Avzhan DDoS bot dropped by Chinese drive-by attack

Credit to Author: hasherezade| Date: Fri, 23 Feb 2018 18:00:00 +0000

The Avzhan DDoS bot is back in the wild again, this time being dropped by a Chinese drive-by attack. In this post, we’ll take a deep dive into its functionality and compare the sample we captured with the one described in the past.

Categories:

Tags:

(Read more…)

The post Avzhan DDoS bot dropped by Chinese drive-by attack appeared first on Malwarebytes Labs.

Read more

INFOGRAPHIC: Quick Heal Annual Threat Report 2018 | Key Findings

Credit to Author: Rajib Singha| Date: Mon, 19 Feb 2018 12:46:37 +0000

The Quick Heal Annual Threat Report 2018 is up and it puts together information that concerns individuals and business owners alike. It gives an insight into how the cybersecurity landscape shaped up in 2017 and how it is going to be in 2018. This infographic presents a quick overview of…

Read more

How artificial intelligence stopped an Emotet outbreak

Credit to Author: Windows Defender ATP| Date: Wed, 14 Feb 2018 14:43:26 +0000

At 12:46 a.m. local time on February 3, a Windows 7 Pro customer in North Carolina became the first would-be victim of a new malware attack campaign for Trojan:Win32/Emotet. In the next 30 minutes, the campaign tried to attack over a thousand potential victims, all of whom were instantly and automatically protected by Windows Defender

Read more

Read more

A massive security flaw discovered in Skype. Fix not coming anytime soon.

Credit to Author: Shriram Munde| Date: Wed, 14 Feb 2018 09:10:30 +0000

Quick Heal Security Labs has recently learned about a serious vulnerability in Skype’s update installer – that’s the bad news. The worse news is, Microsoft is not going to patch the vulnerability anytime soon as this would require the updater to go through a ‘large code revision’. What is this…

Read more

Kotlin-based malicious apps penetrate Google market

Credit to Author: Gleb Malygin| Date: Tue, 13 Feb 2018 16:00:00 +0000

New malicious apps appear in Google Play abusing Kotlin, the “safest” official programming language for the Android.

Categories:

Tags:

(Read more…)

The post Kotlin-based malicious apps penetrate Google market appeared first on Malwarebytes Labs.

Read more

The Runner: a key component of the SamSam ransomware campaign – An analysis by Quick Heal Security Labs

Credit to Author: Amar Patil| Date: Thu, 08 Feb 2018 06:53:36 +0000

In Jan 2018, Greenfield, Indiana-based Hancock Health (healthcare network) was attacked by SamSam ransomware. It encrypted the files containing patients’ data which disrupted their critical services. Even though SamSam is not a new ransomware, it has evolved over a period of time. We had observed its first variant in Feb…

Read more

The Runner: a key component of the SamSam ransomware campaign

Credit to Author: Amar Patil| Date: Thu, 08 Feb 2018 06:53:36 +0000

In Jan 2018, Greenfield, Indiana-based Hancock Health (healthcare network) was attacked by SamSam ransomware. It encrypted the files containing patients’ data which disrupted their critical services. Even though SamSam is not a new ransomware, it has evolved over a period of time. We had observed its first variant in Feb…

Read more

How to detect and remove the bitcoin miner malware

Credit to Author: Quick Heal Security Labs| Date: Tue, 06 Feb 2018 08:18:46 +0000

This article aims to help you detect and remove the newly emerged fileless bitcoin miner malware and protect your computer. Bitcoin is a digital cash system. The difference between using bitcoin and using regular money is that bitcoins can be used without having to link any sort of real-world identity…

Read more

Malspam campaigns exploiting recent MS Office vulnerability ‘CVE-2017-11882’ – An Analysis by Quick Heal Security Labs

Credit to Author: Aniruddha Dolas| Date: Mon, 05 Feb 2018 10:12:34 +0000

No wonder malspam campaigns are a major medium to spread malware. Previously, we have written about such campaigns making use of MS Office malware such as malicious macro, CVE-2017-0199, CVE-2017-8759 and DDE-based attack. Recently, we have started observing various malspam campaigns exploiting the latest MS Office vulnerability CVE-2018-11882. Let’s take a look…

Read more

Malspam campaigns exploiting recent MS Office vulnerability ‘CVE-2017-11882’

Credit to Author: Aniruddha Dolas| Date: Mon, 05 Feb 2018 10:12:34 +0000

No wonder malspam campaigns are a major medium to spread malware. Previously, we have written about such campaigns making use of MS Office malware such as malicious macro CVE-2017-0199, CVE-2017-8759 and DDE-based attack. Recently, we have started observing various malspam campaigns exploiting the latest MS Office vulnerability CVE-2018-11882. Let’s take a…

Read more