This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-08T23:35:05+00:00 www.secnews.physaphae.fr Malwarebytes Labs - MalwarebytesLabs A compilation of notable security news and blog posts from the 9th of October to the 15th. This week, we touched on threat modeling, a PUP, IRS fraud, and laws concerning the usage of social media in the UK.Categories: Security world Week in securityTags: irs fraudpotentially unwanted programsrecapsocial mediathreat modelingweekly blog roundup(Read more...)]]> 2016-10-17T21:29:04+00:00 https://blog.malwarebytes.com/security-world/2016/10/a-week-in-security-oct-09-oct-15/ www.secnews.physaphae.fr/article.php?IdArticle=203654 False None None None Malwarebytes Labs - MalwarebytesLabs In this post we take a quick glance at some changes made to the Sundown exploit kit. The landing page has been tweaked and uses various obfuscation techniques. Sundown is used in some smaller campaigns and in this particular case dropped a downloader followed by a banking Trojan.Categories: Exploits Threat analysisTags: EKexploit kitInternet ExplorerkronosmalvertisingRIG EKsmoke loadersundownSundown EKTrojans(Read more...)]]> 2016-10-17T19:00:24+00:00 https://blog.malwarebytes.com/threat-analysis/2016/10/new-looking-sundown-ek-drops-smoke-loader-kronos-banker/ www.secnews.physaphae.fr/article.php?IdArticle=203401 False None None None Malwarebytes Labs - MalwarebytesLabs We mobile researchers sometimes classify apps in order to warn users of its presence because of its potential harm, but leave it up to the users' discretion to remove. This is the case when it comes to a subcategory of PUPs called monitors. Monitoring apps are those that can be great tools if you lose your phone, but could also be easily used to spy on an unsuspecting target.Categories: Cybercrime MobileTags: AndroidAndroid LostGoogle PlayMobilemobile menace mondaymonitormonitoring appPUPstriple m(Read more...)]]> 2016-10-17T17:42:18+00:00 https://blog.malwarebytes.com/cybercrime/2016/10/mobile-menace-monday-beware-of-monitoring-apps/ www.secnews.physaphae.fr/article.php?IdArticle=203167 False None None None Malwarebytes Labs - MalwarebytesLabs The UK's Crown Prosecution Services (CPS) has recently updated its social media guidelines for prosecutors and law enforcement in an effort to aid them in deciding on whether charges can be pressed against internet users based on certain online behaviors.Categories: Government Security worldTags: baitingCrown Prosecution Servicesdog-pilingdoxxingsextingsocial mediatrollingUK social media guidelinesUnited Kingdomvirtual mobbing(Read more...)]]> 2016-10-14T13:00:40+00:00 https://blog.malwarebytes.com/security-world/2016/10/new-uk-legal-guidelines-for-law-enforcement-and-social-media/ www.secnews.physaphae.fr/article.php?IdArticle=197301 False None None None Malwarebytes Labs - MalwarebytesLabs There are many, many threat models available on the internet with extensive documentation on how to apply them to your organization. Most are designed to map out data flow, identify soft points in organizational processes, and assign mitigations based on specific type of probable attacker and their identified motivations. These models are great, they are thorough, and nobody ever uses them.Categories: 101 How-tosTags: APTGameraHackerMecha GodzillaThreat Intelthreat modeling(Read more...)]]> 2016-10-12T16:00:23+00:00 https://blog.malwarebytes.com/101/2016/10/threat-modeling-what-are-you-so-afraid-of/ www.secnews.physaphae.fr/article.php?IdArticle=193970 False None None None Malwarebytes Labs - MalwarebytesLabs A new Youndoo hijacker from the Elex family copies most of the settings from an existing Chrome user account to create a fake, infected one.Categories: Cybercrime MalwareTags: browser hijackerchromeelexfake Chrome profilePieter ArntzPUPPUPsYoundoo(Read more...)]]> 2016-10-11T16:00:23+00:00 https://blog.malwarebytes.com/cybercrime/2016/10/youndoo-creates-new-chrome-profile/ www.secnews.physaphae.fr/article.php?IdArticle=190855 False None None None Malwarebytes Labs - MalwarebytesLabs Over 600 fake call center employees in India were detained early last week for suspicion of conducting fraudulent or scam calls to US taxpayers while posing as IRS agents.Categories: Business Security worldTags: fake call centersIRS tax fraudrogue call centerstax fraudtax scam(Read more...)]]> 2016-10-10T20:35:55+00:00 https://blog.malwarebytes.com/security-world/2016/10/multiple-scam-centers-raided-in-india-for-irs-fraud/ www.secnews.physaphae.fr/article.php?IdArticle=188558 False None None None Malwarebytes Labs - MalwarebytesLabs A compilation of notable security news and blog posts from the 2nd of October to the 8th. This week, we talked about National Cybersecurity Awareness Month, the Eko malware, why we're toughening up on PUPs, and WMI hijackers.Categories: Security world Week in securityTags: eko malwareNCSAMpotentially unwanted programsrecapweekly blog roundupwmi hijackers(Read more...)]]> 2016-10-10T16:00:10+00:00 https://blog.malwarebytes.com/security-world/2016/10/a-week-in-security-oct-02-oct-08/ www.secnews.physaphae.fr/article.php?IdArticle=190857 False None None None Malwarebytes Labs - MalwarebytesLabs 2016-10-07T21:10:11+00:00 https://blog.malwarebytes.com/threat-analysis/2016/10/pup-friday-lets-talk-generic/ www.secnews.physaphae.fr/article.php?IdArticle=176925 False Guideline None None Malwarebytes Labs - MalwarebytesLabs Video games! They're great, except when they're not. And in this case, a very good game is giving players some very bad experiences in the realm of "all my data is ruined". Gaming cheats cause problems for those wanting to keep their save games free from harm. We take a look at the issue, and show how to avoid getting caught up in a spot of save game ruination.Categories: Cybercrime HackingTags: cloudgamesgaminghackingpcpress h to hacksteamsyncvideo games(Read more...)]]> 2016-10-07T16:00:31+00:00 https://blog.malwarebytes.com/cybercrime/2016/10/press-h-to-hack-earth-defense-force-needs-defending/ www.secnews.physaphae.fr/article.php?IdArticle=176272 False None None None Malwarebytes Labs - MalwarebytesLabs French Facebook users have been falling victim to a new Facebook Messenger “Trojan horse” arriving into their private message (PM) inboxes from network contacts.Categories: Cybercrime Social engineeringTags: eko malwarefacebookFacebook Messengerfacebook scamfake videofake youtube videomalwaretrojan(Read more...)]]> 2016-10-06T18:34:17+00:00 https://blog.malwarebytes.com/cybercrime/2016/10/malware-eko-affecting-french-facebook-users/ www.secnews.physaphae.fr/article.php?IdArticle=172329 False None None None Malwarebytes Labs - MalwarebytesLabs National Cybersecurity Awareness Month, observed every October, was created to ensure that every American has the resources they need to stay safe online.Categories: 101 FYITags: cybercrimecybersecuritynational cyber security alliancenational cybersecurity awarenessuser awareness(Read more...)]]