Malwarebytes Labs

We examine AvosLocker, a new ransomware aiming to grow into the coveted big game hunting space. Categories: Threat analysis Tags: AvosLockerransomware (Read more…) The post AvosLocker enters the ransomware scene, asks for partners appeared first on Malwarebytes Labs.

According to CNA, the attack started when an employee downloaded a fake browser from a legitimate website. Categories: Ransomware Tags: CNA FInanceevil corpMega NZPhoenixPhoenix CryptoLocker (Read more…) The post CNA legal filings lift the curtain on a Phoenix CryptoLocker ransomware attack appeared first on Malwarebytes Labs.

Dutch police arrested members of a group calling themselves the Fraud Family for developing and selling phishing panels. Categories: ScamsSocial engineering Tags: 2faanti-botfraud familygreen padlockGroup-IBpassword managerphishingPIItelegramtypo squattingurl shorteners (Read more…) The post Busted! Fraud-as-a-Service gang that sold 2FA-proof phishing arrested appeared first on Malwarebytes Labs.

We look at the history of doxing and swatting, and talk about the most recent awful example of someone losing their life to this tactic. Categories: Privacy Tags: doxdoxingdoxxinggamingpolicesocial networkswatswatting (Read more…) The post 5 years for swatter who caused a man’s death for a Twitter handle appeared first on Malwarebytes Labs.

A vulnerability in laser printer drivers for Windows has been lying dormant for 16 years. Categories: Exploits and vulnerabilities Tags: buffer overflowcve-2021-3438CVSSHPlaser printersSamsungupdatexerox (Read more…) The post Millions of Windows machines affected by ancient printer vulnerability appeared first on Malwarebytes Labs.

The Pegasus Project revealed deeply concerning surveillance campaigns against activists and journalists. It’s time for us to act. Categories: Privacy Tags: Amnesty InternationalAmnesty International Security LabCitizen LabCoalition Against Stalkerwareencryptionend-to-end encryptionfacebookgoing darkHatice CengizJamal KhoshoggiNSAnsa surveillanceNSO GroupPegasusspywarestalkerwaresurveillanceThe Pegasus ProjectTrident vulnerabilityUniversity of Torontowhatsapp (Read more…) The post Pegasus spyware has been here for years. We must stop ignoring it appeared first on Malwarebytes Labs.

ZeuS is an infamous banking Trojan that infected millions of systems, and stole billions of dollars. Categories: 101 Tags: 2faAleksander Paninbehavioral biometricsBotbotnetC&Ccommand & controlcrimewareddosdistributed denial of service attackdrive-by downloadsfbiform grabbingHamza BedelladjHandermankeyloggerman-in-the-browsermitbphishingpolymorphicPStorespamspyeyezbotZeusZeuS TrojanZeuSMuseum (Read more…) The post The life and death of the ZeuS Trojan appeared first on Malwarebytes Labs.

We look at examples of scammers trying to steal the identity of the dead, and observe those same awful tactics still in use today. Categories: Privacy Tags: data breachdeaddeathdisasterid fraudidentityleakscam (Read more…) The post ID theft ghouls targeting Surfside victims is appalling, but no surprise appeared first on Malwarebytes Labs.

HiveNightmare, aka SeriousSAM, allows attackers to extract hashed passwords from Shadow copies of the registry. Categories: Exploits and vulnerabilities Tags: cve-2021-36934eoppass the hashprintnightmareprivilegessecurity accounts managerSeriousSAMShadownightmare (Read more…) The post HiveNightmare zero-day lets anyone be SYSTEM on Windows 10 and 11 appeared first on Malwarebytes Labs.

The US, UK, EU, and NATO have have issued a coordinated, public censure of China for its role in attacks against Exchange servers earlier this year. Categories: Exploits and vulnerabilities Tags: apt31apt40cloud hopperEternalBluehafniummicrosoft exchangenatoNotPetyaprcproxylogonshadow brokersttpsWannaCry (Read more…) The post US, EU, UK, NATO blame china for “reckless” Exchange attacks appeared first on Malwarebytes Labs.

