Silent Librarian APT right on schedule for 20/21 academic year

As expected, this Iranian APT set up a new campaign to target universities around the world when schools and universities went back.

Categories:

Tags:

(Read more…)

The post Silent Librarian APT right on schedule for 20/21 academic year appeared first on Malwarebytes Labs.

Release the Kraken: Fileless APT attack abuses Windows Error Reporting service

We discovered a new attack that injected its payload—dubbed “Kraken—into the Windows Error Reporting (WER) service as a defense evasion mechanism.

Categories:

Tags:

(Read more…)

The post Release the Kraken: Fileless APT attack abuses Windows Error Reporting service appeared first on Malwarebytes Labs.

Lock and Code S1Ep15: Safely using Google Chrome Extensions with Pieter Arntz

This week on Lock and Code, we talk to Pieter Arntz, malware intelligence researcher for Malwarebytes, about Google Chrome extensions.

Categories:

Tags:

(Read more…)

The post Lock and Code S1Ep15: Safely using Google Chrome Extensions with Pieter Arntz appeared first on Malwarebytes Labs.

A week in security (July 20 – 26)

A roundup of cybersecurity news from July 20 – 26, including Deepfakes, Bluetooth technology, and APT groups.

Categories:

Tags:

(Read more…)

The post A week in security (July 20 – 26) appeared first on Malwarebytes Labs.

Chinese APT group targets India and Hong Kong using new variant of MgBot malware

We uncovered an active campaign in early July that we attribute to a new Chinese APT group attacking India and Hong Kong with MgBot malware.

Categories:

Tags:

(Read more…)

The post Chinese APT group targets India and Hong Kong using new variant of MgBot malware appeared first on Malwarebytes Labs.

Multi-stage APT attack drops Cobalt Strike using Malleable C2 feature

A newly discovered APT spear-phishing attack implements several evasion techniques to drop Cobalt Strike toolkit.

Categories:

Tags:

(Read more…)

The post Multi-stage APT attack drops Cobalt Strike using Malleable C2 feature appeared first on Malwarebytes Labs.

New Mac variant of Lazarus Dacls RAT distributed via Trojanized 2FA app

The Lazarus group improves their toolset with a new RAT specifically designed for the Mac.

Categories:

Tags:

(Read more…)

The post New Mac variant of Lazarus Dacls RAT distributed via Trojanized 2FA app appeared first on Malwarebytes Labs.

A week in security (April 27 – May 3)

A roundup of the previous week’s security news, including cloud data protection, Troldesh, VPNs, the cybercrime economy, and more.

Categories:

Tags:

(Read more…)

The post A week in security (April 27 – May 3) appeared first on Malwarebytes Labs.

APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT

We look at a spear phishing attack from APT36, an Advanced Persistent Threat group posing as the government of India and offering guidance on coronavirus. Instead, users are infected with a Crimson RAT that steals data.

Categories:

Tags:

(Read more…)

The post APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT appeared first on Malwarebytes Labs.