Has two-factor authentication been defeated? A spotlight on 2FA’s latest challenge

Credit to Author: Malwarebytes Labs| Date: Mon, 21 Jan 2019 16:15:30 +0000

While many tech-savvy folks are familiar with two-factor authentication (2FA), more are unaware that there are several ways around it. A tactic called Modlishka, the English pronunciation for the Polish word for “mantis,” is the latest in this list.

Categories:

Tags:

(Read more…)

The post Has two-factor authentication been defeated? A spotlight on 2FA’s latest challenge appeared first on Malwarebytes Labs.

Read more

Hosting malicious sites on legitimate servers: How do threat actors get away with it?

Credit to Author: Pieter Arntz| Date: Fri, 18 Jan 2019 16:00:00 +0000

Is money all hosting providers care about when it comes to allowing malicious sites on their servers? Or is there more at play? We embark on an investigation to discover their motives.

Categories:

Tags:

(Read more…)

The post Hosting malicious sites on legitimate servers: How do threat actors get away with it? appeared first on Malwarebytes Labs.

Read more

This Week in Security News: Risky Radio Remotes and Cybercrime

Credit to Author: Jon Clay (Global Threat Communications)| Date: Fri, 18 Jan 2019 15:18:00 +0000

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about Trend Micro’s new research on radio frequency technology and the risks of radio remote controllers. Also, understand why there is a rise in physical crime…

The post This Week in Security News: Risky Radio Remotes and Cybercrime appeared first on .

Read more

The Advanced Persistent Threat files: APT10

Credit to Author: William Tsing| Date: Wed, 16 Jan 2019 17:00:00 +0000

While security companies are getting good at analyzing the tactics of nation-state threat actors, they still struggle with placing these actions in context and making solid risk assessments. So in this series, we’re going to take a look at a few APT groups, and see how they fit into the larger threat landscape—starting with APT10.

Categories:

Tags:

(Read more…)

The post The Advanced Persistent Threat files: APT10 appeared first on Malwarebytes Labs.

Read more

Luas data ransom: the hacker who cried wolf?

Credit to Author: Christopher Boyd| Date: Fri, 11 Jan 2019 18:00:00 +0000

Irish tram firm Luas were recently compromised and told to pay 1 Bitcoin, or risk user data being fired into the void. The deadline for paying the ransom has now passed: So what happens next? And is anyone out there really at risk?

Categories:

Tags:

(Read more…)

The post Luas data ransom: the hacker who cried wolf? appeared first on Malwarebytes Labs.

Read more

Social Security Number scammers are at it again

Credit to Author: Jovi Umawing| Date: Thu, 10 Jan 2019 21:05:26 +0000

The Federal Trade Commission recently released a warning about a sharp increase in Social Security Number scammers. Have you gotten one of their robocalls? Here’s how to recognize the scam and what to do about it.

Categories:

Tags:

(Read more…)

The post Social Security Number scammers are at it again appeared first on Malwarebytes Labs.

Read more

Ryuk ransomware attacks businesses over the holidays

Credit to Author: Adam Kujawa| Date: Tue, 08 Jan 2019 19:49:45 +0000

Over the holiday, a little-known ransomware family called Ryuk caused serious damage to numerous organizations. The attacks leave a lot of questions unanswered. What do we know so far?

Categories:

Tags:

(Read more…)

The post Ryuk ransomware attacks businesses over the holidays appeared first on Malwarebytes Labs.

Read more

Server Security for the Modern IT Ecosystem

Credit to Author: Trend Micro| Date: Thu, 03 Jan 2019 15:30:46 +0000

A Changing Landscape In recent years we’ve seen a fundamental shift in the IT landscape, accelerated towards cloud and containerized infrastructures. According to Forbes, by 2020 it is predicted that 83 percent of enterprise workloads will be in the cloud. Moving beyond the cloud, software development teams are driving further change with the adoption of…

The post Server Security for the Modern IT Ecosystem appeared first on .

Read more

The new landscape of pre-installed mobile malware: malicious code within

Credit to Author: Nathan| Date: Wed, 02 Jan 2019 18:15:46 +0000

We are now seeing malware authors target system apps that are required for mobile devices to function properly. By injecting malicious code within these necessary apps, threat actors have reshaped the landscape of pre-installed malware for the worse.

Categories:

Tags:

(Read more…)

The post The new landscape of pre-installed mobile malware: malicious code within appeared first on Malwarebytes Labs.

Read more

Incident Response In The Public Eye

Credit to Author: Mark Nunnikhoven (Vice President, Cloud Research)| Date: Mon, 31 Dec 2018 17:00:44 +0000

Cyberattacks happen constantly. Every day organizations are attackers online whether they realize it or not. Most of these attacks are passing affairs. The mere fact that systems are on to the internet makes them a target of opportunity. For the most part, these attacks are non-events. Security software, bugs in attack code, and updated applications…

The post Incident Response In The Public Eye appeared first on .

Read more