> 2016-10-06T16:00:24+00:00 https://blog.malwarebytes.com/101/2016/10/october-is-national-cybersecurity-awareness-month/ www.secnews.physaphae.fr/article.php?IdArticle=172330 False None None None Malwarebytes Labs - MalwarebytesLabs We are getting even more critical about what we call a PUP, and what what we are going to be detecting and removing from user systems. Categories: CEO announcements Malwarebytes newsTags: malwareMalwarebytesmarcin kleczynskiPUPPUPs(Read more...)]]> 2016-10-05T19:01:22+00:00 https://blog.malwarebytes.com/malwarebytes-news/2016/10/malwarebytes-gets-tougher-on-pups/ www.secnews.physaphae.fr/article.php?IdArticle=168098 False None None None Malwarebytes Labs - MalwarebytesLabs This post describes how WMI hijackers work and why they are hard to find on an affected system. It also shows an example of such a hijacker called Yeabests after the domain it hijacks to.Categories: Cybercrime MalwareTags: elexhijackerPieter ArntzPUPshortclnshortcutwindows management instrumentationwmi(Read more...)]]> 2016-10-05T16:00:07+00:00 https://blog.malwarebytes.com/cybercrime/2016/10/explained-wmi-hijackers/ www.secnews.physaphae.fr/article.php?IdArticle=167836 False None None None Malwarebytes Labs - MalwarebytesLabs 2016-10-03T17:16:08+00:00 https://blog.malwarebytes.com/cybercrime/2016/10/mobile-menace-monday-youve-been-infected-or-have-you/ www.secnews.physaphae.fr/article.php?IdArticle=158191 False None None None Malwarebytes Labs - MalwarebytesLabs A compilation of notable security news and blog posts from September 25th to October 1st. This week, we discussed Komplex, that new Snap eyewear, a fake browser extension, more malvertising campaigns, and some little known truths about spoofing file extensions.Categories: Security world Week in securityTags: exploit kitfile extensionsKomplexmac malwareMac PUPmalvertisingPUPrecapRIG exploit kitweekly blog roundup(Read more...)]]> 2016-10-03T16:00:36+00:00 https://blog.malwarebytes.com/security-world/2016/10/a-week-in-security-sep-25-oct-01/ www.secnews.physaphae.fr/article.php?IdArticle=167838 False None None None Malwarebytes Labs - MalwarebytesLabs Last Friday, I wrote about a set of 6 PUP apps by Nikoff Security. This week, there have been some new developments in the story, some good news and some bad news.Categories: PUPs Threat analysisTags: AppleMac App StoreNikoff SecurityPUPPUPs(Read more...)]]> 2016-09-30T17:00:20+00:00 https://blog.malwarebytes.com/threat-analysis/2016/09/pup-friday-nikoff-security-redux/ www.secnews.physaphae.fr/article.php?IdArticle=148810 False None None None Malwarebytes Labs - MalwarebytesLabs It is a well-known fact that malware using social engineering tricks is designed to hide itself from being an obvious executable. In this short article, we will present two other less common tricks used to deceive users.Categories: Cybercrime MalwareTags: file extensionsmalwarepetyaSocial Engineeringspoofing(Read more...)]]> 2016-09-30T15:00:55+00:00 https://blog.malwarebytes.com/cybercrime/2016/09/lesser-known-tricks-of-spoofing-extensions/ www.secnews.physaphae.fr/article.php?IdArticle=148277 False None None None Malwarebytes Labs - MalwarebytesLabs Today, one of our researchers noticed a fake version of uBlock Origin, uploaded on the 29th of September, on the Chrome Web Store. If ever you find yourself searching for the said app within the store, you'll want to avoid imitations...Categories: Cybercrime Social engineeringTags: fake ad blockerfake chrome extensionfake ublock origin app(Read more...)]]> 2016-09-30T13:50:23+00:00 https://blog.malwarebytes.com/cybercrime/2016/09/imitation-ublock-origin-app-spotted-on-chrome-store/ www.secnews.physaphae.fr/article.php?IdArticle=148014 False None None None Malwarebytes Labs - MalwarebytesLabs A new security alliance is created to address concerns surrounding third-party providers who are associated with some of the biggest brands users trust. They aim to increase their compliance to cybersecurity standards and lessen the risks they may pose on businesses.Categories: Business Security worldTags: airbnbAtlassianbusiness securityDropboxGoDaddysecuritysecurity allianceSquaretwitterUbervendor security allianceVSA(Read more...)]]> 2016-09-29T22:26:16+00:00 https://blog.malwarebytes.com/security-world/2016/09/vendor-security-alliance-formed-to-improve-cybersecurity-of-third-party-providers/ www.secnews.physaphae.fr/article.php?IdArticle=145570 False None Uber None Malwarebytes Labs - MalwarebytesLabs Snapchat is now called Snap Inc. CEO Evan Spiegel talks about 3V advertising, the platform his company adapted for ad monetization. Then he unveils a new "toy" you can wear like Google Glass, but works more like GoPro. Boom.Categories: Privacy Security world TechnologyTags: advertisingGoogle Glassprivacysnap incsnapchatspecspectacles(Read more...)]]> 2016-09-29T16:00:59+00:00 https://blog.malwarebytes.com/security-world/2016/09/snapchat-rebrands-introduces-new-ad-platform-and-hardware/ www.secnews.physaphae.fr/article.php?IdArticle=144424 False None None None Malwarebytes Labs - MalwarebytesLabs Facebook has once again become the inadvertent launchpad of another celebrity death hoax campaign, luring fans of celebrity couple Brad Pitt and Angelina Jolie within the network to click potentially harmful links not a day long after the news of their divorce has hit mainstream media.Categories: Cybercrime Social engineeringTags: Angelina JolieBrad Pittbrad pitt hoaxcelebrity death hoaxfacebookfacebook hoaxmalwaresocial mediasocial media hoax(Read more...)]]> 2016-09-28T16:02:29+00:00 https://blog.malwarebytes.com/cybercrime/2016/09/brad-pitt-subject-of-new-hoax-after-split-with-jolie/ www.secnews.physaphae.fr/article.php?IdArticle=139565 False None None None Malwarebytes Labs - MalwarebytesLabs A new piece of Mac malware, dubbed Komplex, has been discovered by Palo Alto Networks. This malware provides a backdoor into the system, like most other recent Mac malware. Where it gets most interesting, though, isn't in its capabilities, but in the connections it allows us to make.Categories: Malware Threat analysisTags: KomplexmacMacKeepermalwarePalo Alto NetworksSofacy(Read more...)]]> 2016-09-27T20:00:14+00:00 https://blog.malwarebytes.com/threat-analysis/2016/09/komplex-mac-backdoor-answers-old-questions/ www.secnews.physaphae.fr/article.php?IdArticle=135719 False None None None Malwarebytes Labs - MalwarebytesLabs In the battle of exploit kits, RIG EK has earned some extra mileage by being leveraged in a high profile malvertising attack on popular website answers.com. The same domain shadowing campaigns that were popular in the Angler era are continuing with RIG now.Categories: ExploitsTags: exploit kitsmalvertisingneutrinoRIGRIG exploit kitsRIGEKwscript(Read more...)]]