Credit to Author: Malwarebytes Labs| Date: Mon, 30 May 2022 12:41:00 +0000
Posts from the last week on Malwarebytes Labs describing all the latest news, exploits, scams, and more.
The post A week in security (May 23 – 29) appeared first on Malwarebytes Labs.
Read moreCredit to Author: Pieter Arntz| Date: Tue, 19 Apr 2022 13:56:55 +0000
The Lazarus Group is targeting companies involved in blockchain technology.
The post North Korean Lazarus APT group targets blockchain tech companies appeared first on Malwarebytes Labs.
Read more
Credit to Author: BrianKrebs| Date: Wed, 06 Apr 2022 17:55:38 +0000
Many organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks to pivot from an opportunistic malware infection to a full blown data breach. But few organizations have a playbook for responding to the kinds of virtual “smash and grab” attacks we’ve seen recently from LAPSUS$, a juvenile data extortion group whose short-lived, low-tech and remarkably effective tactics are putting some of the world’s biggest corporations on edge.
Read moreCredit to Author: Threat Intelligence Team| Date: Fri, 25 Feb 2022 20:59:40 +0000
There are many uncertainties with Russia’s invasion and war in Ukraine. In this unpredictable environment, we detail previous, current and expected cyber threats to watch out for.
The post Cyber lures and threats in the context of the war in Ukraine appeared first on Malwarebytes Labs.
Read moreCredit to Author: Malwarebytes Labs| Date: Fri, 25 Feb 2022 18:54:27 +0000
Cybersecurity agencies in the US and UK have issued a joint cybersecurity advisory (CSA) on MuddyWater, an Iranian APT.
The post CISA warns of cyberespionage by Iranian APT “MuddyWater” appeared first on Malwarebytes Labs.
Read more
Credit to Author: Chester Wisniewski| Date: Wed, 23 Feb 2022 04:04:23 +0000
A review of 15 years of activity designed to distract, confuse, deny, destablize, and divide
Read moreCredit to Author: Threat Intelligence Team| Date: Thu, 27 Jan 2022 16:20:16 +0000
 | |
| How one of North Korea’s most sophisticated APTs tries to avoid detection by using legitiate tools during its attacks. Categories: Threat Intelligence |
The post North Korea’s Lazarus APT leverages Windows Update client, GitHub in latest campaign appeared first on Malwarebytes Labs.
Read moreCredit to Author: Threat Intelligence Team| Date: Mon, 16 Mar 2020 15:00:00 +0000
 | |
| We look at a spear phishing attack from APT36, an Advanced Persistent Threat group posing as the government of India and offering guidance on coronavirus. Instead, users are infected with a Crimson RAT that steals data. Categories: Tags: APTAPT36coronaviruscoronavirus malwarecovid-19credential stealercrimson ratexploitexploitsinfo-stealermacromalicious macromalwarenation-state attackratremote administration toolSocial Engineeringspear phishingspear phishing attacktransparent tribe |
The post APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT appeared first on Malwarebytes Labs.
Read moreCredit to Author: William Tsing| Date: Thu, 30 Jan 2020 16:00:00 +0000
 | |
| Behind each cyberattack on the MSP is typically a system left unpatched, asset management undone, security officer not hired, or board who sees investment in security as a cost center rather than a long-term investment. Categories: Tags: advanced persistent threatadvanced persistent threatsAPTbreachcredential managementcredentialsdata breachhackingmanaged service providerMSPMSPsphishing |
The post Securing the MSP: why they’re their own worst enemy appeared first on Malwarebytes Labs.
Read moreCredit to Author: William Tsing| Date: Thu, 30 Jan 2020 16:00:00 +0000
| |
| Behind each cyberattack on the MSP is typically a system left unpatched, asset management undone, security officer not hired, or board who sees investment in security as a cost center rather than a long-term investment. Categories: Tags: advanced persistent threatadvanced persistent threatsAPTbreachcredential managementcredentialsdata breachhackingmanaged service providerMSPMSPsphishing |
The post Securing the MSP: their own worst enemy appeared first on Malwarebytes Labs.
Read more