New Flash Player zero-day used against Russian facility

Credit to Author: Jérôme Segura| Date: Wed, 05 Dec 2018 22:44:59 +0000

An APT group is using a new Flash Player zero-day that was used a lure targeting a Russian-based clinic

Categories:

Tags:

(Read more…)

The post New Flash Player zero-day used against Russian facility appeared first on Malwarebytes Labs.

Read more

Obfuscated Equation Editor Exploit (CVE-2017-11882) spreading Hawkeye Keylogger

Credit to Author: Pradeep Kulkarni| Date: Thu, 01 Nov 2018 06:17:45 +0000

Cyber-attacks through phishing emails are increasing and generally, attackers use DOC embedded macros to infiltrate victim’s machine. Recently Quick Heal Security Labs came across a Phishing e-mail sample which uses Microsoft’s equation editor exploit to spread Hawkeye keylogger. Cybercriminals use different techniques to steal confidential data. Now they are offering…

Read more

Fake browser update seeks to compromise more MikroTik routers

Credit to Author: Malwarebytes Labs| Date: Fri, 12 Oct 2018 15:00:06 +0000

Threat actors are social engineering users with a fake update that, once installed, will scan the Internet in an attempt to exploit vulnerable MikroTik routers.

Categories:

Tags:

(Read more…)

The post Fake browser update seeks to compromise more MikroTik routers appeared first on Malwarebytes Labs.

Read more

Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT

Credit to Author: Jérôme Segura| Date: Wed, 26 Sep 2018 17:13:26 +0000

A threat actor implements a newer vulnerability exploited in Internet Explorer to serve up the Quasar RAT and diversify the portfolio of attacks.

Categories:

Tags:

(Read more…)

The post Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT appeared first on Malwarebytes Labs.

Read more

CVE-2018-8440 – Task Scheduler ALPC Zero-Day Exploit in the Wild

Credit to Author: Sameer Patil| Date: Wed, 12 Sep 2018 13:30:14 +0000

The recent zero-day vulnerability CVE-2018-8440 in Windows Task Scheduler enables attackers to perform a privilege elevation on targeted machines. Microsoft has released a security advisory CVE-2018-8440 on September 11, 2018 to address this issue. According to Microsoft, successful exploitation of this vulnerability could run arbitrary code in the security context…

Read more

Intercept X vi difende contro l’abuso SettingsContent-ms

Credit to Author: Sophos Italia| Date: Fri, 07 Sep 2018 05:25:33 +0000

Anche l’utilizzo di una versione precedente della nostra tecnologia anti-exploit vi proteggerà se aprite un documento dannoso che contiene l’exploit CVE-2018-8414<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/_KRXG6HUMaI” height=”1″ width=”1″ alt=””/>

Read more

‘Hidden Bee’ miner delivered via improved drive-by download toolkit

Credit to Author: Malwarebytes Labs| Date: Thu, 26 Jul 2018 21:00:22 +0000

Threat actors switch to the Hidden Bee miner as a payload for this unusual and complex drive-by download campaign.

Categories:

Tags:

()

The post ‘Hidden Bee’ miner delivered via improved drive-by download toolkit appeared first on Malwarebytes Labs.

Read more

Taking apart a double zero-day sample discovered in joint hunt with ESET

Credit to Author: Windows Defender ATP| Date: Mon, 02 Jul 2018 15:00:00 +0000

In late March 2018, I analyzed an interesting PDF sample found by ESET senior malware researcher Anton Cherpanov. The sample was initially reported to Microsoft as a potential exploit for an unknown Windows kernel vulnerability. During my investigation in parallel with ESET researchers, I was surprised to discover two new zero-day exploits in the same

Read more

Read more