> 2016-09-27T16:10:54+00:00 https://blog.malwarebytes.com/cybercrime/exploits/2016/09/rig-exploit-kit-takes-on-large-malvertising-campaign/ www.secnews.physaphae.fr/article.php?IdArticle=134508 False None None None Malwarebytes Labs - MalwarebytesLabs A compilation of notable security news and blog posts from September 18th to September 24th. This week, we talked about malvertising, a pop star "marketing" stunt that may go horribly wrong in the long run, and ways one can secure their mobile phones.Categories: Security world Week in securityTags: ATM scamhosts fileJack JohnsonJust For Menmalvertisingmobile menace mondaymobile securityPUP FridayrecapSebastian Olzanskiweekly blog roundup(Read more...)]]> 2016-09-26T15:13:09+00:00 https://blog.malwarebytes.com/security-world/2016/09/a-week-in-security-sep-18-sep-24/ www.secnews.physaphae.fr/article.php?IdArticle=133180 False None None None Malwarebytes Labs - MalwarebytesLabs My attention was drawn a few weeks ago to a group of 6 apps in the Mac App Store, all made by someone named Nicholas Ebner. Part of what drew my attention was the name of one of the apps: Adware WebMedic Pro, suspiciously similar to the name of my old AdwareMedic app. This would...Categories: PUPs Threat analysisTags: antivirusmacMalwarebytesPUPPUPsransomware(Read more...)]]> 2016-09-23T17:00:19+00:00 https://blog.malwarebytes.com/threat-analysis/2016/09/pup-friday-nikoff-security/ www.secnews.physaphae.fr/article.php?IdArticle=117114 False None None None Malwarebytes Labs - MalwarebytesLabs 2016-09-22T18:10:28+00:00 https://blog.malwarebytes.com/cybercrime/2016/09/heres-your-unlimited-atm-card/ www.secnews.physaphae.fr/article.php?IdArticle=111620 False None None None Malwarebytes Labs - MalwarebytesLabs To get a leg up against a rising tide of mobile malware activity, don't just phone it in-secure your mobile phone with these tried and true methods.Categories: 101 How-tosTags: mobile phone securitymobile security(Read more...)]]> 2016-09-21T18:30:14+00:00 https://blog.malwarebytes.com/101/2016/09/top-10-ways-to-secure-your-mobile-phone/ www.secnews.physaphae.fr/article.php?IdArticle=106748 False None None None Malwarebytes Labs - MalwarebytesLabs The hosts file is the internet variant of a personal phonebook. We discuss a few malware variants that replace or change that phonebook, so you end up calling the wrong sites. The ones they want you to call.Categories: Cybercrime MalwareTags: dnshijackhostsMalwarebytesPieter Arntzthe more you knowtrojan(Read more...)]]> 2016-09-21T17:00:43+00:00 https://blog.malwarebytes.com/cybercrime/2016/09/hosts-file-hijacks/ www.secnews.physaphae.fr/article.php?IdArticle=106335 False None None None Malwarebytes Labs - MalwarebytesLabs The ICIT, an American cybersecurity research institute, made a case on the importance of healthcare security in an age where the threat landscape is rapidly changing yet medical institutions continually fail or are slow to adapt. As a result, patients end up at the losing end.Categories: Business Security worldTags: breachhealthcarehealthcare securityICITmedical recordsprivacystudy(Read more...)]]> 2016-09-21T15:58:34+00:00 https://blog.malwarebytes.com/security-world/2016/09/think-tank-summarizes-what-happens-to-healthcare-records-after-breach/ www.secnews.physaphae.fr/article.php?IdArticle=106010 False None None None Malwarebytes Labs - MalwarebytesLabs The website for Just For Men, a company that sells various products for men, had their website breached and was serving a password stealing Trojan. The malicious code embedded in the WordPress site was part of the EITest campaign and pushed the RIG exploit kit.Categories: Cybercrime ExploitsTags: anti exploitCombeeitestexploit kitJust For MenjustformenmalwareRIG EKtrojanwordpress(Read more...)]]> 2016-09-20T17:00:25+00:00 https://blog.malwarebytes.com/cybercrime/2016/09/just-for-men-website-serves-malware/ www.secnews.physaphae.fr/article.php?IdArticle=100668 False None None None Malwarebytes Labs - MalwarebytesLabs Singers will often use inventive ways to gain attention from an audience, or even draw new fans in. One trend in pop circles seems to be gaining popularity, but it might not be the best hype train to hop aboard. What could go wrong by sending your favourite singer login credentials to have them post a cool message from your account? Quite a bit, actually...Categories: Security world TechnologyTags: loginspasswordsphishingsingerssocial mediatwitter(Read more...)]]> 2016-09-20T14:00:51+00:00 https://blog.malwarebytes.com/security-world/2016/09/hackedbyseb-musical-password-chairs/ www.secnews.physaphae.fr/article.php?IdArticle=99796 False None None None Malwarebytes Labs - MalwarebytesLabs Beware of Antivirus Free 2016 in the Google Play story, it could very easily be confused for a legitimate AV scanner.Categories: Cybercrime MobileTags: antivirusfake avGoogle Playmobile menace monday(Read more...)]]> 2016-09-19T18:42:40+00:00 https://blog.malwarebytes.com/cybercrime/2016/09/mobile-menace-monday-fake-av-makes-it-onto-google-play/ www.secnews.physaphae.fr/article.php?IdArticle=95036 False None None None Malwarebytes Labs - MalwarebytesLabs A compilation of notable security news and blog posts from September 11th to September 17th. This week, we talked about DetoxCrypto ransomware, a tax fraud campaign, malvertisement on adult sites, and phishers having a bad day.Categories: Security world Week in securityTags: afraidgatedetoxcryptoHMRCneutrinophishingransomwarerecaptax fraudweekly blog roundup(Read more...)]]> 2016-09-19T18:00:31+00:00 https://blog.malwarebytes.com/security-world/2016/09/a-week-in-security-sep-11-sep-17/ www.secnews.physaphae.fr/article.php?IdArticle=99798 False None None None Malwarebytes Labs - MalwarebytesLabs Scammers will always try and imitate legitimate tools and services in an effort to trick people into harming their accounts and devices. If it isn't fake logins, it's dubious links on social media. If we're wading knee deep in 419 emails, you can bet another round of tech support scams will be along in a minute. Today we look at an attempt at pushing DetoxCrypto Ransomware which suggests its from Malwarebytes...Categories: Cybercrime MalwareTags: detoxDetoxCrypto RansomwaremalwareMalwarebytesmalwerbyteransomransomwarescam(Read more...)]]> 2016-09-16T19:23:07+00:00 https://blog.malwarebytes.com/cybercrime/2016/09/psa-detoxcrypto-ransomware-imitating-malwarebytes/ www.secnews.physaphae.fr/article.php?IdArticle=77982 False None None None Malwarebytes Labs - MalwarebytesLabs Take a look at some fake "free game" sites found on Instagram. Anyone with children in their family who can't get enough of freebies online may want to gently steer them away from the below. Everyone from PS4 to Nintendo gamers are potential targets.Categories: Cybercrime Social engineeringTags: fakeInstagramnintendophishPS4scamsurveysxbox(Read more...)]]