dcsimg

Frankfurt’s IT networks grinds to a halt amid Emotet attack

The week before Christmas, Frankfurt saw the unwelcome return of Emotet, a banking trojan that recently came out of hiding to terrorise organisations across the globe.  The malware spread through the city’s systems, forcing officials to shut down its IT network, causing huge delays to government services.  This is the fourth time in recent weeks that Emotet has struck in Germany, following attacks … [Read more...]

A week in security (December 30 – January 5)

Last week on Malwarebytes Labs, we took a dive into edge computing, looked at new web skimmer techniques, and rolled our eyes at silly people doing silly things. Other cybersecurity news: Stills and chills: A Reddit user notices their security camera is grabbing stills from other people’s devices. (Source: Reddit) Tik Tok, the clock has stopped: The US Military has banned soldiers from making use … [Read more...]

New version of IcedID Trojan uses steganographic payloads

This blog post was authored by @hasherezade, with contributions from @siri_urz and Jérôme Segura. Security firm Proofpoint recently published a report about a series of malspam campaigns they attribute to a threat actor called TA2101. Originally targeting German and Italian users with Cobalt Strike and Maze ransomware, the later wave of malicious emails were aimed at the US and pushing the … [Read more...]

SMBs lack resources to defend against cyberattacks, plus pay more in the aftermath

Cyberattacks, many have noted, are the fastest growing economic crime not only in the United States, but also around the world. This upward trend has been observed since 2014, according to PricewaterhouseCoopers (PwC), and won’t likely be slowing down anytime soon. Cyberattacks—much like the advancement of technology, the interweaving of digital lives among familiars and strangers via social … [Read more...]

Cyber insurance: here to stay, whether we like it or not

Cyber insurance has been a big talking point in infosec circles for many months now. We’ve mentioned it in passing ourselves a few times, usually in relation to ransomware attacks. This isn’t surprising; ransomware may not be the threat that brought cyber insurance to life, but it absolutely helped to supercharge it. Depending on where in the world you reside, the actual act of wrapping insurance … [Read more...]

A week in security (September 9 – 15)

Last week  on the Labs blog, we looked at free VPN offerings, how malware can hinder vital emergency services, and explored how the Heartbleed vulnerability is still causing problems. We also talked about a large FTC settlement involving Google, and how to keep an eye out for leaky AWS buckets. Other cybersecurity news The Cobalt Dickens group has returned to cause trouble. (Source: … [Read more...]

Compromising vital infrastructure: problems in education security continue

The educational system and many of its elements are targets for cybercriminals on a regular basis. While education is a fundamental human right recognized by the United Nations, the financial means of many schools and other entities in the global educational system are often limited. These limited budgets often result in weak or less-than-adequate protection against cyberthreats. … [Read more...]

A week in security (July 8 – 14)

Last week on Malwarebytes Labs, we looked at ways to send your sensitive information in a secure fashion, examined some tactics in incident response land, and explored federal data privacy law. We also looked at how security tools can turn against you, and took a deep dive into the rather fiendish Soft Cell attack. Other cybersecurity news The UK government backs facial recognition tech: The … [Read more...]

Cellular networks under fire from Soft Cell attacks

We place a lot of trust in our mobile experience, given they’re one of the most constant companions we have. Huge reams of data, tied to a device we always carry with us, with said device frequently offering additional built-in app functionality. An astonishing wealth of information, for anyone bold enough to try and take it. Security firm Cybereason uncovered an astonishing attack dubbed … [Read more...]

A week in security (June 17 – 23)

Last week on the Malwarebytes Labs blog, we took a look at the growing pains of smart cities, took a deep dive into AI, jammed along to Radiohead, and looked at the lessons learned from Chernobyl in relation to critical infrastructure. We also explored a new Steam phish attack, and pulled apart a Mac cryptominer. Other cybersecurity news Florida City falls to ransomware: Riviera Beach City … [Read more...]