profile? (lien direct) |
Quitting social media entirely can be unrealistic, or at least seriously unfun. So it's important to take a moment to check out account settings before you start, to make absolutely sure you're okay with the service's default settings.
Categories:
101
Cybercrime
How-tos
Privacy
Tags: how toInstagramLinkedInphishphishingprivacysocial mediaspamtwitter
(Read more...)
|
|
|
|
|
2017-02-22 15:00:08 |
Tips to stay secure during tax season (lien direct) |
What are some ways you can protect your information (and identity) during tax season? Here are tried and true tips to help ease the stress.Categories:
101
How-tosTags: identity thefttax fraudtax seasontwo-factor authentication(Read more...) |
|
|
|