Disdain exploit kit and a side of social engineering deliver Neutrino Bot

Credit to Author: Jérôme Segura| Date: Fri, 10 Nov 2017 00:23:26 +0000

Exploits may not be enough as threat actors combine them with social engineering in a new Disdain exploit kit attack method.

Categories:

Tags:

(Read more…)

The post Disdain exploit kit and a side of social engineering deliver Neutrino Bot appeared first on Malwarebytes Labs.

Read more

Disdain exploit kit served with a side of social engineering

Credit to Author: Jérôme Segura| Date: Fri, 10 Nov 2017 00:23:26 +0000

Exploits may not be enough as threat actors combine them with social engineering in a new Disdain exploit kit attack method.

Categories:

Tags:

(Read more…)

The post Disdain exploit kit served with a side of social engineering appeared first on Malwarebytes Labs.

Read more

Enemy at the gates: Reviewing the Magnitude exploit kit redirection chain

Credit to Author: Jérôme Segura| Date: Wed, 02 Aug 2017 15:00:06 +0000

This post shines some light on a ‘gate’ belonging to the geo-targeted Magnitude exploit kit.

Categories:

Tags:

(Read more…)

The post Enemy at the gates: Reviewing the Magnitude exploit kit redirection chain appeared first on Malwarebytes Labs.

Read more

Report: Second quarter dominated by ransomware outbreaks

Credit to Author: Malwarebytes Labs| Date: Thu, 06 Jul 2017 19:06:53 +0000

The second quarter of 2017 left the security world wondering, “What the hell happened?” With leaks of government-created exploits being deployed against users in the wild, a continued sea of ransomware constantly threatening our ability to work online, and the lines between malware and potentially unwanted programs continuing to blur, every new incident was a wakeup call.In this report, we are going to discuss some of the most important trends, tactics, and attacks of Q2 2017, including an update on ransomware, what is going on with all these exploits, and a special look at all the breaches that happened this quarter.

Categories:

Tags:

(Read more…)

The post Report: Second quarter dominated by ransomware outbreaks appeared first on Malwarebytes Labs.

Read more

AdGholas malvertising thrives in the shadows of ransomware outbreaks

Credit to Author: Jérôme Segura| Date: Wed, 05 Jul 2017 16:05:57 +0000

Several large malvertising campaigns went unnoticed amidst the news of the latest ransomware outbreak.

Categories:

Tags:

(Read more…)

The post AdGholas malvertising thrives in the shadows of ransomware outbreaks appeared first on Malwarebytes Labs.

Read more

Elusive Moker Trojan is back

Credit to Author: Malwarebytes Labs| Date: Fri, 21 Apr 2017 18:44:58 +0000

We finally have gotten our hands on a sample of Moker Trojan (that was discovered in 2015). This article will be a deep dive in its capabilities.

Categories:

Tags:

(Read more…)

The post Elusive Moker Trojan is back appeared first on Malwarebytes Labs.

Read more

Binary Options malvertising campaign drops ISFB banking Trojan

Credit to Author: Jérôme Segura| Date: Thu, 20 Apr 2017 15:00:55 +0000

We take a look at a widespread and yet stealthy malvertising campaign distributing the ISFB banking Trojan via decoy websites.

Categories:

Tags:

(Read more…)

The post Binary Options malvertising campaign drops ISFB banking Trojan appeared first on Malwarebytes Labs.

Read more

Diamond Fox – part 2: let’s dive in the code

Credit to Author: Malwarebytes Labs| Date: Thu, 06 Apr 2017 15:00:30 +0000

In a previous post we made an initial analysis of a Diamond Fox bot delivered by the Nebula Exploit Kit (more about the campaign can be found here). We described the way to unpack the protection layer in order to get the core, written in Visual Basic, that can be decompiled. In this second part of…

Categories:

Tags:

(Read more…)

The post Diamond Fox – part 2: let’s dive in the code appeared first on Malwarebytes Labs.

Read more

Websites compromised in ‘Decimal IP’ campaign

Credit to Author: Jérôme Segura| Date: Wed, 29 Mar 2017 23:00:52 +0000

This URL is quite probably unlike anything you’ve ever seen before and yet still works and redirects to malware.

Categories:

Tags:

(Read more…)

The post Websites compromised in ‘Decimal IP’ campaign appeared first on Malwarebytes Labs.

Read more

Exploit kits: Winter 2017 review

Credit to Author: Jérôme Segura| Date: Thu, 09 Mar 2017 20:08:35 +0000

We take a look at the current exploit kit scene (Winter 2017) according to our telemetry and honeypots.

Categories:

Tags:

(Read more…)

The post Exploit kits: Winter 2017 review appeared first on Malwarebytes Labs.

Read more

A week in security (Jan 01 – Jan 07)

A compilation of notable security news and blog posts from the 1st of January to the 7th. This week, we touched on the Sundown exploit kit with a surprising payload and a fake technical support page that wreaked havoc on Mac systems.

Categories:

Tags:

(Read more…)

Read more