Five years later, Heartbleed vulnerability still unpatched

Credit to Author: Gilad Maayan| Date: Thu, 12 Sep 2019 15:00:00 +0000

The Heartbleed vulnerability was discovered and fixed in 2014, yet today—five years later—there are still unpatched systems.

Categories:

Tags:

(Read more…)

The post Five years later, Heartbleed vulnerability still unpatched appeared first on Malwarebytes Labs.

Read more

Everything you need to know about the Heartbleed vulnerability

Credit to Author: Malwarebytes Labs| Date: Fri, 30 Aug 2019 16:16:00 +0000

The Heartbleed vulnerability was discovered and fixed in 2014, yet today—five years later—there are still unpatched systems.

Categories:

Tags:

(Read more…)

The post Everything you need to know about the Heartbleed vulnerability appeared first on Malwarebytes Labs.

Read more

The Hidden Bee infection chain, part 1: the stegano pack

Credit to Author: hasherezade| Date: Thu, 15 Aug 2019 15:26:55 +0000

The Hidden Bee cryptominer has a complex and multi-layered internal structure that is unusual among cybercrime toolkits. That’s why we’re dedicating a series of posts to exploring its elements and updates made during one year of its evolution.

Categories:

Tags:

(Read more…)

The post The Hidden Bee infection chain, part 1: the stegano pack appeared first on Malwarebytes Labs.

Read more

Say hello to Lord Exploit Kit

Credit to Author: Jérôme Segura| Date: Fri, 02 Aug 2019 18:15:24 +0000

In this blog, we take a look at a new exploit kit distributed via malvertising that calls itself Lord EK.

Categories:

Tags:

(Read more…)

The post Say hello to Lord Exploit Kit appeared first on Malwarebytes Labs.

Read more

Exploit kits: summer 2019 review

Credit to Author: Jérôme Segura| Date: Tue, 30 Jul 2019 16:20:33 +0000

In this edition of our seasonal review of exploit kits, we review active and unique EKs hitting consumers and businesses over the summer 2019 season.

Categories:

Tags:

(Read more…)

The post Exploit kits: summer 2019 review appeared first on Malwarebytes Labs.

Read more

GreenFlash Sundown exploit kit expands via large malvertising campaign

Credit to Author: Jérôme Segura| Date: Wed, 26 Jun 2019 18:30:48 +0000

The GreenFlash exploit kit, which we typically saw targeting South Korean users, reaches globally with a large malvertising campaign via a popular website.

Categories:

Tags:

(Read more…)

The post GreenFlash Sundown exploit kit expands via large malvertising campaign appeared first on Malwarebytes Labs.

Read more

Patch Tuesday squashes 89 bugs-including a SophosLabs find

Credit to Author: SophosLabs Offensive Security| Date: Tue, 11 Jun 2019 21:20:51 +0000

No bugs known to be exploited in the wild, but plenty of serious flaws that need updates<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/l4pze2u2S-k” height=”1″ width=”1″ alt=””/>

Read more

Hidden Bee: Let’s go down the rabbit hole

Credit to Author: hasherezade| Date: Fri, 31 May 2019 17:32:57 +0000

The complex and sophisticated custom malware, Hidden Bee, is a Chinese cryptominer that recently released an updated sample. We unpack the sample to look at the functionality of its loader and compare it against earlier versions.

Categories:

Tags:

(Read more…)

The post Hidden Bee: Let’s go down the rabbit hole appeared first on Malwarebytes Labs.

Read more

Microsoft pushes patch to prevent ‘WannaCry level’ vulnerability

Credit to Author: Malwarebytes Labs| Date: Wed, 15 May 2019 16:57:16 +0000

This month marks two years since the infamous WannaCry attack. Now a Remote Desktop Protocol (RDP) vulnerability has been discovered that could be used in a similar large-scale attack—though Microsoft has released a patch. Have you updated yet?

Categories:

Tags:

(Read more…)

The post Microsoft pushes patch to prevent ‘WannaCry level’ vulnerability appeared first on Malwarebytes Labs.

Read more

Microsoft pushes patch to prevent ‘WannaCry’ level vulnerability

Credit to Author: Malwarebytes Labs| Date: Wed, 15 May 2019 16:57:16 +0000

This month marks two years since the infamous WannaCry attack. Now a Remote Desktop Protocol (RDP) vulnerability has been discovered that could be used in a similar large-scale attack—though Microsoft has released a patch. Have you updated yet?

Categories:

Tags:

(Read more…)

The post Microsoft pushes patch to prevent ‘WannaCry’ level vulnerability appeared first on Malwarebytes Labs.

Read more