dcsimg

A week in security (August 19 – 25)

Last week on Malwarebytes Labs, we reported on the presence of Magecart on a type of poker software; outlined how the Key Negotiation of Bluetooth (KNOB) attack works; followed the money on a Bitcoin sextortion campaign; looked back at DEF CON 27; and reported on continuing ransomware attacks on several US cities. Other cybersecurity news After turning away two vulnerability reports brought … [Read more...]

A week in security (July 15 – 21)

Last week on Malwarebytes Labs, we took an extensive look at Sodinokibi, one of the new ransomware strains found in the wild that many believe picked up where GandCrab left off. We also profiled Extenbro, a Trojan that protects adware; reported on the UK’s new Facebook reporting tool, homed in on new Magecart strategies that render them ‘”bulletproof;” identified challenges … [Read more...]

A week in security (June 10 – 16)

Last week on Malwarebytes Labs, we revealed to readers the mindset of security pros as to why they lack confidence in their ability to prevent their organizations getting breached. We also reported on Maine Governor Janet Mills implementing the state’s own privacy protections, how Apple can better protect its users’ privacy, the continuous trending of the MegaCortex ransomware, how cyberbullies … [Read more...]

The Advanced Persistent Threat files: Lazarus Group

We’ve heard a lot about Advanced Persistent Threats (APTs) over the past few years. As a refresher, APTs are prolonged, aimed attacks on specific targets with the intention to compromise their systems and gain information from or about that target. While the targets may be anyone or anything—a person, business, or other organization—APTs are often associated with government or military … [Read more...]

The Advanced Persistent Threat files: APT10

We’ve heard a lot about Advanced Persistent Threats (APTs) over the past few years. As a refresher, APTs are prolonged, aimed attacks on specific targets with the intention to compromise their systems and gain information from or about that target. While the targets may be anyone or anything—a person, business, or other organization—APTs are often associated with government or military … [Read more...]

A week in security (June 4 – June 10)

Last week on Labs, we took a look at hidden mobile ads, the perils of social media spam, and how to shore up your landline defenses. We also took a deep dive into Emotet malware analysis, and gave you some summertime safety tips. Other news Update your Adobe Flash player if you haven’t already. (source: Adobe) Be careful with your World Cup Wi-Fi. (Source: Securelist) Wannacry ransomware … [Read more...]

Perspectives on Russian hacking

Russia is an endlessly fascinating subject both in and around infosec. Recent years have shifted attention away from pure malware capabilities, to psyops, social engineering, and an endless slew of mind games designed to destabilize and keep nations ever-so-slightly off balance. Security firms in some countries claim Russia would “win” in a so-called cyber war; elsewhere, whole nations … [Read more...]