Malwarebytes Labs

Malwarebytes Labs The Security Blog From Malwarebytes

  • AvosLocker enters the ransomware scene, asks for partners
    by Threat Intelligence Team on July 23, 2021 at 11:00 pm

    We examine AvosLocker, a new ransomware aiming to grow into the coveted big game hunting space. Categories: Threat analysis Tags: AvosLockerransomware (Read more…) The post AvosLocker enters the ransomware scene, asks for partners appeared first on Malwarebytes Labs.

  • CNA legal filings lift the curtain on a Phoenix CryptoLocker ransomware attack
    by Malwarebytes Labs on July 23, 2021 at 6:06 pm

    According to CNA, the attack started when an employee downloaded a fake browser from a legitimate website. Categories: Ransomware Tags: CNA FInanceevil corpMega NZPhoenixPhoenix CryptoLocker (Read more…) The post CNA legal filings lift the curtain on a Phoenix CryptoLocker ransomware attack appeared first on Malwarebytes Labs.

  • Busted! Fraud-as-a-Service gang that sold 2FA-proof phishing arrested
    by Pieter Arntz on July 23, 2021 at 5:57 pm

    Dutch police arrested members of a group calling themselves the Fraud Family for developing and selling phishing panels. Categories: ScamsSocial engineering Tags: 2faanti-botfraud familygreen padlockGroup-IBpassword managerphishingPIItelegramtypo squattingurl shorteners (Read more…) The post Busted! Fraud-as-a-Service gang that sold 2FA-proof phishing arrested appeared first on Malwarebytes Labs.

  • 5 years for swatter who caused a man’s death for a Twitter handle
    by Christopher Boyd on July 22, 2021 at 5:32 pm

    We look at the history of doxing and swatting, and talk about the most recent awful example of someone losing their life to this tactic. Categories: Privacy Tags: doxdoxingdoxxinggamingpolicesocial networkswatswatting (Read more…) The post 5 years for swatter who caused a man’s death for a Twitter handle appeared first on Malwarebytes Labs.

  • Millions of Windows machines affected by ancient printer vulnerability
    by Pieter Arntz on July 22, 2021 at 12:24 pm

    A vulnerability in laser printer drivers for Windows has been lying dormant for 16 years. Categories: Exploits and vulnerabilities Tags: buffer overflowcve-2021-3438CVSSHPlaser printersSamsungupdatexerox (Read more…) The post Millions of Windows machines affected by ancient printer vulnerability appeared first on Malwarebytes Labs.

  • Pegasus spyware has been here for years. We must stop ignoring it
    by David Ruiz on July 22, 2021 at 11:10 am

    The Pegasus Project revealed deeply concerning surveillance campaigns against activists and journalists. It’s time for us to act. Categories: Privacy Tags: Amnesty InternationalAmnesty International Security LabCitizen LabCoalition Against Stalkerwareencryptionend-to-end encryptionfacebookgoing darkHatice CengizJamal KhoshoggiNSAnsa surveillanceNSO GroupPegasusspywarestalkerwaresurveillanceThe Pegasus ProjectTrident vulnerabilityUniversity of Torontowhatsapp (Read more…) The post Pegasus spyware has been here for years. We must stop ignoring it appeared first on Malwarebytes Labs.

  • The life and death of the ZeuS Trojan
    by Malwarebytes Labs on July 21, 2021 at 5:15 pm

    ZeuS is an infamous banking Trojan that infected millions of systems, and stole billions of dollars. Categories: 101 Tags: 2faAleksander Paninbehavioral biometricsBotbotnetC&Ccommand & controlcrimewareddosdistributed denial of service attackdrive-by downloadsfbiform grabbingHamza BedelladjHandermankeyloggerman-in-the-browsermitbphishingpolymorphicPStorespamspyeyezbotZeusZeuS TrojanZeuSMuseum (Read more…) The post The life and death of the ZeuS Trojan appeared first on Malwarebytes Labs.

  • ID theft ghouls targeting Surfside victims is appalling, but no surprise
    by Malwarebytes Labs on July 21, 2021 at 3:33 pm

    We look at examples of scammers trying to steal the identity of the dead, and observe those same awful tactics still in use today. Categories: Privacy Tags: data breachdeaddeathdisasterid fraudidentityleakscam (Read more…) The post ID theft ghouls targeting Surfside victims is appalling, but no surprise appeared first on Malwarebytes Labs.

  • HiveNightmare zero-day lets anyone be SYSTEM on Windows 10 and 11
    by Pieter Arntz on July 21, 2021 at 2:31 pm

    HiveNightmare, aka SeriousSAM, allows attackers to extract hashed passwords from Shadow copies of the registry. Categories: Exploits and vulnerabilities Tags: cve-2021-36934eoppass the hashprintnightmareprivilegessecurity accounts managerSeriousSAMShadownightmare (Read more…) The post HiveNightmare zero-day lets anyone be SYSTEM on Windows 10 and 11 appeared first on Malwarebytes Labs.

  • US, EU, UK, NATO blame china for “reckless” Exchange attacks
    by Pieter Arntz on July 20, 2021 at 2:11 pm

    The US, UK, EU, and NATO have have issued a coordinated, public censure of China for its role in attacks against Exchange servers earlier this year. Categories: Exploits and vulnerabilities Tags: apt31apt40cloud hopperEternalBluehafniummicrosoft exchangenatoNotPetyaprcproxylogonshadow brokersttpsWannaCry (Read more…) The post US, EU, UK, NATO blame china for “reckless” Exchange attacks appeared first on Malwarebytes Labs.

