Rocket Loader skimmer impersonates CloudFlare library in clever scheme

URLs can be deceiving, but the one used to mimic CloudFlare’s Rocket Loader in the latest Magecart attack takes it to a whole new level.

Categories:

Tags:

(Read more…)

The post Rocket Loader skimmer impersonates CloudFlare library in clever scheme appeared first on Malwarebytes Labs.

Domen toolkit gets back to work with new malvertising campaign

We describe the latest malvertising campaign that uses Domen, an advanced social engineering toolkit.

Categories:

Tags:

(Read more…)

The post Domen toolkit gets back to work with new malvertising campaign appeared first on Malwarebytes Labs.

Magecart Group 4: A link with Cobalt Group?

Malwarebytes threat intel partnered with security firm HYAS to connect the dots between Magecart Group 4 and the advanced threat group Cobalt.

Categories:

Tags:

(Read more…)

The post Magecart Group 4: A link with Cobalt Group? appeared first on Malwarebytes Labs.

A week in security (June 24 – 30)

A roundup of cybersecurity news from June 24–30, including top malicious web campaigns, updates on the GreenFlash Sundown exploit, a Malwarebytes initiative to double down on stalkerware detection and awareness, and more.

Categories:

Tags:

(Read more…)

The post A week in security (June 24 – 30) appeared first on Malwarebytes Labs.

Mass WordPress compromises redirect to tech support scams

Thousands of WordPress sites have been injected with the same malicious redirection. We review the infection details and the malicious traffic leading to browser lockers.

Categories:

Tags:

(Read more…)

The post Mass WordPress compromises redirect to tech support scams appeared first on Malwarebytes Labs.

Explained: regular expression (regex)

What is regular expression (regex) and what makes it vulnerable to attack? Learn how to use regex safely and avoid ReDoS attacks in the process.

Categories:

Tags:

(Read more…)

The post Explained: regular expression (regex) appeared first on Malwarebytes Labs.