What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2016-12-06 19:00:23 | Explained: Domain Generating Algorithm (lien direct) |  Domain Generating Algorithms are in use by cyber criminals to prevent their servers from being blacklisted or taken down. The algorithm produces random looking domain names. The idea is that two machines using the same algorithm will contact the same domain at a given time.Categories:
Security world
TechnologyTags: algorithmdgadomainDomain Generating AlgorithmgeneratinggenerationPieter Arntz(Read more...) |
|||
|
2016-12-05 18:40:47 | Fake Forbes story becomes bearer of “smart drug†news (lien direct) |  Scams of this nature doesn't only arrive via email. They may also be shared via social networking platforms, chat sessions, public comments on forums and blog posts, and (if legitimate websites aren't careful) sometimes they're inadvertently shared via ads on sites, especially if user browsing is done via mobile devices.Categories:
Cybercrime
Social engineeringTags: fake brain enhancement supplementForbesinteligenscamspamStephen Hawking(Read more...) |
|||
|
2016-12-05 17:00:50 | A week in security (Nov 27 – Dec 03) (lien direct) |  A compilation of notable security news and blog posts from the 27th of November to the 3rd of December. This week, we touched on Gooligan, attribution, a new WhatsApp phishing campaign, another ransomware, and a one-of-a-kind Apple spam.Categories:
Security world
Week in securityTags: apple spamattributionGooliganphishingransomwarerecapspamweekly blog roundupwhatsapp(Read more...) |
|||
|
2016-12-01 18:54:39 | Malware taking advantage of Android OS exploits, again: Gooligan (lien direct) |  Gooligan is a mobile malware targeting Android OS devices, many of which are susceptible to long known exploits, such as VROOT (CVE-2013-6282) and Towelroot (CVE-2014-3153).Categories:
Cybercrime
MobileTags: AndroidexploitGoogleGooliganmalware(Read more...) |
|||
|
2016-11-30 21:56:18 | Tor Browser zero-day strikes again (lien direct) |  A new zero-day has been found in the wild and was used against the popular Tor Browser. This exploit was meant to leak information about users, such as their IP address.Categories:
Exploits
Threat analysisTags: 0dayanti exploitexploitsfirefoxmozillaTor browserzero day(Read more...) |
|||
|
2016-11-30 19:00:35 | Calendar spam on Apple systems (lien direct) |  Mac and iOS users have been seeing a lot of strange entries appearing in their calendars for a while now, but there has been a big increase over the last few weeks. There are a couple different explanations for this, but the good news is that neither of them involves malware. The first cause has been...Categories:
Cybercrime
MacTags: AppleicloudiOSmacmacOS(Read more...) |
|||
|
2016-11-30 16:00:45 | Fake WhatsApp email comes as a billing alert (lien direct) |  Recently, we have received a report from one of our readers on Facebook regarding another criminal-driven campaign targeting WhatsApp users. It comes in the form of a phishing email, which our reader has forwarded for us to look into.Categories:
Cybercrime
Social engineeringTags: fake whatsapp billing alertfraudphishingphishing scamscamwhatsapp(Read more...) |
|||
|
2016-11-29 19:00:09 | Forced into installing a Chrome extension (lien direct) |  We have found several sites created for the sole purpose of attempting to force users to install a Chrome extension. These sites are usually redirects from domains that offer cracks, keygens, and adult entertainment.Categories:
Cybercrime
Social engineeringTags: chromeChrome ExtensionforcedextensionPieter ArntzrogueSpeedy chromeveritasi(Read more...) |
|||
|
2016-11-29 16:00:26 | Attribution Part II: Don\'t overthink it (lien direct) | Read more...) | |||
|
2016-11-28 23:30:21 | A week in security (Nov 20 – Nov 26) (lien direct) |  A compilation of notable security news and blog posts from the 20th of November to the 26th. This week, we talked about PrincessLocker, ransomware decryptors, malvertising on the Mac, and the Windows Firewall.Categories:
