Threat analysis – Page 3 – WindowsTechs.com

A look into the Drupalgeddon client-side attacks

Posted on May 18, 2018 by Jérôme Segura

Back-to-back Drupal zero-day vulnerabilities are being monetized with malicious web cryptominers.
Categories:

Cryptomining
Threat analysis

Tags: CMScontent management systemsdrupaldrupalgeddonmalicious cryptomining

Adobe Reader zero-day discovered alongside Windows vulnerability

Posted on May 15, 2018 by Jérôme Segura

A new Adobe Reader zero-day exploit has been discovered, including a full sandbox escape.
Categories:

Exploits
Threat analysis

Tags: 0dayadobeAdobe ReaderCVE-2018-4990CVE-2018-8120zero day

Internet Explorer zero-day: browser is once again under attack

Posted on May 10, 2018 by Jérôme Segura

Internet Explorer is yet again leveraged for a zero-day exploit delivered via Office document—the first zero-day observed for IE in over two years.
Categories:

Exploits
Threat analysis

Tags: 0dayCVE-2018-8174zero day

Netflix phish claims your membership is on hold

Posted on May 9, 2018 by Christopher Boyd

We take a look at a new Netflix phish in circulation, using the time-honored trick of claiming the recipient is about to lose access unless they hand over some personal information.
Categories:

Social engineering
Threat analysis

Tags: Appleemai… Continue reading Netflix phish claims your membership is on hold→

Kuik: a simple yet annoying piece of adware

Posted on May 8, 2018 by Malwarebytes Labs

Kuik adware, which forces affected machines to join a domain controller, is using this unusual technique to push Google Chrome extensions and coin miner applications. In this blog, we’ll provide technical analysis of the adware and custom removal … Continue reading Kuik: a simple yet annoying piece of adware→

Internet Shortcut used in Necurs malspam campaign

Posted on May 3, 2018 by Malwarebytes Labs

The Necurs gang tries out a new trick to load malware and bypass security defenses.
Categories:

Criminals
Threat analysis

Tags: botnetmalspamnecurssambaSMBspam

(Read more…)

The post Internet Shortcut used in Necurs malspam campaign a… Continue reading Internet Shortcut used in Necurs malspam campaign→

6 Steps to Quickly Defang Reported Phishing Emails

Posted on May 3, 2018 by Dane Boyd

So here it is… the first one you’ve received. Everything has been building up to this.
You spent days preparing the business case, weeks designing the training program… and it’s finally paid off.
The first user-reported phi… Continue reading 6 Steps to Quickly Defang Reported Phishing Emails→

Spartacus ransomware: introduction to a strain of unsophisticated malware

Posted on April 30, 2018 by Vasilios Hioureas

Spartacus ransomware is a fairly new variant seen in 2018. We’ll walk you through the malware sample to analyze the code in detail, and help you learn how to get an obfuscated .NET sample into a readable state.
Categories:

Malware
Threat analysi… Continue reading Spartacus ransomware: introduction to a strain of unsophisticated malware→

New Crossrider variant installs configuration profiles on Macs

Posted on April 24, 2018 by Thomas Reed

A new variant of the Crossrider adware has been spotted that is infecting Macs in a unique way, using a configuration profile to keep its effects resident in the system.
Categories:

Mac
Threat analysis

Tags: Advanced Mac Cleaneradwareconfigurat… Continue reading New Crossrider variant installs configuration profiles on Macs→