We review a malware distribution campaign via malspam involving the Remcos remote access Trojan. Categories: MalwareThreat analysisTrojans Tags: ratremcos (Read more…) The post Remcos RAT delivered via Visual Basic appeared first on Malwarebytes Labs.

We take a look at a spam mail promising untold riches from a cryptocurrency transfer which will only lead to financial disaster. Categories: Social engineering Tags: cryptocurrency scamemailfakephishphishingscamSocial Engineeringwhatsapp (Read more…) The post Beware, crypto-scammer seeks foreigner with BLOCK CHAIN ACCOUNT appeared first on Malwarebytes Labs.

StopRansomware.gov is designed to be a one-stop hub for ransomware resources. Categories: Malwarebytes news Tags: Alejandro MayorkascisaDHSDOJfbiHHSNISTransomwareRansomware Task FroceRTFStopRansomware.gov (Read more…) The post StopRansomware.gov brings together information on stopping and surviving ransomware attacks appeared first on Malwarebytes Labs.

A roundup of all the most interesting cybersecurity news stories, articles, and happenings of the previous seven days. Categories: A week in security Tags: adobecryptominingDNS-over-HTTPSelon muskGuesskaseyamacroMagecartMint MObilepatch tuesdayphishingransomwarerevilrussian problemscarewareSpoofedScholarsTopmist Dusttrickbottwittervpn (Read more…) The post A week in security (July 12 – July 18) appeared first on Malwarebytes Labs.

Kaseya VSA had “seven or eight” zero-day vulnerabilities, revealed DIVD Chair Victor Gevers in the latest episode of Lock and Code. Categories: Podcast Tags: CoopDIVDDutch Institute for Vulnerability DisclosurekaseyaKaseya ransomwarekaseya VSAlock and codelock and code podcastmalwarebytes labs podcastmalwarebytes podcastpodcastrevilREvil ransomwareVictor GeversVSA (Read more…) The post “Seven or eight” zero-days: The failed race to fix Kaseya VSA, with Victor Gevers, Lock and Code S02E13 appeared first on Malwarebytes Labs.

The US has announced new resources for fighting ransomware, and offered $10 million for information leading to the unmasking of cybercriminals. Categories: Malwarebytes news Tags: 10 millioncfaaCISDark WebransomwareRFJrussia (Read more…) The post US offers huge reward in fight against state-sponsored cybercriminals appeared first on Malwarebytes Labs.

A VPN can slow down your Internet, but the difference in speed can be minimal and the benefits may outweigh a slight speed loss. Categories: 101 (Read more…) The post Does using a VPN slow down your Internet? appeared first on Malwarebytes Labs.

We explain what Scareware programs are, as well as some of its accompanying tricks designed to extract payments from unwary web users. Categories: 101 Tags: adwarebrowsermalwareprankscarescarewareSocial Engineeringspywaretrick (Read more…) The post What is scareware? appeared first on Malwarebytes Labs.

SonicWall is just the latest security vendor to see its products used to perpetuate ransomware attacks. Categories: Exploits and vulnerabilities Tags: EOLfivehandsmfaransomwaresmasonicwallsra (Read more…) The post SonicWall warns users of “imminent ransomware campaign” appeared first on Malwarebytes Labs.

Ransomware really, really doesn’t want to run in Russia or members of the Commonwealth of Independent States. Categories: Malwarebytes news Tags: Alejandro MayorkasBabukCD Projekt RedCISClopcolonial pipelineCommonwealth of Independent StatesFabian WoserGina RaimondoJens StoltenbergMespinozanatoproxylogonPYSAraasRacketeer Influenced and Corrupt Organizations ActransomwareRansomware Task Forceransomware-as-a-serviceRICO ActRTFWindows Exchange vulnerability (Read more…) The post Ransomware’s Russia problem appeared first on Malwarebytes Labs.