Security world
Week in securityTags: decryptorfirewallmalvertisingPrincessLockerransomwarerecapteslacryptweekly blog roundup(Read more...) |
Tesla | ||
|
2016-11-28 22:30:21 | Tech support scammers up their game with ransomware (lien direct) |  Ransomware is so popular that even tech support scammers have eventually adopted it. Now the ransom note asks you to call 'Microsoft' to get your encrypted files back.Categories:
Threat analysisTags: microsoftransomwaretech supporttech support scamsTSSVindows Locker(Read more...) |
|||
|
2016-11-28 16:00:03 | Mobile Menace Monday: Adups, old and new (lien direct) |  Recently, Kryptowire discovered a malicious app found on China-made mobile devices running the Android OS. This is a baked-in system app used to update the device's firmware but is found to also steal personal information, among other things.Categories:
Cybercrime
MobileTags: adupsAndroidAndroid/Backdoor.Agentbackdoormalwaremobile menace mondaytriple m(Read more...) |
|||
|
2016-11-23 21:31:49 | Video found freezing Apple devices (lien direct) |  A video has been found to freeze (a.k.a. cause a denial of service attack) on various models of Apple mobile devices according to YouTuber, EverythingApplePro, and reported by Bleeping Computer.Categories:
Cybercrime
MobileTags: AndroidAppleHTML5ipadiPhonemalware(Read more...) |
Uber | ||
|
2016-11-23 18:12:41 | Configuring the Windows firewall (lien direct) |  While the built-in Windows firewall may offer adequate protection, this is only true if you check the settings on a regular basis, and certainly immediately after removing an infection.Categories:
101
How-tosTags: allowed programsfrstmalwarenetshPieter Arntzsettingswindows firewall(Read more...) |
|||
|
2016-11-22 21:22:21 | TeleCrypt – the ransomware abusing Telegram API – defeated! (lien direct) |  A new ransomware, TeleCrypt appeared recently carrying some new ideas. Telecrypt abuses the API of a popular messenger, Telegram.Categories:
Malware
Threat analysisTags: malwareransomwareTeleCryptTeleCrypt DecryptorTelegram API(Read more...) |
|||
|
2016-11-22 17:43:33 | An overview of malvertising on the Mac (lien direct) |  Mac users may face less malware attacks than their Windows counterparts, but it doesn't mean they are safe from online crooks. In this post we review the top malvertising attacks that target the OS X platform and how to stay safe.Categories:
Social engineeringTags: Applemacmalvertisingmalwareos XPUPPUPsscam(Read more...) |
|||
|
2016-11-21 18:20:49 | PrincessLocker – ransomware with not so royal encryption (lien direct) |  PrincessLocker ransomware has appeared some time ago and has drawn out attention by using the same template of the site for a victim as Cerber did. In this article, we dig deeper and try to answer questions about its internal similarities with Cerber (and other known ransomware).Categories:
Malware
Threat analysisTags: cerberPrincessLockerransomware(Read more...) |
|||
|
2016-11-21 17:00:49 | A week in security (Nov 13 – Nov 19) (lien direct) | A compilation of notable security news and blog posts from the 13th of November to the 19th. This week, we campaigned during Anti-Bullying Week. We also pushed out a survey to our readers.Categories:
Security world
Week in securityTags: anti-bullying weekcyberbullyingrecapsurveyweekly blog roundup(Read more...) |
|||
|
2016-11-18 23:32:09 | Anti-Bullying Week: Of weasels, snakes, and queen bees (lien direct) |  The working class adults in an office setup are probably the least likely batch we'd think of when we're talking about bullying. However, it happens on a daily basis across a number of industries. For those who have witnessed bullying episodes in the office or who knows someone who bullies or is being bullied, adult bullying for them is not aware and not an uncommon occurrence.Categories:
101
FYITags: adult bullyinganti-bullying week(Read more...) |
|||
|
2016-11-17 22:27:24 | Anti-Bullying Week: No sympathy for the \'bully\'? (lien direct) |  This post focuses on bullying involving adolescents.Categories:
