Tag Archives: Threat analysis

RIG exploit kit campaign gets deep into crypto craze

Posted on by

We take a look at a prolific campaign that is focused on the distribution of coin miners via drive-by download attacks. We started to notice larger-than-usual payloads from the RIG exploit kit around November 2017, a trend that has continued more … Continue reading RIG exploit kit campaign gets deep into crypto craze

Napoleon: a new version of Blind ransomware

Posted on by

The ransomware previously known as Blind has been spotted recently with a .napoleon extension and a bug fix that means files can no longer be decrypted by victims. In this post, we’ll analyze the sample for its structure, behavior, and distributio… Continue reading Napoleon: a new version of Blind ransomware

Interesting disguise employed by new Mac malware HiddenLotus

Posted on by

A new piece of Mac malware called HiddenLotus is using a clever new trick to fool users into opening it.
Categories:

Mac
Threat analysis

Tags: Applefile quarantinehiddenlotusmacMac applicationsmac malwaremacOS

(Read more…)

The post I… Continue reading Interesting disguise employed by new Mac malware HiddenLotus

Seamless campaign serves RIG EK via Punycode

Posted on by

The most prolific gate to the RIG exploit kit is coming in a different flavor. The Seamless campaign is now using a domain name with foreign characters translated by Punycode.
Categories:

Exploits
Threat analysis

Tags: phishingPunycoderamnitRam… Continue reading Seamless campaign serves RIG EK via Punycode

Yet another flaw in Apple’s “iamroot” bug fix

Posted on by

Flaws in Apple’s response to the “iamroot” vulnerability show that some systems can remain vulnerable even after applying the patch.
Categories:

Mac
Threat analysis

Tags: AppleHigh Sierraiamrootmac vulnerabilitymacOS

(Read more…)

The… Continue reading Yet another flaw in Apple’s “iamroot” bug fix

Yet another flaw in Apple’s “iamroot” bug fix

Posted on by

Flaws in Apple’s response to the “iamroot” vulnerability show that some systems can remain vulnerable even after applying the patch.
Categories:

Mac
Threat analysis

Tags: AppleHigh Sierraiamrootmac vulnerabilitymacOS

(Read more…)

The… Continue reading Yet another flaw in Apple’s “iamroot” bug fix

Terror exploit kit goes HTTPS all the way

Posted on by

A look at some techniques used by the Terror exploit kit to evade traffic-based detection.
Categories:

Exploits
Threat analysis

Tags: exploit kitsmalvertisingPropeller Ads Mediasmoke loaderTerror EKTerror exploit kit

(Read more…)

The… Continue reading Terror exploit kit goes HTTPS all the way

Terdot Trojan likes social media

Posted on by

The Terdot Trojan is a banker, but it loves to steal your social networks credentials as well.
Categories:

Malware
Malwarebytes news
Threat analysis

Tags: bankerfacebooksocial mediaterdottrojantwitter

(Read more…)

The post Terdot Tro… Continue reading Terdot Trojan likes social media

OSX.Proton spreading through fake Symantec blog

Posted on by

A new variant of the OSX.Proton malware is being promoted via a fake Symantec blog site.
Categories:

Mac
Threat analysis

Tags: CoinThiefmalwareOSX.ProtonprotonProton malwaresymantecSymantec blogSymantec Malware Detector

(Read more…)

Continue reading OSX.Proton spreading through fake Symantec blog

Augmented Reality games and real-world trolling

Posted on by

The popular Augmented Reality game Ingress has had some issues with third-party tools causing headaches for players. Could your love for a mobile game result in real-world problems? Read on and find out.
Categories:

Social engineering
Threat ana… Continue reading Augmented Reality games and real-world trolling