> 2016-09-16T16:24:43+00:00 https://blog.malwarebytes.com/cybercrime/2016/09/free-console-games-on-instagram-not-exactly/ www.secnews.physaphae.fr/article.php?IdArticle=76690 False None None None Malwarebytes Labs - MalwarebytesLabs Facebook, Twitter, Google, and Microsoft have taken up the mantle to curb harmful speech on their platforms. The latest company to join this cause is Instagram, the popular image-sharing social media network among teens.Categories: Business Security worldTags: addressing hate speechEUfacebookGooglehate speechInstagramtrollingtwitter(Read more...)]]> 2016-09-15T23:09:59+00:00 https://blog.malwarebytes.com/security-world/2016/09/it-companies-unite-against-illegal-online-hate-speech/ www.secnews.physaphae.fr/article.php?IdArticle=72173 False None None None Malwarebytes Labs - MalwarebytesLabs 2016-09-15T18:21:06+00:00 https://blog.malwarebytes.com/cybercrime/2016/09/its-a-hard-life-for-phishers/ www.secnews.physaphae.fr/article.php?IdArticle=70826 False None None None Malwarebytes Labs - MalwarebytesLabs Phishing campaigns banking on the HM Revenue & Customs (HMRC) tax claim are not unheard of, especially in the UK. In this blog, we take a look at a recent phishing email.Categories: Cybercrime Social engineeringTags: HMRChmrc fraudhmrc phishPAYE fraudphishingtax refund fraud(Read more...)]]> 2016-09-14T16:05:20+00:00 https://blog.malwarebytes.com/cybercrime/2016/09/ahoy-there-more-hmrc-tax-refund-scams-ahead/ www.secnews.physaphae.fr/article.php?IdArticle=64366 False None None None Malwarebytes Labs - MalwarebytesLabs We show two examples of HTA induced infections we have seen recently. Nothing fancy, but feel free to consider it a general warning, that malware authors are expanding the number of file extensions they are using, to spread their payload.Categories: Cybercrime MalwareTags: attachmenthtaLockymalwarePieter Arntzransomwarethe more you know(Read more...)]]> 2016-09-13T17:00:40+00:00 https://blog.malwarebytes.com/cybercrime/2016/09/surfacing-hta-infections/ www.secnews.physaphae.fr/article.php?IdArticle=60517 False None None None Malwarebytes Labs - MalwarebytesLabs Read more...)]]> 2016-09-13T15:00:59+00:00 https://blog.malwarebytes.com/cybercrime/exploits/2016/09/neutrino-eks-afraidgate-pushed-in-malvertising-attack/ www.secnews.physaphae.fr/article.php?IdArticle=60055 False None None None Malwarebytes Labs - MalwarebytesLabs It always pays to train a wary eye on your text messages, as conniving phishers don't always stick to the tried and tested route of email scams. We take a look at a pair of SMS phishes sent directly to a mobile device - if you bank with Wells Fargo or Bank of America, these are two to watch out for.Categories: Cybercrime Social engineeringTags: bankBank of AmericaphishphishingsmsWells Fargo(Read more...)]]> 2016-09-12T15:00:17+00:00 https://blog.malwarebytes.com/cybercrime/2016/09/avoid-bofa-wells-fargo-sms-phishing/ www.secnews.physaphae.fr/article.php?IdArticle=54998 False None None None Malwarebytes Labs - MalwarebytesLabs A compilation of notable security news and blog posts from September 4th to September 10th. This week, we talked about a fake Pokémon Go app, a Mac OSX junk app, and some new Google Safe Browsing updates.Categories: Security world Week in securityTags: cybersecurityfacebookGooglemacpokemon GOransomwarerecaptrojanweekly blog roundup(Read more...)]]> 2016-09-12T14:00:43+00:00 https://blog.malwarebytes.com/security-world/2016/09/a-week-in-security-sep-04-sep-10/ www.secnews.physaphae.fr/article.php?IdArticle=60057 False None None None Malwarebytes Labs - MalwarebytesLabs MPlayerX has been around for over 2 years. With it's adware installer, adware, analysis avoidance behavior, and other PUPs calling it a PUP is a no-brainer.Categories: PUPs Threat analysisTags: adwareIronCoremalwareMalwarebytesMPlayerXPUPVSearch(Read more...)]]> 2016-09-09T15:00:32+00:00 https://blog.malwarebytes.com/threat-analysis/2016/09/pup-friday-mplayerx/ www.secnews.physaphae.fr/article.php?IdArticle=37354 False None None None Malwarebytes Labs - MalwarebytesLabs The Google Safe Browsing service is used by a number of other technologies to check threats against. These include Google's own products, such as Chrome and Android, and browsers like Apple Safari and Mozilla Firefox.Categories: Business Security worldTags: business securityGooglesafe browsingsite security(Read more...)]]> 2016-09-08T14:00:53+00:00 https://blog.malwarebytes.com/security-world/2016/09/google-empowers-website-owners-with-added-security-features/ www.secnews.physaphae.fr/article.php?IdArticle=31850 False None None None Malwarebytes Labs - MalwarebytesLabs A new mobile Trojan has been found using the popular game Pokémon Go as bait. Rest assured that this won't be the last mobile malware exploiting Pokémon Go.Categories: Cybercrime MobileTags: Androidfake pokemon gomalwareMobilemobile mondaypokemon GO(Read more...)]]> 2016-09-05T14:00:09+00:00 https://blog.malwarebytes.com/cybercrime/2016/09/mobile-menace-monday-pokemon-no-no/ www.secnews.physaphae.fr/article.php?IdArticle=17803 False None None None Malwarebytes Labs - MalwarebytesLabs A compilation of notable security news and blog posts from August 28th to September 3rd. This week, we talked about browser-based fingerprinting; what was going on with the Mac app, Transmission; and a tech support scam that banked on an iPad error popping up on Windows systems.Categories: Security world Week in securityTags: recapweekly blog roundup(Read more...)]]> 2016-09-05T13:45:32+00:00 https://blog.malwarebytes.com/security-world/2016/09/a-week-in-security-aug-28-sep-03/ www.secnews.physaphae.fr/article.php?IdArticle=31852 False None None None Malwarebytes Labs - MalwarebytesLabs This bogus error site can't decide if Windows or an iPad is at risk. Given the URL, you'd expect to see some sort of iPad related shenanigans taking place - an interesting twist on the well worn theme of tech support scams.Categories: Cybercrime Social engineeringTags: Appleerrorfakeipadscamvirus warningwindows(Read more...)]]> 2016-09-02T16:07:27+00:00 https://blog.malwarebytes.com/cybercrime/2016/09/ipad-error-windows-fakeout/ www.secnews.physaphae.fr/article.php?IdArticle=11652 False None None None Malwarebytes Labs - MalwarebytesLabs In this article, we take a look at a couple important takeaways from 2 recent hacks on Transmission. Categories: Mac Threat analysisTags: AppleKeRangerKeydnapmacmalwareransomwaretorrent(Read more...)]]> 2016-09-01T21:24:55+00:00 https://blog.malwarebytes.com/threat-analysis/2016/09/transmission-hijacked-again-to-spread-malware/ www.secnews.physaphae.fr/article.php?IdArticle=10153 False None None None Malwarebytes Labs - MalwarebytesLabs Learn about the strengths and possible improvements of the Malicious Website Protection module that comes with Malwarebytes Premium.Categories: 101 FYITags: maliciousMysteryFCMPieter Arntzprotection modulesteven burnwebsite(Read more...)]]