A look into the Drupalgeddon client-side attacks

A look into the Drupalgeddon client-side attacks

Back-to-back Drupal zero-day vulnerabilities are being monetized with malicious web cryptominers. Categories: Cryptomining Threat analysis Tags: CMScontent management systemsdrupaldrupalgeddonmalicious cryptomining (Read more...) The post A look into the Drupalgeddon client-side attacks appeared first on Malwarebytes Labs ... Read More
Adobe Reader zero-day discovered alongside Windows vulnerability

Adobe Reader zero-day discovered alongside Windows vulnerability

A new Adobe Reader zero-day exploit has been discovered, including a full sandbox escape. Categories: Exploits Threat analysis Tags: 0dayadobeAdobe ReaderCVE-2018-4990CVE-2018-8120zero day (Read more...) The post Adobe Reader zero-day discovered alongside Windows vulnerability appeared first on Malwarebytes Labs ... Read More
Internet Explorer zero-day: browser is once again under attack

Internet Explorer zero-day: browser is once again under attack

Internet Explorer is yet again leveraged for a zero-day exploit delivered via Office document—the first zero-day observed for IE in over two years. Categories: Exploits Threat analysis Tags: 0dayCVE-2018-8174zero day (Read more...) The post Internet Explorer zero-day: browser is once again under attack appeared first on Malwarebytes Labs ... Read More
Shoppers Stop tech scam draws from thousands of forced ad injections

Shoppers Stop tech scam draws from thousands of forced ad injections

The same group behind the Shoppers Stop tech scam campaign is at it again, injecting malicious ad code into thousands of sites and redirecting to a templated warning page. Categories: Social engineering Threat analysis Tags: malvertisingtech support scamsTSSWP-VCD (Read more...) The post Shoppers Stop tech scam draws from thousands of ... Read More
Magnitude exploit kit switches to GandCrab ransomware

Magnitude exploit kit switches to GandCrab ransomware

After being faithful to its own Magniber ransomware for several months, Magnitude EK joins others to adopt GandCrab. Categories: Exploits Threat analysis Tags: EKexploit kitgandcrabMagnituderansomware (Read more...) The post Magnitude exploit kit switches to GandCrab ransomware appeared first on Malwarebytes Labs ... Read More
‘FakeUpdates’ campaign leverages multiple website platforms

‘FakeUpdates’ campaign leverages multiple website platforms

Browser update? Do not trust, and do verify before downloading potential malware. Categories: Social engineering Threat analysis Tags: chromeChtonicfake updatesFakeUpdatesfirefoxflashJoomlamalvertisingmalwareratSquarespacewordpress (Read more...) The post ‘FakeUpdates’ campaign leverages multiple website platforms appeared first on Malwarebytes Labs ... Read More
Exploit kits: Winter 2018 review

Exploit kits: Winter 2018 review

In this Winter 2018 review, we check the pulse of exploit kits and their latest developments. Categories: Exploits Threat analysis Tags: CVE-2014-6332CVE-2015-2419CVE-2015-7645CVE-2015-8651CVE-2016-0189CVE-2018-4878EKsexploit kitsgrandsoftGreenFlash SundownMagnitudeRIG (Read more...) The post Exploit kits: Winter 2018 review appeared first on Malwarebytes Labs ... Read More
Malicious cryptomining and the blacklist conundrum

Malicious cryptomining and the blacklist conundrum

When threat actors take to free and disposable cloud services, the battle against malicious cryptomining becomes a lot more difficult. Categories: Cryptomining Threat analysis Tags: adblockersblacklistcoinhivecryptominerscryptominingGitHub (Read more...) The post Malicious cryptomining and the blacklist conundrum appeared first on Malwarebytes Labs ... Read More
New RIG malvertising campaign uses cryptocurrency theme as decoy

New RIG malvertising campaign uses cryptocurrency theme as decoy

This malvertising campaign uses a popular cryptocurrency theme to redirect users to the RIG exploit kit. Categories: Exploits Threat analysis Tags: cryptocurrenciesmalvertisingRIGRIGEK (Read more...) The post New RIG malvertising campaign uses cryptocurrency theme as decoy appeared first on Malwarebytes Labs ... Read More
The state of malicious cryptomining

The state of malicious cryptomining

From malware coin miners to drive-by mining, we review the state of malicious cryptomining in the past few months by looking at the most notable incidents and our own telemetry stats. Categories: Cybercrime Tags: coin minerscoin-haveCoinbasecoinhivecrypto-lootcryptocurrencycryptominingdrive-bymalvertisingmalwaremonero (Read more...) The post The state of malicious cryptomining appeared first on Malwarebytes Labs ... Read More
Loading...