Process Doppelgänging meets Process Hollowing in Osiris dropper

Credit to Author: hasherezade| Date: Mon, 13 Aug 2018 18:29:57 +0000

Process doppleganging, a rare technique of impersonating a process, was discovered last year, but hasn’t been seen much in the wild since. It was an interesting surprise, then, to discover its use mixed in with Process Hollowing, yet another technique, in a dropper for the Osiris banking Trojan.

Categories:

Tags:

(Read more…)

The post Process Doppelgänging meets Process Hollowing in Osiris dropper appeared first on Malwarebytes Labs.

Read more

Again! A New .NET Ransomware Shrug2

Credit to Author: Ghanshyam More| Date: Fri, 10 Aug 2018 09:35:21 +0000

For several months, Quick Heal Security Labs has been observing an increase in ransomware which are built in  .NET framework. Ransomware like SamSam, Lime and now Shrug was found to be built in .NET framework. Malware authors are finding it very easy to build and obfuscate malware in .NET framework rather than making them in…

Read more

Cryptocurrency miner hits IoT devices, mostly affects Brazil and Russia!

Credit to Author: Pradeep Kulkarni| Date: Thu, 09 Aug 2018 08:46:11 +0000

According to a blogpost published on Aug 1, 2018, 200,000 routers in Brazil were compromised to deliver Cryptocurrency mining scripts to mine Monero (XMR) cryptocurrency. Hackers compromised the vulnerable MikroTik routers by injecting CoinHive scripts into the routers web pages in order to carry out the mass Cryptocurrency miner attack….

Read more

Transatlantic Cable podcast, episode 49

Credit to Author: Jeffrey Esposito| Date: Wed, 08 Aug 2018 12:10:35 +0000

In this edition of the podcast, Jeff and Dave discuss the Black Hat USA conference, a downside of Fortnite coming to Android, the Reddit hack, and our latest report on the state of malware.

Read more

Protecting the modern workplace from a wide range of undesirable software

Credit to Author: Windows Defender Research| Date: Tue, 07 Aug 2018 16:00:26 +0000

Security is a fundamental component of the trusted and productive Windows experience that we deliver to customers through modern platforms like Windows 10 and Windows 10 in S mode. As we build intelligent security technologies that protect the modern workplace, we aim to always ensure that customers have control over their devices and experiences. To

Read more

Read more

A week in security (July 30 – August 5)

Credit to Author: Malwarebytes Labs| Date: Mon, 06 Aug 2018 16:07:39 +0000

A roundup of the security news from July 30 – August 5, including cryptomining, big data, social engineering, and more.

Categories:

Tags:

(Read more…)

The post A week in security (July 30 – August 5) appeared first on Malwarebytes Labs.

Read more