Drive-by download campaign targets Chinese websites, experiments with exploits

Credit to Author: Jérôme Segura| Date: Thu, 22 Feb 2018 16:00:00 +0000

This custom made drive-by download attack targets some Chinese websites and their visitors while experimenting with exploits.

Categories:

Tags:

(Read more…)

The post Drive-by download campaign targets Chinese websites, experiments with exploits appeared first on Malwarebytes Labs.

Read more

New Flash Player zero-day comes inside Office document

Credit to Author: Jérôme Segura| Date: Mon, 05 Feb 2018 20:55:16 +0000

Threat actors are targeting South Korea with a Flash Player zero-day in limited attacks, according to Adobe.

Categories:

Tags:

(Read more…)

The post New Flash Player zero-day comes inside Office document appeared first on Malwarebytes Labs.

Read more

GandCrab ransomware distributed by RIG and GrandSoft exploit kits (updated)

Credit to Author: Malwarebytes Labs| Date: Tue, 30 Jan 2018 23:43:52 +0000

Ransomware may have slowed its growth but is still a go-to payload for threat actors looking to monetize drive-by download attacks. The latest attempt: GandCrab ransomware.

Categories:

Tags:

(Read more…)

The post GandCrab ransomware distributed by RIG and GrandSoft exploit kits (updated) appeared first on Malwarebytes Labs.

Read more

GandCrab ransomware distributed by RIG and GrandSoft exploit kits

Credit to Author: Malwarebytes Labs| Date: Tue, 30 Jan 2018 23:43:52 +0000

Ransomware may have slowed its growth but is still a go-to payload for threat actors looking to monetize drive-by download attacks. The latest attempt: GandCrab ransomware.

Categories:

Tags:

(Read more…)

The post GandCrab ransomware distributed by RIG and GrandSoft exploit kits appeared first on Malwarebytes Labs.

Read more

A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017

Credit to Author: Windows Defender ATP| Date: Wed, 10 Jan 2018 14:00:31 +0000

Adopting reliable attack methods and techniques borrowed from more evolved threat types, ransomware attained new levels of reach and damage in 2017. The following trends characterize the ransomware narrative in the past year: Three global outbreaks showed the force of ransomware in making real-world impact, affecting corporate networks and bringing down critical services like hospitals,

Read more

Read more

Meltdown and Spectre fallout: patching problems persist

Credit to Author: Jérôme Boursier| Date: Thu, 11 Jan 2018 14:00:00 +0000

In the days since Meltdown and Spectre have been made public, we’ve tracked which elements of the design flaw, known as speculative execution, are vulnerable and how different vendors are handling the patching process.

Categories:

Tags:

(Read more…)

The post Meltdown and Spectre fallout: patching problems persist appeared first on Malwarebytes Labs.

Read more

Use TeamViewer? Fix this dangerous permissions bug with an update

Credit to Author: Malwarebytes Labs| Date: Wed, 06 Dec 2017 19:42:54 +0000

A potentially dangerous permissions bug in TeamViewer grants unauthorised access to either the client or the server—and patches may take up to a week to fully roll out.

Categories:

Tags:

(Read more…)

The post Use TeamViewer? Fix this dangerous permissions bug with an update appeared first on Malwarebytes Labs.

Read more

Seamless campaign serves RIG EK via Punycode (updated)

Credit to Author: Jérôme Segura| Date: Mon, 04 Dec 2017 22:48:49 +0000

The most prolific gate to the RIG exploit kit is coming in a different flavor. The Seamless campaign is now using a domain name with foreign characters translated by Punycode.

Categories:

Tags:

(Read more…)

The post Seamless campaign serves RIG EK via Punycode (updated) appeared first on Malwarebytes Labs.

Read more

Seamless campaign serves RIG EK via Punycode

Credit to Author: Jérôme Segura| Date: Mon, 04 Dec 2017 22:48:49 +0000

The most prolific gate to the RIG exploit kit is coming in a different flavor. The Seamless campaign is now using a domain name with foreign characters translated by Punycode.

Categories:

Tags:

(Read more…)

The post Seamless campaign serves RIG EK via Punycode appeared first on Malwarebytes Labs.

Read more

Terror exploit kit goes HTTPS all the way

Credit to Author: Jérôme Segura| Date: Mon, 27 Nov 2017 20:00:34 +0000

A look at some techniques used by the Terror exploit kit to evade traffic-based detection.

Categories:

Tags:

(Read more…)

The post Terror exploit kit goes HTTPS all the way appeared first on Malwarebytes Labs.

Read more