Malware

Google

Google ‘Irresponsibly’ Discloses Windows Zero-Day

| | Google Chrome, Google Project Zero, Microsoft Windows, SB Blogwatch
Google discovered a “threat actor” exploiting a pair of bugs—one in Chrome and one in Windows ...
Security Boulevard
CSS-JS Steganography in Fake Flash Player Update Malware

CSS-JS Steganography in Fake Flash Player Update Malware

| | Black Hat Tactics, Hacked Websites, Malware, Obfuscation, Phishing, Security Education, Sucuri Labs, Website Malware Infections, Website Security
This summer, MalwareBytes researcher Jérôme Segura wrote an article about how criminals use image files (.ico) to hide JavaScript credit card stealers on compromised e-commerce sites. In a tweet, Affable Kraut also ...
Sucuri Blog

Honorably Serving Our Veterans Wherever the Mission Goes

| | COVID-19, Cybersecurity, Digital Transformation, drive-by attacks, expanding attack surface, Federal Security, IT modernization, Malware, Menlo Security, Phishing, Ransomware, VA, Veterans Affairs, Web Isolation
The VA Has an Opportunity to Rethink Its Cybersecurity Posture in the New Normal with Cloud Web Isolation. Covid-19 and its impact have pushed federal workers out from behind the firewall to ...
Menlo Security Blog
Reflected XSS in WordPress v5.5.1 and Lower

Reflected XSS in WordPress v5.5.1 and Lower

| | Black Hat Tactics, Hacked Websites, Malware, Sucuri Labs, Vulnerability Disclosure, Website Security, wordpress security
WordPress released version 5.5.2 yesterday, which fixed a reflected XSS vulnerability we reported earlier this year. The root cause of this issue is a bug in the way WordPress determines a user’s ...
Sucuri Blog
Egregor

Egregor: Sekhmet’s Cousin

| | Egregor, Malware, Sekhmet
The year 2020 will be remembered none too fondly for several reasons. For much of the world, the global pandemic that resulted in many countries going into lockdowns resulting in massive disruptions ...
Security Boulevard
ransomware

Ransomware’s Next Target: Backup Data

| | backups, encrypted files, Malware, Ransomware
Ransomware is a big business today and getting bigger all the time. It is so profitable that organized crime and state actors have gotten into it in a big way. It is ...
Security Boulevard
Targeted Attacks Part 3 - The Exploit

Targeted Attacks Part 3 – The Exploit

| | attacks, Cybersecurity, Digital Privacy, Episodes, Exploit, Exploits, Malware, Monthly Edition, Phishing, Podcast, pretext, Privacy, social engineering, Targeted attacks
In our October monthly episode we finish our three part series on targeted attacks. In this episode we discuss the exploit and malware analysis with special guest Tyler Hudak, Incident Response Practice ...
The Shared Security Show
P.A.S. Fork v. 1.0 — A Web Shell Revival

P.A.S. Fork v. 1.0 — A Web Shell Revival

| | Black Hat Tactics, Hacked Websites, Malware, Obfuscation, Security Education, Sucuri Labs, Website Backdoor, Website Malware Infections, Website Security
A PHP shell containing multiple functions can easily consist of thousands of lines of code, so it’s no surprise that attackers often reuse the code from some of the most popular PHP ...
Sucuri Blog
R_Evil WordPress Hacktool & Malicious JavaScript Injections

R_Evil WordPress Hacktool & Malicious JavaScript Injections

| | Black Hat Tactics, Hacked Websites, Malware, Sucuri Labs, Website Malware Infections, Website Security, wordpress security
We often see hackers reusing the same malware, with only a few new adjustments to obfuscate the code so that it is more difficult for scanning tools to detect. However, sometimes entirely ...
Sucuri Blog
GRU

GRU Agents Indicted for Hacking Multiple Targets

| | GRU, NotPetya, olympics, Russia, Sandworm, SB Blogwatch
The DoJ has charged six Russians, allegedly working for the GRU, with a huge range of computer crimes ...
Security Boulevard
Load more