> 2016-08-30T16:48:45+00:00 https://blog.malwarebytes.com/101/2016/08/explained-the-malwarebytes-website-protection-module/ www.secnews.physaphae.fr/article.php?IdArticle=9568 False None None None Malwarebytes Labs - MalwarebytesLabs A compilation of notable security news and blog posts from August 21st to August 27th. This week, we touched on a ransomware banking on Pokémon Go, two-factor authentication, Facebook, and a nefarious spyware.Categories: Security world Week in securityTags: recapweekly blog roundup(Read more...)]]> 2016-08-30T16:00:59+00:00 https://blog.malwarebytes.com/security-world/2016/08/a-week-in-security-aug-21-aug-27/ www.secnews.physaphae.fr/article.php?IdArticle=10155 False None None None Malwarebytes Labs - MalwarebytesLabs Read more...)]]> 2016-08-29T17:36:53+00:00 https://blog.malwarebytes.com/cybercrime/exploits/2016/08/mr-chows-website-serves-up-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=10156 False None None None Malwarebytes Labs - MalwarebytesLabs This post covers the information disclosure bugs in Internet Explorer and Edge that we sometimes refer to as 'fingerprinting'. We review past flaws as well as a currently unpatched one used in the wild before exploring some long term mitigations.Categories: ExploitsTags: EdgefingerprintingIEinformation disclosure(Read more...)]]> 2016-08-29T16:00:04+00:00 https://blog.malwarebytes.com/cybercrime/exploits/2016/08/browser-based-fingerprinting-implications-and-mitigations/ www.secnews.physaphae.fr/article.php?IdArticle=9386 False None None None Malwarebytes Labs - MalwarebytesLabs Registered owners of PlayStation and PSP can now enable this new security feature the next time they log in. This is wonderful news, indeed, and can be considered another win for security as we continue to see companies of all sizes take online concerns seriously and actually do something about it. Better late than never, right?Categories: Security world TechnologyTags: 2faplaystationpsntwo-factor authentication(Read more...)]]> 2016-08-28T00:40:46+00:00 https://blog.malwarebytes.com/security-world/2016/08/how-to-enable-2fa-on-the-playstation-network/ www.secnews.physaphae.fr/article.php?IdArticle=9167 False None None None Malwarebytes Labs - MalwarebytesLabs We told you how to tell if you're infected with malware. We told you how to clean up the infection if you get it. Now, here's how to prevent malware infection from happening in the first place.Categories: 101 How-tosTags: exploit kitslayered securitymalvertisingphishingprevent malware infection(Read more...)]]> 2016-08-26T18:36:38+00:00 https://blog.malwarebytes.com/101/2016/08/10-easy-ways-to-prevent-malware-infection/ www.secnews.physaphae.fr/article.php?IdArticle=9017 False None None None Malwarebytes Labs - MalwarebytesLabs Here's a Facebook phish which uses the incredibly old technique of blurring the supposed page underneath the login prompt. This is supposed to tantalise victims with what they could see if only they hand over login details. This tactic has been around from Facebook and Tumblr all the way back to Myspace, most typically in the form of the infamous "See who visited your page" type scams of yesteryear.Categories: Cybercrime Social engineeringTags: facebookphishphishingscam(Read more...)]]> 2016-08-26T16:30:27+00:00 https://blog.malwarebytes.com/cybercrime/2016/08/blurry-previews-and-facebook-phishing/ www.secnews.physaphae.fr/article.php?IdArticle=8990 False None None None Malwarebytes Labs - MalwarebytesLabs A recent study reveals (if not confirm) what most people may have already perceived: that most teens navigate the Internet via their smartphones using various websites and apps, and that there is a “digital disconnect” between U.S. parents and their teen children, who are between 13-17 years of age.Categories: 101 FYITags: Keeping Up with Generation Appnational cyber security allianceNCSAstudyteen security(Read more...)]]> 2016-08-25T19:00:54+00:00 https://blog.malwarebytes.com/101/2016/08/how-complex-are-the-digital-lives-of-teens-the-ncsa-takes-a-look/ www.secnews.physaphae.fr/article.php?IdArticle=8816 False None None None Malwarebytes Labs - MalwarebytesLabs Recently we got access to several elements of the espionage toolkit that has been captured attacking Vietnamese institutions. During the operation, the malware was used to dox 400,000 members of Vietnam Airlines.Categories: Malware Threat analysisTags: APTespionagehasherezadeKorplugspywareVietnam(Read more...)]]> 2016-08-25T16:32:44+00:00 https://blog.malwarebytes.com/threat-analysis/2016/08/unpacking-the-spyware-disguised-as-antivirus/ www.secnews.physaphae.fr/article.php?IdArticle=8787 False None None None Malwarebytes Labs - MalwarebytesLabs In this article we take a look at some tricks that target Google Chrome users to dupe them with the infamous tech support scam pop ups. In particular, we examine the fake address bar and alert dialogs which people have come to trust and yet can be deceiving.Categories: Social engineeringTags: chromeGoogletech support scamsTSS(Read more...)]]> 2016-08-25T14:00:43+00:00 https://blog.malwarebytes.com/cybercrime/social-engineering-cybercrime/2016/08/tech-support-scams-and-google-chrome-tricks/ www.secnews.physaphae.fr/article.php?IdArticle=8766 False None None None Malwarebytes Labs - MalwarebytesLabs Remote workers are often the weakest link in a company's cybersecurity defenses. Find out how your company can protect its network and remote employees from threats.Categories: 101 BusinessTags: remote workersthe cloudvpn(Read more...)]]> 2016-08-24T14:00:23+00:00 https://blog.malwarebytes.com/101/2016/08/how-to-secure-your-remote-workers/ www.secnews.physaphae.fr/article.php?IdArticle=8564 False None None None Malwarebytes Labs - MalwarebytesLabs This may be a new trend among browser hijackers, but it seems more than a coincidence that we found two browser hijackers using a very similar approach to reach their goal of taking victims to the sites of their choice.Categories: Cybercrime MalwareTags: dotdoHPDefenderHPRewriter2MultiplugPieter ArntzPUPrewrun3shortcuts(Read more...)]]> 2016-08-23T14:00:12+00:00 https://blog.malwarebytes.com/cybercrime/2016/08/file-in-the-middle-hijackers/ www.secnews.physaphae.fr/article.php?IdArticle=8476 False None None None Malwarebytes Labs - MalwarebytesLabs We have all seen the current popularity and craze with PokemonGo, it's no surprise cyber-criminals would plan on using this to their advantage and imitate the game with malicious substitutions. Categories: Malware Threat analysisTags: malwarepokemonpokemon GOransomware(Read more...)]]