FBI and CISA warn of APT groups exploiting ADSelfService Plus

Credit to Author: Pieter Arntz| Date: Fri, 17 Sep 2021 13:48:46 +0000

APT actors are exploiting a recently-discovered flaw in ManageEngine’s self-service password management product.

Categories: Exploits and vulnerabilities

Tags:

(Read more…)

The post FBI and CISA warn of APT groups exploiting ADSelfService Plus appeared first on Malwarebytes Labs.

Read more

Kimsuky APT continues to target South Korean government using AppleSeed backdoor

Credit to Author: Threat Intelligence Team| Date: Tue, 01 Jun 2021 13:00:00 +0000

Kimsuky, the North Korean threat actor active since 2012, is still targeting the South Korean government. We take a look at the phishing infrastructure and command and control mechanisms of this APT.

Categories: MalwareThreat analysis

Tags:

(Read more…)

The post Kimsuky APT continues to target South Korean government using AppleSeed backdoor appeared first on Malwarebytes Labs.

Read more

Lazarus APT conceals malicious code within BMP image to drop its RAT

Credit to Author: Threat Intelligence Team| Date: Mon, 19 Apr 2021 15:00:00 +0000

The North Korean APT uses a clever technique to bypass security products by embedding one of its payload as a BMP image.

Categories: Malwarebytes news

Tags:

(Read more…)

The post Lazarus APT conceals malicious code within BMP image to drop its RAT appeared first on Malwarebytes Labs.

Read more

Microsoft Exchange attacks cause panic as criminals go shell collecting

Credit to Author: Pieter Arntz| Date: Tue, 09 Mar 2021 19:59:37 +0000

The ProxyLogon vulnerability in Microsoft Exchange has moved from an Advanced Persistent Threat to every cybercrime’s new toy in record time.

Categories: Malwarebytes news

Tags:

(Read more…)

The post Microsoft Exchange attacks cause panic as criminals go shell collecting appeared first on Malwarebytes Labs.

Read more

Defending online anonymity and speech with Eva Galperin: Lock and Code S02E03

Credit to Author: Malwarebytes Labs| Date: Mon, 01 Mar 2021 14:00:00 +0000

On Lock and Code, we talk to Eva Galperin, director of cybersecurity for EFF, about the importance of defending online anonymity and speech.

Categories: Podcast

Tags:

(Read more…)

The post Defending online anonymity and speech with Eva Galperin: Lock and Code S02E03 appeared first on Malwarebytes Labs.

Read more

Silent Librarian APT right on schedule for 20/21 academic year

Credit to Author: Threat Intelligence Team| Date: Wed, 14 Oct 2020 13:29:25 +0000

As expected, this Iranian APT set up a new campaign to target universities around the world when schools and universities went back.

Categories:

Tags:

(Read more…)

The post Silent Librarian APT right on schedule for 20/21 academic year appeared first on Malwarebytes Labs.

Read more

Release the Kraken: Fileless injection into Windows Error Reporting service

Credit to Author: Threat Intelligence Team| Date: Tue, 06 Oct 2020 15:00:00 +0000

We discovered a new attack that injected its payload—dubbed “Kraken—into the Windows Error Reporting (WER) service as a defense evasion mechanism.

Categories:

Tags:

(Read more…)

The post Release the Kraken: Fileless injection into Windows Error Reporting service appeared first on Malwarebytes Labs.

Read more