A look into Drupalgeddon’s client-side attacks

Credit to Author: Jérôme Segura| Date: Fri, 18 May 2018 15:00:00 +0000

Back-to-back Drupal zero-day vulnerabilities are being monetized with malicious web cryptominers.

Categories:

Tags:

(Read more…)

The post A look into Drupalgeddon’s client-side attacks appeared first on Malwarebytes Labs.

Read more

Adobe Reader zero-day discovered alongside Windows vulnerability

Credit to Author: Jérôme Segura| Date: Tue, 15 May 2018 18:44:14 +0000

A new Adobe Reader zero-day exploit has been discovered, including a full sandbox escape.

Categories:

Tags:

(Read more…)

The post Adobe Reader zero-day discovered alongside Windows vulnerability appeared first on Malwarebytes Labs.

Read more

Tech support scam uses fake Shoppers Stop site to lure thousands

Credit to Author: Jérôme Segura| Date: Tue, 08 May 2018 13:25:00 +0000

The same group behind the Shoppers Stop tech scam campaign is at it again, injecting malicious ad code into thousands of sites and redirecting to a templated warning page.

Categories:

Tags:

(Read more…)

The post Tech support scam uses fake Shoppers Stop site to lure thousands appeared first on Malwarebytes Labs.

Read more

Tech support scam uses fake Shoppers Stop to draw from thousands of forced ad injections

Credit to Author: Jérôme Segura| Date: Tue, 08 May 2018 13:25:00 +0000

The same group behind the Shoppers Stop tech scam campaign is at it again, injecting malicious ad code into thousands of sites and redirecting to a templated warning page.

Categories:

Tags:

(Read more…)

The post Tech support scam uses fake Shoppers Stop to draw from thousands of forced ad injections appeared first on Malwarebytes Labs.

Read more

Internet Explorer zero-day: browser is once again under attack

Credit to Author: Jérôme Segura| Date: Thu, 10 May 2018 19:58:00 +0000

Internet Explorer is yet again leveraged for a zero-day exploit delivered via Office document—the first zero-day observed for IE in over two years.

Categories:

Tags:

(Read more…)

The post Internet Explorer zero-day: browser is once again under attack appeared first on Malwarebytes Labs.

Read more

Netflix phish claims your membership is on hold

Credit to Author: Christopher Boyd| Date: Wed, 09 May 2018 17:00:54 +0000

We take a look at a new Netflix phish in circulation, using the time-honored trick of claiming the recipient is about to lose access unless they hand over some personal information.

Categories:

Tags:

(Read more…)

The post Netflix phish claims your membership is on hold appeared first on Malwarebytes Labs.

Read more

Kuik: a simple yet annoying piece of adware

Credit to Author: Malwarebytes Labs| Date: Tue, 08 May 2018 16:00:27 +0000

Kuik adware, which forces affected machines to join a domain controller, is using this unusual technique to push Google Chrome extensions and coin miner applications. In this blog, we’ll provide technical analysis of the adware and custom removal instructions.

Categories:

Tags:

(Read more…)

The post Kuik: a simple yet annoying piece of adware appeared first on Malwarebytes Labs.

Read more

Shoppers Stop tech scam draws from thousands of forced ad injections

Credit to Author: Jérôme Segura| Date: Tue, 08 May 2018 13:25:00 +0000

The same group behind the Shoppers Stop tech scam campaign is at it again, injecting malicious ad code into thousands of sites and redirecting to a templated warning page.

Categories:

Tags:

(Read more…)

The post Shoppers Stop tech scam draws from thousands of forced ad injections appeared first on Malwarebytes Labs.

Read more

Internet Shortcut used in Necurs malspam campaign

Credit to Author: Malwarebytes Labs| Date: Thu, 03 May 2018 17:44:18 +0000

The Necurs gang tries out a new trick to load malware and bypass security defenses.

Categories:

Tags:

(Read more…)

The post Internet Shortcut used in Necurs malspam campaign appeared first on Malwarebytes Labs.

Read more

Spartacus ransomware: introduction to a strain of unsophisticated malware

Credit to Author: Vasilios Hioureas| Date: Mon, 30 Apr 2018 17:40:09 +0000

Spartacus ransomware is a fairly new variant seen in 2018. We’ll walk you through the malware sample to analyze the code in detail, and help you learn how to get an obfuscated .NET sample into a readable state.

Categories:

Tags:

(Read more…)

The post Spartacus ransomware: introduction to a strain of unsophisticated malware appeared first on Malwarebytes Labs.

Read more

New Crossrider variant installs configuration profiles on Macs

Credit to Author: Thomas Reed| Date: Tue, 24 Apr 2018 16:30:00 +0000

A new variant of the Crossrider adware has been spotted that is infecting Macs in a unique way, using a configuration profile to keep its effects resident in the system.

Categories:

Tags:

(Read more…)

The post New Crossrider variant installs configuration profiles on Macs appeared first on Malwarebytes Labs.

Read more