> 2016-08-22T20:00:48+00:00 https://blog.malwarebytes.com/threat-analysis/2016/08/pokemongo-ransomware-comes-with-some-clever-tricks/ www.secnews.physaphae.fr/article.php?IdArticle=8291 False None None None Malwarebytes Labs - MalwarebytesLabs On July 29, we published a blog titled "PUP Friday: Cleaning up with 5 star awards", taking a look at a registry cleaner called RegCleanPro made by Systweak. We detect the file in question as a PUP, and covered it as part of our regular PUP Friday series. The makers of Systweak software posted both to our blog comments (with no response to my reply, at time of writing) and also posted a blog on their website titled "How Malwarebytes Got It All Wrong with RegClean Pro". Below is a reply to both the comments made to our blog and their own post. The comments from their blog are numbered and in bold, green text, with our responses to each point underneath.Categories: PUPs Threat analysisTags: MalwarebytesPUPPUP Fridayregcleanprosystweak(Read more...)]]> 2016-08-22T14:00:42+00:00 https://blog.malwarebytes.com/threat-analysis/2016/08/systweak-redux-our-response/ www.secnews.physaphae.fr/article.php?IdArticle=10167 False None None None Malwarebytes Labs - MalwarebytesLabs A compilation of notable security news and blog posts from August 14th to August 20th. This week, we touched on the Shakti Trojan, one 419 scam and one SMS scam, and some very naughty Mac PUPs.Categories: Security world Week in securityTags: recapweekly blog roundup(Read more...)]]> 2016-08-22T13:30:35+00:00 https://blog.malwarebytes.com/security-world/2016/08/a-week-in-security-aug-14-aug-20/ www.secnews.physaphae.fr/article.php?IdArticle=10168 False None None None Malwarebytes Labs - MalwarebytesLabs We wrote an article in 2014 about some fraudulent behaviors involving MacKeeper. Fast forward to 2016, and unfortunately, the story is much the same.Categories: PUPs Threat analysisTags: ApplemacPUPPUPs(Read more...)]]> 2016-08-19T18:47:00+00:00 https://blog.malwarebytes.com/threat-analysis/2016/08/pup-friday-mackeeper/ www.secnews.physaphae.fr/article.php?IdArticle=8204 False None None None Malwarebytes Labs - MalwarebytesLabs We very quickly found ourselves in a deep rabbit-hole of Mac crapware when researching a major developer of Mac PUPs (potentially unwanted programs), PCVARK.Categories: PUPs Threat analysisTags: ApplemacPCVARKPUP(Read more...)]]> 2016-08-19T15:00:23+00:00 https://blog.malwarebytes.com/threat-analysis/2016/08/pcvark-plays-dirty/ www.secnews.physaphae.fr/article.php?IdArticle=10170 False None None None Malwarebytes Labs - MalwarebytesLabs Recently, we took a look at the interesting Trojan found by Bleeping Computer. Our small investigation on its background and possible attribution has led us to the conclusion that this threat is in reality not new – probably it has been designed in 2012 for the purpose of corporate espionage operations. Yet it escaped from...Categories: Malware Threat analysisTags: doxingespionageshaktistealertrojan(Read more...)]]> 2016-08-17T10:00:53+00:00 https://blog.malwarebytes.com/threat-analysis/2016/08/shakti-trojan-technical-analysis/ www.secnews.physaphae.fr/article.php?IdArticle=8067 False None None None Malwarebytes Labs - MalwarebytesLabs The scam comes in the form of an SMS, which contains a message stating that “Sarah”, the purported sender, has been in a “small accident” and is asking the recipient to text back once they've received her message.Categories: Cybercrime Social engineeringTags: SMS fraudsms scamUK fraud(Read more...)]]> 2016-08-17T07:00:46+00:00 https://blog.malwarebytes.com/cybercrime/2016/08/parents-beware-of-this-sms-scam/ www.secnews.physaphae.fr/article.php?IdArticle=10172 False None None None Malwarebytes Labs - MalwarebytesLabs 419 scams most commonly drop into your mailbox, but they do occasionally appear via other channels such as snail mail and social media. Today we're going to take a look at an angle seemingly beloved of scammers everywhere - a specific character type clung to down the years for no other reason than to cheat people out of their money. That character would happen to be "awesome UN peacekeeper with inexplicable access to millions of dollars because reasons".Categories: Cybercrime Social engineeringTags: 419fakephishphishingscam(Read more...)]]> 2016-08-16T07:49:48+00:00 https://blog.malwarebytes.com/cybercrime/2016/08/soldiering-on-the-5-6-million-419-scam/ www.secnews.physaphae.fr/article.php?IdArticle=8019 False None None None Malwarebytes Labs - MalwarebytesLabs Recently, Bleeping Computer published a short article about an unrecognized Trojan that grabs documents from the attacked computer and uploads them into a malicious server. Looking at the characteristics of the tool, we suspect that it has been prepared for the purpose of corporate espionage. So far, no AV has given any meaningful identification to this malware-it is detected under generic names. Since not much is known about its internals, we decided to take a closer look.Categories: Malware Threat analysisTags: doxingshaktispywaretrojan(Read more...)]]> 2016-08-15T21:55:20+00:00 https://blog.malwarebytes.com/threat-analysis/2016/08/shakti-trojan-stealing-documents/ www.secnews.physaphae.fr/article.php?IdArticle=8010 False None None None Malwarebytes Labs - MalwarebytesLabs The current cyber-threat landscape is an ever dynamic threat, we have state-sponsored cyber-threats and very sophisticated cyber-criminals to defend against. These threats come with their own motivations and objectives. We have all come to know ransomware, which, according to our study published earlier this month, has become one of the biggest cyber security threats in...Categories: Malware Threat analysisTags: malwareransomware(Read more...)]]> 2016-08-12T19:22:04+00:00 https://blog.malwarebytes.com/threat-analysis/2016/08/venus-locker-another-net-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=7964 False None None 2.0000000000000000 Malwarebytes Labs - MalwarebytesLabs We take a technical look at validating the leaked Chimera ransomware keys as well as if we can decrypt files with these keys.Categories: CybercrimeMalwareTags: Chimeradecryptorhasherezaderansomware(Read more...)]]> 2016-08-11T18:58:45+00:00 https://blog.malwarebytes.com/cybercrime/2016/08/decrypting-chimera-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=7687 False None None None Malwarebytes Labs - MalwarebytesLabs We've looked at the social engineering tactic of inserting a fake account into a conversation with legitimate support channels in the past, and today - thanks to Techhelplist - we can observe another one, this time going after Natwest bank logins. See how Twitter scammers are trying to steer potential victims away from legitimate support channels to phishing websites.Categories: CybercrimeSocial engineeringTags: bankbankingfakephishphishingscamSocial Engineeringtwitter(Read more...)]]> 2016-08-11T13:22:21+00:00 https://blog.malwarebytes.com/cybercrime/2016/08/scammers-sneak-into-customer-support-conversations-on-twitter/ www.secnews.physaphae.fr/article.php?IdArticle=7631 False None None None Malwarebytes Labs - MalwarebytesLabs It is a little odd to see an attack making use of two different exploit kits which serves the same malware payload. In this particular malvertising case, both RIG EK and Sundown EK are used to deliver the same threat, perhaps an indication that the actor behind this is doing some kind of testing or simply wants to maximize the infection rates by combining both EKs.Categories: ExploitsTags: EKsexploit kitsmalvertisingRIGsundown(Read more...)]]