A week in security (July 29 – August 4)

Credit to Author: Malwarebytes Labs| Date: Mon, 05 Aug 2019 15:44:37 +0000

A roundup of security news from July 29 – August 4 including Capital One breach, Lord Exploit Kit, more Magecart skimming, ATM attacks, QR code scams, and Equifax payout.

Categories:

Tags:

(Read more…)

The post A week in security (July 29 – August 4) appeared first on Malwarebytes Labs.

Read more

Say hello to Lord Exploit Kit

Credit to Author: Jérôme Segura| Date: Fri, 02 Aug 2019 18:15:24 +0000

In this blog, we take a look at a new exploit kit distributed via malvertising that calls itself Lord EK.

Categories:

Tags:

(Read more…)

The post Say hello to Lord Exploit Kit appeared first on Malwarebytes Labs.

Read more

GreenFlash Sundown exploit kit expands via large malvertising campaign

Credit to Author: Jérôme Segura| Date: Wed, 26 Jun 2019 18:30:48 +0000

The GreenFlash exploit kit, which we typically saw targeting South Korean users, reaches globally with a large malvertising campaign via a popular website.

Categories:

Tags:

(Read more…)

The post GreenFlash Sundown exploit kit expands via large malvertising campaign appeared first on Malwarebytes Labs.

Read more

Electrum Bitcoin wallets under siege

Credit to Author: Malwarebytes Labs| Date: Tue, 16 Apr 2019 15:00:00 +0000

Threat actors are relentlessly phishing and attacking Electrum Bitcoin wallet users, racking up millions of dollars.

Categories:

Tags:

(Read more…)

The post Electrum Bitcoin wallets under siege appeared first on Malwarebytes Labs.

Read more

Impacts to Enterprise Security: A Look at as-a-service Attacks

Credit to Author: Trend Micro| Date: Thu, 24 Jan 2019 14:20:08 +0000

Ever since certain solutions have begun being offered “as-a-service,” the market for this method of delivery has exploded. Now, elements like software-as-a-service, infrastructure-as-a-service and platform-as-a-service are key mainstay components of enterprise IT, with the market values to prove it. According to MarketWatch, the global SaaS market is on track to expand by a more than…

The post Impacts to Enterprise Security: A Look at as-a-service Attacks appeared first on .

Read more

Vidar and GandCrab: stealer and ransomware combo observed in the wild

Credit to Author: Jérôme Segura| Date: Fri, 04 Jan 2019 18:15:25 +0000

Threat actors combine new stealer Vidar and GandCrab ransomware in one-two punch.

Categories:

Tags:

(Read more…)

The post Vidar and GandCrab: stealer and ransomware combo observed in the wild appeared first on Malwarebytes Labs.

Read more

A week in security (December 17 – 23)

Credit to Author: Malwarebytes Labs| Date: Mon, 24 Dec 2018 18:56:44 +0000

A roundup of last week’s security news from December 17–23, including Christmas scams, phishing quizzes, Underminer, smart speakers, flawed Twitter form, Chromebook malware, and Fuchsia.

Categories:

Tags:

(Read more…)

The post A week in security (December 17 – 23) appeared first on Malwarebytes Labs.

Read more

Exploit kits: fall 2018 review

Credit to Author: Jérôme Segura| Date: Wed, 24 Oct 2018 16:10:54 +0000

With a fresh exploit kit in town, the drive-by download landscape shows new signs of life in fall 2018.

Categories:

Tags:

(Read more…)

The post Exploit kits: fall 2018 review appeared first on Malwarebytes Labs.

Read more

The Year Targeted Phishing Went Mainstream

Credit to Author: BrianKrebs| Date: Thu, 02 Aug 2018 15:11:45 +0000

A story published here on July 12 about a new sextortion-based phishing scheme that invokes a real password used by each recipient has become the most-read piece on KrebsOnSecurity since this site launched in 2009. And with good reason — sex sells (the second most-read piece here was my 2015 scoop about the Ashley Madison hack). But beneath the lurid allure of both stories lies a more unsettling reality: It has never been easier for scam artists to launch convincing, targeted phishing and extortion scams that are automated on a global scale. And given the sheer volume of hacked and stolen personal data now available online, it seems almost certain we will soon witness many variations on these phishing campaigns that leverage customized data elements to enhance their effectiveness.

Read more

Magnitude exploit kit switches to GandCrab ransomware

Credit to Author: Jérôme Segura| Date: Tue, 17 Apr 2018 16:58:26 +0000

After being faithful to its own Magniber ransomware for several months, Magnitude EK joins others to adopt GandCrab.

Categories:

Tags:

(Read more…)

The post Magnitude exploit kit switches to GandCrab ransomware appeared first on Malwarebytes Labs.

Read more

Hermes ransomware distributed to South Koreans via recent Flash zero-day

Credit to Author: Malwarebytes Labs| Date: Wed, 14 Mar 2018 17:59:32 +0000

An uncommon exploit kit adds a fresh Flash Player exploit to distribute the Hermes ransomware in South Korea.

Categories:

Tags:

(Read more…)

The post Hermes ransomware distributed to South Koreans via recent Flash zero-day appeared first on Malwarebytes Labs.

Read more