Keep Zoombombing cybercriminals from dropping a load on your meetings

In a zeitgeisty moment, Zoom has become the web conference tool of choice for everyone. Unfortunately, cybercriminals are taking note and Zoombooming the public. We show readers how to protect against this intrusion of privacy.

Categories:

Tags:

(Read more…)

The post Keep Zoombombing cybercriminals from dropping a load on your meetings appeared first on Malwarebytes Labs.

APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT

We look at a spear phishing attack from APT36, an Advanced Persistent Threat group posing as the government of India and offering guidance on coronavirus. Instead, users are infected with a Crimson RAT that steals data.

Categories:

Tags:

(Read more…)

The post APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT appeared first on Malwarebytes Labs.

Pulse VPN patched their vulnerability, but businesses are trailing behind

After a vulnerability in a popular business VPN solutions was discussed at length and an easy to use exploit is availbale, organizations still fail to apply the patch. What’s up?

Categories:

Tags:

(Read more…)

The post Pulse VPN patched their vulnerability, but businesses are trailing behind appeared first on Malwarebytes Labs.

New iOS exploit checkm8 allows permanent compromise of iPhones

A new exploit for iOS enables attackers to gain permanent access to iPhones, iPads, Apple Watches, and more—with zero potential for patching. Learn why this is possibly the biggest security news for iOS since its inception.

Categories:

Tags:

(Read more…)

The post New iOS exploit checkm8 allows permanent compromise of iPhones appeared first on Malwarebytes Labs.

Five years later, Heartbleed vulnerability still unpatched

The Heartbleed vulnerability was discovered and fixed in 2014, yet today—five years later—there are still unpatched systems.

Categories:

Tags:

(Read more…)

The post Five years later, Heartbleed vulnerability still unpatched appeared first on Malwarebytes Labs.

The Hidden Bee infection chain, part 1: the stegano pack

The Hidden Bee cryptominer has a complex and multi-layered internal structure that is unusual among cybercrime toolkits. That’s why we’re dedicating a series of posts to exploring its elements and updates made during one year of its evolution.

Categories:

Tags:

(Read more…)

The post The Hidden Bee infection chain, part 1: the stegano pack appeared first on Malwarebytes Labs.

Exploit kits: summer 2019 review

In this edition of our seasonal review of exploit kits, we review active and unique EKs hitting consumers and businesses over the summer 2019 season.

Categories:

Tags:

(Read more…)

The post Exploit kits: summer 2019 review appeared first on Malwarebytes Labs.

GreenFlash Sundown exploit kit expands via large malvertising campaign

The GreenFlash exploit kit, which we typically saw targeting South Korean users, reaches globally with a large malvertising campaign via a popular website.

Categories:

Tags:

(Read more…)

The post GreenFlash Sundown exploit kit expands via large malvertising campaign appeared first on Malwarebytes Labs.

Hidden Bee: Let’s go down the rabbit hole

The complex and sophisticated custom malware, Hidden Bee, is a Chinese cryptominer that recently released an updated sample. We unpack the sample to look at the functionality of its loader and compare it against earlier versions.

Categories:

Tags:

(Read more…)

The post Hidden Bee: Let’s go down the rabbit hole appeared first on Malwarebytes Labs.