101
FYITags: anti-bullying weekchild security onlinecyberbullyingteen security(Read more...) |
|||
|
2016-11-16 16:00:48 | Malwarebytes Labs wants your feedback (lien direct) |  So in an effort to continue bringing you awesome security news and information to help you stay safe online, we want your feedback! We are opening up a limited survey to see how you like Malwarebytes Labs.Categories:
101
Malwarebytes newsTags: blogfeedbackgift cardmalwarebytes labssecuritysurvey(Read more...) |
|||
|
2016-11-15 22:40:20 | Anti-Bullying Week: “Monkey see, monkey do†(lien direct) |  Have you ever wondered when and how bullying starts? Research has indicated that bullying can start as early as the preschool years, particularly at the age of 3. Categories:
101
FYITags: anti-bullying weekchild security onlinecyberbullying(Read more...) |
|||
|
2016-11-14 20:36:19 | Pledge to use your power for good this Anti-Bullying Week (lien direct) |  The Anti-Bullying Alliance (ABA) is spearheading this year's "Anti-Bullying Week" campaign once more. The overall theme of this campaign is “Power for Goodâ€, which encourages children, teens, and adults alike that they can be powerful agents of change.Categories:
101
FYITags: anti-bullyinganti-bullying weekchild security onlineteen security(Read more...) |
|||
|
2016-11-14 17:00:06 | A week in security (Nov 06 – Nov 12) (lien direct) | A compilation of notable security news and blog posts from the 6th of November to the 12th. This week, we talked about exploit kits, Floki Bot, fake pharma sites, and ransomware.Categories:
Security world
Week in securityTags: exploit kitsfake pharmaFlokiBotmobile menace mondayransomwarerecapweekly blog roundup(Read more...) |
|||
|
2016-11-10 20:16:33 | Floki Bot and the stealthy dropper (lien direct) |  Floki Bot, described recently by Dr. Peter Stephenson from SC Magazine is yet another bot, based on the leaked Zeus code. However, the author came up with various custom modifications that makes it more interesting.Categories:
Malware
Threat analysisTags: BotFlokiBothasherezademalwaresyscall(Read more...) |
|||
|
2016-11-10 17:26:05 | Ransomware doesn\'t mean game over (lien direct) | Read more...) | |||
|
2016-11-09 18:49:36 | Exploit kits: fall 2016 review (lien direct) |  In this post, we review the changes in the exploit kit landscape over the past months by looking at new arrivals and departures.Categories:
ExploitsTags: EKexploit kitsMagnitudeNeutrino-vRIGRIG-Vsundown(Read more...) |
|||
|
2016-11-08 17:00:26 | Fake pharma sites are getting even more obnoxious (lien direct) |  Recently, we have noticed that pharma sites seem to have discovered the use of JavaScript to change the “Stay or Leave†messages that you see, when you try to close or leave their sites.Categories:
Cybercrime
Social engineeringTags: fake pharmaJavaScriptpharmaPieter ArntzSkypespam(Read more...) |
|||
|
2016-11-07 17:00:04 | Mobile Menace Monday: How dare that rootin\' Dirty COW (lien direct) | Read more...) | |||
|
2016-11-07 16:45:05 | A week in security (Oct 30 – Nov 05) (lien direct) | A compilation of notable security news and blog posts from the 30th of October to the 5th of November. This week, we highlighted on a tech support scam campaign, a malvertising campaign, a new way to spread phishing links, and a way for businesses to address cyber threats.Categories:
Security world
Week in securityTags: HookAdsHTML5malvertisingphishingrecapstudytech support scamtwitterweekly blog roundup(Read more...) |
|||
|
2016-11-03 17:25:42 | New cybersecurity report focuses on the private sector (lien direct) |  George Washington University's Center for Cyber and Homeland Security (CCHS), a “think and do†tank responsible for carrying out research and analysis on homeland security, counter-terrorism, and cybersecurity issues, has recently released a new report entitled “Into the Gray Zone: The Private Sector and Active Defense against Cyber Threatsâ€.Categories:
Business
Security worldTags: active defensecybersecurity policyprivacysecurity frameworkSMBstudy(Read more...) |
|||
|
2016-11-02 16:40:07 | Tech support scammers abuse bug in HTML5 to freeze computers (lien direct) |  A flaw found in an HTML5 API is being used by tech support scammers to push fraudulent pages and freeze people's computers with a fake virus warning.Categories:
Social engineeringTags: HTML5microsoftpushstatetech supporttech support scams(Read more...) |
|||
|
2016-11-01 15:00:34 | The HookAds malvertising campaign (lien direct) |  In this post we take a look at a malvertising campaign that we traced back to late August and that is targeting adult traffic. While initially pushing the Neutrino exploit kit, it switched to RIG EK in September. We estimate that at least one million visitors to adult websites were exposed to this particular campaign.Categories:
ExploitsTags: exploit kitHookAdsmalvertisingRIG EK(Read more...) |
|||
|
2016-10-31 09:00:40 | Promoted Tweet leads to credit card phishing (lien direct) |  There's been a bit of an issue with promoted Tweets on Twitter in the last few days - well, one specific promoted Tweet at any rate - in the form of a rogue phish asking for login credentials and payment information. We take a look at what the scammers have been up to, and how this scam could end up being quite successful for those involved...
Categories:
Cybercrime
Social engineeringTags: phishphishingscamtwitter(Read more...) |
Guideline | ||
|
2016-10-31 08:50:17 | A week in security (Oct 23 – Oct 29) (lien direct) | A compilation of notable security news and blog posts from the 23rd of October to the 29th. This week, we talked about Trick bot, attribution, a WhatsApp scam, and debunked certain hacker stereotypes.Categories:
Security world
Week in securityTags: attributionhacker stereotyperecapscamscamming as a servicetrick botweekly blog roundupwhatsapp scam(Read more...) |
|||
|
2016-10-28 16:00:19 | Get your RAT on Pastebin (lien direct) |  A dropper we analyzed downloaded the code for part of its payload from Pastebin on the fly. The payload turned out to be a RAT with keylogging capabilities.Categories:
Cybercrime
MalwareTags: keyloggerpastebinPieter Arntzrattempwinlogontrojan(Read more...) |
|||
|
2016-10-26 17:25:36 | UK WhatsApp users warned of latest in-the-wild scam (lien direct) |  Users of WhatsApp, that popular texting service application for mobile devices, are warned of a new scam making rounds that may have started late last week. The official Sainsbury's Twitter account has already denied the legitimacy of the message, and rightfully advised the user to simply delete or ignore the message without replying.Categories:
Cybercrime
Social engineeringTags: fake gift cardfake sainsburys promofake voucherscamwhatsappwhatsapp scam(Read more...) |
|||
|
2016-10-26 17:00:40 | Attribution, and when you should care: Part 1 (lien direct) |  Attribution is the practice of taking forensic artifacts of a cyber attack and matching them to known threats against targets with a profile matching your organization. If this seems overly complicated, that is intentional. There are degrees of attribution that map to very specific contexts and painting over that context with a simplistic reading accomplishes very little other than frightening decision makers into unnecessary expenditures. Categories:
101
Business
FYITags: attributionNSAThreat Intelthreat model(Read more...) |
|||
|
2016-10-26 15:00:08 | Debunking the hacker stereotype: Who are the real monsters? (lien direct) |  Thanks to Hollywood, the media, and even American politics, the lone hacker trope is alive and well. The truth is, there are a multitude of personas that represent hackers, with an equally diverse set of agendas.Categories:
101
FYITags: black hatcybercrimeddosgray hatHackerhacker stereotypehackersransomwarewhite hat(Read more...) |
|||
|
