Collaborate Disseminate
 |
|
| A compilation of notable security news and blog posts from the 5th of June to the 11th. We touched on topics like HTTPS, a nasty adware, LatentBot, and other fighters against tech support scams.
Categories: Tags: cybersecurityexploit kitfireballmalwarePieter ArntzrecapsecuritySocial Engineeringweekly blog roundup |
The post A week in security (Jun 05 – Jun 11) appeared first on Malwarebytes Labs.
Security researchers say the Blackmoon banking Trojan targeting exclusively South Korean financial institutions has developed a new malware infection technique. Continue reading Blackmoon Banking Trojan Using New Infection Technique
As Microsoft hardens its defenses with tools such as Control Flow Guard, researchers at Endgame are preparing for the reality of Counterfeit Object-Oriented Programming attacks to move from theoretical to real. Continue reading Attack Method Highlights Weaknesses in Microsoft CFG
|
|
| A compilation of notable security news and blog posts from the 17th of April to the 23rd. We focused on the return of Locky ransomware, Moker Trojan, and more.
Categories: Tags: binary optionsexploit kitLockyMokerMoker TrojanransomwarerecapRIG-Vtrojanweekly blog roundup |
The post A week in security (Apr 17 – Apr 23) appeared first on Malwarebytes Labs.
We finally have gotten our hands on a sample of Moker Trojan (that was discovered in 2015). This article will be a deep dive in its capabilities.
Categories:
Malware
Threat analysis
Tags: EKexploit kitmalwareMokerratRIG EKtrojan
(Read more…)
 |
|
| In a previous post we made an initial analysis of a Diamond Fox bot delivered by the Nebula Exploit Kit (more about the campaign can be found here). We described the way to unpack the protection layer in order to get the core, written in Visual Basic, that can be decompiled. In this second part of…
Categories: Tags: Diamond FoxEKexploit kitNebulaNebula Exploit Kit |
The post Diamond Fox – part 2: let’s dive in the code appeared first on Malwarebytes Labs.
Continue reading Diamond Fox – part 2: let’s dive in the code
This isn’t the kind of thing you want to pop up when you’re surfing a porn site.
David Bisson reports.
Continue reading Smut surfers infected with Ramnit trojan as malvertising campaign deploys pop-under ads
We take another look at the Neutrino bot, known for its diverse feature set ranging from snooping on victims to performing DDos attacks. This latest version includes a hardened protective layer aimed at defeating sandboxes and hiding the bot from disc… Continue reading New Neutrino Bot comes in a protective loader
One doesn’t have to be a great coder to become a successful cybercriminal, as underground markets are filled with offerings that automate one or another step of an attack chain. Take for example the AKBuilder, a builder for Word documents that carry exploits for several vulnerabilities and a malicious, encrypted payload. The evolution of AKBuilder According to SophosLabs principal researcher Gábor Szappanos, two versions of the builder have, at one time or another, found their … More → Continue reading AKBuilder: A builder for exploit-laden Word documents
A compilation of notable security news and blog posts from the 1st of January to the 7th. This week, we touched on the Sundown exploit kit with a surprising payload and a fake technical support page that wreaked havoc on Mac systems.Categories: Securit… Continue reading A week in security (Jan 01 – Jan 07)