Researchers at Guardicore have identified a new infection vector being used by the Perkiler malware where internet-facing Windows machines are breached through SMB password brute force. Perkiler is a complex Windows malware with rootkit components that is dropped by the Purple Fox exploit kit (EK) and was spread by phishing campaigns. What is SMB? Server Message Block (SMB), aka Common … [Read more...]
SMB cybersecurity posture weakened by COVID-19, Labs report finds
In August, Malwarebytes Labs analyzed the damage caused by COVID-19 to business cybersecurity. Because of immediate, mandated transitions to working from home (WFH), businesses across the United States suffered more data breaches, lost more dollars, and increased their overall attack surfaces, all while experiencing a worrying lack of cybersecurity awareness on behalf of workers and IT and … [Read more...]
A week in security (April 27 – May 3)
Last week on Malwarebytes Labs, we looked at how secure the cloud is, understood why unexpected demand can influence an organization to consider their “just in time” (JIT) system, speculated on why the threat actors behind the Troldesh ransomware suddenly released thousands of decryption keys, preached the good news about VPN being mainstream, touched on the relationship between cybercrime and a … [Read more...]
Why managed service providers (MSP) are critical for business continuity
With the threat landscape becoming more hostile to businesses, small- and medium-sized businesses (SMBs) are often finding it difficult to cope. Hence, they turn to managed service providers (MSPs) for help, not only to keep their businesses going—the concept known as business continuity—but also to offer salve to known pain points that encompass all industries. Short-staffed One of the … [Read more...]
Internet Shortcut used in Necurs malspam campaign
The Necurs botnet continues to be one of the most prolific malicious spam distributors, with regular waves of carefully-crafted attachments that are used to download malware. The majority of malspam campaigns that we track are targeting Microsoft Office with documents containing either macros or exploits. We also see a number of other types of malicious attachments that are zipped scripts (.VBS, … [Read more...]
Explored: Using Multiple Hyper-V Virtual Switches
In our article on common Hyper-V deployment mistakes, one item we discussed was the creation of too many Hyper-V virtual switches. This article will expand on that thought and cover various Hyper-V virtual switch deployment scenarios. One Switch will Usually […] Read the post here: Explored: Using Multiple Hyper-V Virtual Switches … [Read more...]
Storage and Hyper-V Part 7: Actual Performance
This series has meandered down a long and winding path from basic concepts to theory to practice. In this final installment, I’m going to show a lot of really boring graphs and charts to answer the big question: What about […] Read the post here: Storage and Hyper-V Part 7: Actual Performance … [Read more...]