> 2016-08-10T16:36:02+00:00 https://blog.malwarebytes.com/cybercrime/exploits/2016/08/malvertising-campaign-delivers-two-exploit-kits-same-payload/ www.secnews.physaphae.fr/article.php?IdArticle=7459 False None None None Malwarebytes Labs - MalwarebytesLabs Celebrity death hoaxes are not new, yet every now and then someone with a public name can land on these bogus news headlines in an attempt by social engineers and hoaxers to gain traction and let the nature of the internet take its course.Categories: CybercrimeSocial engineeringTags: celebrity death hoaxfacebook hoaxhoaxjaden smith death hoax(Read more...)]]> 2016-08-09T15:12:38+00:00 https://blog.malwarebytes.com/cybercrime/2016/08/new-celebrity-death-hoax-hits-facebook/ www.secnews.physaphae.fr/article.php?IdArticle=7205 False None None 4.0000000000000000 Malwarebytes Labs - MalwarebytesLabs A compilation of notable security news and blog posts from July 31st to August 06th. This week, we talked about ransomware, Smoke Loader, a Facebook scam, and a new SEO scammer tactic.Categories: Security worldWeek in securityTags: recapweekly blog roundup(Read more...)]]> 2016-08-08T19:00:45+00:00 https://blog.malwarebytes.com/security-world/2016/08/a-week-in-security-jul-31-aug-06/ www.secnews.physaphae.fr/article.php?IdArticle=7162 False None None None Malwarebytes Labs - MalwarebytesLabs This time we will have a look at another payload from recent RIG EK campaign. It is Smoke Loader (also known as Dofoil), a bot created several years ago. One of its early versions was advertised on the black marker in 2011.Categories: MalwareThreat analysisTags: DofoildownloaderRIG EKsmoke loader(Read more...)]]> 2016-08-05T18:30:27+00:00 https://blog.malwarebytes.com/threat-analysis/2016/08/smoke-loader-downloader-with-a-smokescreen-still-alive/ www.secnews.physaphae.fr/article.php?IdArticle=7040 False None None None Malwarebytes Labs - MalwarebytesLabs EoRezo is a detection name that is in use for a big part of the adware family called Tuto4PC. The adware is bundled with other software and with tutorials (about software). The adware, although annoying, is usually harmless by itself, but that can't be said about the advertisements and sites it opens on the victim's computer.Categories: PUPsThreat analysisTags: eorezoPieter ArntzPUPsearch protecttuto4pc(Read more...)]]> 2016-08-05T14:30:12+00:00 https://blog.malwarebytes.com/threat-analysis/2016/08/pup-friday-adware-family-eorezo/ www.secnews.physaphae.fr/article.php?IdArticle=7021 False None None None Malwarebytes Labs - MalwarebytesLabs We recently sponsored a deep-dive study conducted by Osterman Research on the subject of Ransomware, and the results are a stark insight into one of the biggest problems facing both enterprise and home networks at the moment. Some key UK-centric findings: 40% of businesses worldwide attacked, but Senior UK IT staff suffered the highest number of...Categories: CybercrimeMalwareTags: malwareMalwarebytesransomwareresearch(Read more...)]]> 2016-08-05T09:27:55+00:00 https://blog.malwarebytes.com/cybercrime/2016/08/the-reality-of-ransomware-an-in-depth-study/ www.secnews.physaphae.fr/article.php?IdArticle=6902 False None None None Malwarebytes Labs - MalwarebytesLabs Read more...)]]> 2016-08-03T18:48:51+00:00 https://blog.malwarebytes.com/threat-analysis/exploits-threat-analysis/2016/08/a-look-into-neutrinos-jquerygate/ www.secnews.physaphae.fr/article.php?IdArticle=5786 False None None None Malwarebytes Labs - MalwarebytesLabs In what must be an attempt to drive victims crazy enough to call one of their numbers, Tech Support Scammers replace one logon lock-screen with another.Categories: MalwareTags: lockscreenPieter ArntzshellTechSupportScamswinlogon(Read more...)]]> 2016-08-02T14:04:19+00:00 https://blog.malwarebytes.com/cybercrime/malware/2016/08/tech-support-scams-two-for-the-price-of-one/ www.secnews.physaphae.fr/article.php?IdArticle=5254 False None None None Malwarebytes Labs - MalwarebytesLabs 2016-08-01T16:00:46+00:00 https://blog.malwarebytes.com/cybercrime/hacking/2016/08/googles-featured-snippets-abused-by-seo-scammers/ www.secnews.physaphae.fr/article.php?IdArticle=5063 False None None None Malwarebytes Labs - MalwarebytesLabs Systweak's RegClean Pro is quite a popular software. Top Ten Reviews, a consumer review portal based in Utah, has ranked it as number one in their “Registry Repair Software” category. It also boasts of having won more than a hundred 5-star awards. Yet in spite of these, something is amiss. With praises for it also...Categories: PUPsThreat analysisTags: PUPPUP Fridayregclean prosystweak(Read more...)]]> 2016-07-29T20:44:34+00:00 https://blog.malwarebytes.com/threat-analysis/2016/07/pup-friday-cleaning-up-with-5-star-awards/ www.secnews.physaphae.fr/article.php?IdArticle=4990 False None None 3.0000000000000000 Malwarebytes Labs - MalwarebytesLabs We look at one of the malicious executables recently delivered by RIG Exploit Kit that was packed in a .NET cryptor and includes similar features as one we found some time ago.Categories: MalwareThreat analysisTags: .NETBeta BotcryptercryptorFUDNeurevt(Read more...)]]> 2016-07-29T15:38:05+00:00 https://blog.malwarebytes.com/threat-analysis/2016/07/unpacking-yet-another-net-crypter/ www.secnews.physaphae.fr/article.php?IdArticle=4964 False None None None Malwarebytes Labs - MalwarebytesLabs It's been a busy few months for the Malwarebytes team. Infosec Europe, Chelsea FC, radio interviews, and a certain Blogger Awards that you may have voted on recently. How did we do? You'll have to read on to find out!Categories: ConferencesSecurity worldTags: awardsbest corporate blogblogger awardschelseainfosec europeinfosec16(Read more...)]]> 2016-07-29T10:19:05+00:00 https://blog.malwarebytes.com/security-world/2016/07/the-ipexpo-infosec-europe-blogger-awards-roundup/ www.secnews.physaphae.fr/article.php?IdArticle=4946 False None None None Malwarebytes Labs - MalwarebytesLabs No one has expected to see a mobile gaming app become so popular so fast and affect people the way it has. Indeed, the introduction of Pokémon Go—plus the sharp rise of popularity of augmented reality—has opened a lot of opportunities for cross-industry innovation and growth. Unfortunately, it's not all fun and games for every player and those caught in the experience of others.Categories: 101FYITags: ARaugmented realitypokemon GOtips(Read more...)]]> 2016-07-28T15:01:48+00:00 https://blog.malwarebytes.com/101/2016/07/five-ways-to-stay-safe-online-while-playing-pokemon-go/ www.secnews.physaphae.fr/article.php?IdArticle=4898 False None None None Malwarebytes Labs - MalwarebytesLabs Read on to learn how the latest downloaders used to deliver Locky ransomware and show how to statically decipher their hidden URLs.Categories: MalwareThreat analysisTags: downloaderLocky(Read more...)]]