  • Remcos RAT delivered via Visual Basic
    by Threat Intelligence Team on July 19, 2021 at 7:32 pm

    We review a malware distribution campaign via malspam involving the Remcos remote access Trojan. Categories: MalwareThreat analysisTrojans Tags: ratremcos (Read more…) The post Remcos RAT delivered via Visual Basic appeared first on Malwarebytes Labs.

  • Beware, crypto-scammer seeks foreigner with BLOCK CHAIN ACCOUNT
    by Malwarebytes Labs on July 19, 2021 at 1:41 pm

    We take a look at a spam mail promising untold riches from a cryptocurrency transfer which will only lead to financial disaster. Categories: Social engineering Tags: cryptocurrency scamemailfakephishphishingscamSocial Engineeringwhatsapp (Read more…) The post Beware, crypto-scammer seeks foreigner with BLOCK CHAIN ACCOUNT appeared first on Malwarebytes Labs.

  • StopRansomware.gov brings together information on stopping and surviving ransomware attacks
    by Malwarebytes Labs on July 19, 2021 at 1:30 pm

    StopRansomware.gov is designed to be a one-stop hub for ransomware resources. Categories: Malwarebytes news Tags: Alejandro MayorkascisaDHSDOJfbiHHSNISTransomwareRansomware Task FroceRTFStopRansomware.gov (Read more…) The post StopRansomware.gov brings together information on stopping and surviving ransomware attacks appeared first on Malwarebytes Labs.

  • A week in security (July 12 – July 18)
    by Malwarebytes Labs on July 19, 2021 at 9:43 am

    A roundup of all the most interesting cybersecurity news stories, articles, and happenings of the previous seven days. Categories: A week in security Tags: adobecryptominingDNS-over-HTTPSelon muskGuesskaseyamacroMagecartMint MObilepatch tuesdayphishingransomwarerevilrussian problemscarewareSpoofedScholarsTopmist Dusttrickbottwittervpn (Read more…) The post A week in security (July 12 – July 18) appeared first on Malwarebytes Labs.

  • “Seven or eight” zero-days: The failed race to fix Kaseya VSA, with Victor Gevers, Lock and Code S02E13
    by Malwarebytes Labs on July 19, 2021 at 7:45 am

    Kaseya VSA had “seven or eight” zero-day vulnerabilities, revealed DIVD Chair Victor Gevers in the latest episode of Lock and Code. Categories: Podcast Tags: CoopDIVDDutch Institute for Vulnerability DisclosurekaseyaKaseya ransomwarekaseya VSAlock and codelock and code podcastmalwarebytes labs podcastmalwarebytes podcastpodcastrevilREvil ransomwareVictor GeversVSA (Read more…) The post “Seven or eight” zero-days: The failed race to fix Kaseya VSA, with Victor Gevers, Lock and Code S02E13 appeared first on Malwarebytes Labs.

  • US offers huge reward in fight against state-sponsored cybercriminals
    by Pieter Arntz on July 16, 2021 at 3:40 pm

    The US has announced new resources for fighting ransomware, and offered $10 million for information leading to the unmasking of cybercriminals. Categories: Malwarebytes news Tags: 10 millioncfaaCISDark WebransomwareRFJrussia (Read more…) The post US offers huge reward in fight against state-sponsored cybercriminals appeared first on Malwarebytes Labs.

  • Does using a VPN slow down your Internet?
    by Malwarebytes Labs on July 16, 2021 at 10:49 am

    A VPN can slow down your Internet, but the difference in speed can be minimal and the benefits may outweigh a slight speed loss. Categories: 101 (Read more…) The post Does using a VPN slow down your Internet? appeared first on Malwarebytes Labs.

  • What is scareware?
    by Malwarebytes Labs on July 16, 2021 at 9:44 am

    We explain what Scareware programs are, as well as some of its accompanying tricks designed to extract payments from unwary web users. Categories: 101 Tags: adwarebrowsermalwareprankscarescarewareSocial Engineeringspywaretrick (Read more…) The post What is scareware? appeared first on Malwarebytes Labs.

  • SonicWall warns users of “imminent ransomware campaign”
    by Pieter Arntz on July 15, 2021 at 2:30 pm

    SonicWall is just the latest security vendor to see its products used to perpetuate ransomware attacks. Categories: Exploits and vulnerabilities Tags: EOLfivehandsmfaransomwaresmasonicwallsra (Read more…) The post SonicWall warns users of “imminent ransomware campaign” appeared first on Malwarebytes Labs.

  • Ransomware’s Russia problem
    by Malwarebytes Labs on July 15, 2021 at 10:55 am

    Ransomware really, really doesn’t want to run in Russia or members of the Commonwealth of Independent States. Categories: Malwarebytes news Tags: Alejandro MayorkasBabukCD Projekt RedCISClopcolonial pipelineCommonwealth of Independent StatesFabian WoserGina RaimondoJens StoltenbergMespinozanatoproxylogonPYSAraasRacketeer Influenced and Corrupt Organizations ActransomwareRansomware Task Forceransomware-as-a-serviceRICO ActRTFWindows Exchange vulnerability (Read more…) The post Ransomware’s Russia problem appeared first on Malwarebytes Labs.

Share This Information.

Leave a Reply

Your email address will not be published. Required fields are marked *