2016-10-25 17:37:24 | Scamming as a service – seriously (lien direct) |  Over the years we've done analysis on tech support scammers to include their tactics, infrastructure, front companies, payment mechanisms, and even how they hire. But one question that comes up frequently from security researchers is how a group of criminals, who are by most accounts computer illiterate, set up tech support scams that require a hard minimum of technical expertise, troubleshooting, and maintenance?Categories:
Cybercrime
HackingTags: scam in a boxscaminaboxtech supporttech support scamTSS(Read more...) |
|||
|
2016-10-24 13:14:16 | Trick Bot – Dyreza\'s successor (lien direct) | ||||
|
2016-10-24 13:00:34 | A week in security (Oct 16 – Oct 22) (lien direct) | A compilation of notable security news and blog posts from the 16th of October to the 22nd. This week, we reported about a Facebook hoax, a noteworthy DDoS attack, ransomware, and exploit kit campaigns. We also made several company announcements.Categories:
Security world
Week in securityTags: adwareAdwCleanerddosexploit kitfacebookfacebook hoaxhoaxrecapsundownweekly blog roundup(Read more...) |
|||
|
2016-10-21 22:05:44 | The Day the Internet Died (lien direct) |  Today there was a massive DDoS attack that targeted one of the DNS providers that acts as a backbone for the internet, especially in the western part of the world.Categories:
Cybercrime
HackingTags: adam kujawadnsDynDNShackingOpenDNS(Read more...) |
|||
|
2016-10-21 16:46:45 | PUP Friday: Content Protector (lien direct) |  Content Protector is an adware that is offered as a netfiltering program. This seems a bit strange for ad-supported software. It also comes with it's own certificate.Categories:
PUPs
Threat analysisTags: adwarecontent defenderContent protectornetfilterPieter ArntzPUPPUPs(Read more...) |
|||
|
2016-10-20 17:00:50 | Malwarebytes teams up with Breast Cancer Fund for awareness campaign (lien direct) |  Malwarebytes is proud to support the Breast Cancer Fund this October because of their work to shift the conversation from awareness to prevention. Categories:
Malwarebytes newsTags: Breast CancerBreast Cancer AwarenessBreast Cancer Awareness MonthBreast Cancer Fundprevention(Read more...) |
|||
|
2016-10-19 17:30:45 | The global impact of ransomware (lien direct) |  This infographic, based on the results of an Osterman Research report, shows how cybercriminals' ramped up ransomware efforts have had a stunning global impact on businesses. Categories:
101
InfographicsTags: malvertisingOsterman reportransomware(Read more...) |
|||
|
2016-10-19 15:00:40 | Malwarebytes Acquires AdwCleaner (lien direct) |  As part of our mission to get more aggressive in the detection of Potentially Unwanted Programs (PUPs) we are announcing the acquisition of AdwCleaner.Categories:
CEO announcements
Malwarebytes newsTags: acquisitionAdwCleanermarcin kleczynskinewspress releasePUPs(Read more...) |
|||
|
2016-10-18 22:00:16 | Yet another Sundown EK variant? (lien direct) |  The Sundown exploit kit is keeping us busy by switching from one variant to the next. This latest one clearly was inspired by the original source code and we take the time to explore it a little bit more.Categories:
ExploitsTags: EKexploit kitLockysundown(Read more...) |
|||
|
2016-10-18 20:53:45 | Facebook will make all posts public. Not! (lien direct) |  You may have seen such odd posts on your Facebook friends feed lately. If you wonder what those are really about, read on.Categories:
Cybercrime
Social engineeringTags: facebookfacebook hoaxfacebook privacy hoaxhoax(Read more...) |
|||
|
2016-10-18 12:00:42 | Report: The Anatomy of Tech Support Scams (lien direct) | Each year, several million people fall for tech support scams and according to Microsoft, in 2015 alone crooks walked away with an estimated $1.5 billion. Malwarebytes has been actively engaged in the fight against tech support scammers overseas, but also here at home in the US.Categories:
Social engineeringTags: Anti-MalwareFederal Trade CommissionFTCmicrosofttech supporttech support scams(Read more...) |
To see everything:
Our RSS (filtrered)