> 2016-07-27T14:28:25+00:00 https://blog.malwarebytes.com/threat-analysis/2016/07/from-locky-with-love-reading-malicious-attachments/ www.secnews.physaphae.fr/article.php?IdArticle=4799 False None None None Malwarebytes Labs - MalwarebytesLabs We've covered the Neutrino and Magnitude exploit kits. Now we take a look at number #3, RIG EK and the different distribution paths using packet captures collected by our honeypot. The campaigns for distribution involve malvertising and compromised sites (much like all other EKs) but there is a notable diversity in how many different ways RIG EK is being loaded and the type of payloads it is serving.Categories: ExploitsTags: EKexploitsRIG(Read more...)]]> 2016-07-27T03:03:05+00:00 https://blog.malwarebytes.com/threat-analysis/exploits-threat-analysis/2016/07/a-look-into-some-rig-exploit-kit-campaigns/ www.secnews.physaphae.fr/article.php?IdArticle=4768 False None None None Malwarebytes Labs - MalwarebytesLabs An Advanced Persistent Threat (APT) is a prolonged, aimed attack on a specific target with the intention to compromise their system and gain information from or about that target. The target can be a person, an organization or a business. Categories: Malware(Read more...)]]> 2016-07-26T15:21:17+00:00 https://blog.malwarebytes.com/cybercrime/malware/2016/07/explained-advanced-persistent-threat-apt/ www.secnews.physaphae.fr/article.php?IdArticle=4724 False None None None Malwarebytes Labs - MalwarebytesLabs It has been six months since David and Carol Martin, a Scottish couple in the UK, received the highest National Lottery pay out made to any winner to date. And scammers have been taking advantage of it for half a year now. Don't be misled by this so-called "donation scam".Categories: CybercrimeSocial engineeringTags: 419 scamdavid and carol martindonation scamemail scamlottery(Read more...)]]> 2016-07-25T14:46:49+00:00 https://blog.malwarebytes.com/cybercrime/2016/07/the-little-419-scam-that-could/ www.secnews.physaphae.fr/article.php?IdArticle=4648 False None None 5.0000000000000000 Malwarebytes Labs - MalwarebytesLabs We examine a cross-platform malware with a Mac payload and found the hackers behind it really didn't put that much effort into making it work on the Mac.Categories: MacThreat analysisTags: Applemacmalwarerat(Read more...)]]> 2016-07-22T18:41:36+00:00 https://blog.malwarebytes.com/threat-analysis/2016/07/cross-platform-malware-adwind-infects-mac/ www.secnews.physaphae.fr/article.php?IdArticle=4581 False None None 5.0000000000000000 Malwarebytes Labs - MalwarebytesLabs When you jump online, your computer uses an IP address to communicate—something easily found and exploited by cybercriminals. Here's how to hide your IP address from prying eyes.Categories: 101How-tosTags: ddosIP address(Read more...)]]> 2016-07-22T15:25:00+00:00 https://blog.malwarebytes.com/101/2016/07/how-to-protect-your-ip-address/ www.secnews.physaphae.fr/article.php?IdArticle=4573 False None None None Malwarebytes Labs - MalwarebytesLabs Scammers send a well known verified account a "Please authorize this app to become verified" message. Confusion follows.Categories: CybercrimeSocial engineeringTags: phishphishingscamscammertwitter(Read more...)]]> 2016-07-21T19:15:07+00:00 https://blog.malwarebytes.com/cybercrime/2016/07/avoid-this-authorize-your-twitter-account-phishing-scam/ www.secnews.physaphae.fr/article.php?IdArticle=4525 False None None None Malwarebytes Labs - MalwarebytesLabs A recently discovered adware called Window Range Manager aka Winrange uses Chrome components to display 3D advertisements, but fails to run on most systems.Categories: PUPsThreat analysisTags: adsMalwarebytesPUPs(Read more...)]]> 2016-07-20T14:31:40+00:00 https://blog.malwarebytes.com/threat-analysis/2016/07/window-range-manager/ www.secnews.physaphae.fr/article.php?IdArticle=4436 False None None 2.0000000000000000 Malwarebytes Labs - MalwarebytesLabs We have been tracking a malvertising campaign distributing the Cerber ransomware linked to the actor behind the Magnitude exploit kit for months.Despite a global slowdown in exploit kit activity, this particular distribution channel has remained active and strong. In this post we take a look at some past and present indicators of compromise that show how fake identities remain an effective way to defeat ad platforms' security checks.Categories: ExploitsTags: cerberMagnitudemalvertisingransomware(Read more...)]]> 2016-07-19T15:16:58+00:00 https://blog.malwarebytes.com/cybercrime/exploits/2016/07/long-lasting-magnitude-ek-malvertising-campaign-not-affected-by-slowdown-in-ek-activity/ www.secnews.physaphae.fr/article.php?IdArticle=4350 False None None None Malwarebytes Labs - MalwarebytesLabs Petya's authors got it right at the third attempt. The currently launched wave of this ransomware finally seems to have the proper Salsa20.Categories: MalwareThreat analysisTags: Mischapetyaransomware(Read more...)]]> 2016-07-18T17:00:16+00:00 https://blog.malwarebytes.com/threat-analysis/2016/07/third-time-unlucky-improved-petya-is-out/ www.secnews.physaphae.fr/article.php?IdArticle=4262 False None None None Malwarebytes Labs - MalwarebytesLabs When we talk about online extortion, nowadays what comes to mind is ransomware, thanks to reports of new strains found almost every day of the week. For some, it may be scams—from online dating, to loan, to 419 fraud. For others, some examples may be hijacked accounts, sextortion, DDoS attacks, and data theft. These past few weeks, we have been introduced to a new type of digital extortion that, as some security experts claim, is currently on the rise: bug poaching.Categories: 101FYITags: bug bountybug poachingonline extortion(Read more...)]]> 2016-07-15T17:00:46+00:00 https://blog.malwarebytes.com/101/2016/07/explained-bug-poaching/ www.secnews.physaphae.fr/article.php?IdArticle=4155 False None None None Malwarebytes Labs - MalwarebytesLabs You know when you write about a Pokemon GO scam and casually mention how criminals use Lure Modules as bait for mugging victims? Of course you do (well, maybe not). As it turns out, the blogpost itself became a Pokemon-style lure - for comment section driveby scammers. I mean, whoops? Here was me thinking I'm supposed to go out and catch them all or whatever. I can't get fit and healthy waving my phone at trees and the occasional power plant if they turn up on the doorstep...Categories: CybercrimeSocial engineeringTags: pokecoinspokemonpokemon GOscamspamsurveysurveys(Read more...)]]> 2016-07-15T14:06:57+00:00 https://blog.malwarebytes.com/cybercrime/2016/07/our-pokemon-go-blogpost-becomes-scammer-bait/ www.secnews.physaphae.fr/article.php?IdArticle=4127 False None None None