A week in security (August 27 – September 2)
Malwarebytes Labs | | email, eu telecoms, fake news, hacker, Malware, Mobile, Privacy, Security world, Week in security
A round-up of the security news from August 27 – September 2, including ransomware, interesting talks during BlackHat, botnets, and the evils of JavaScript. Categories: Security world Week in security Tags: emaileu ...
Explained: regular expression (regex)
Pieter Arntz | | Business, ddos, Javascript, node.js, redos, regex, search, Server, technology, vulnerability
What is regular expression (regex) and what makes it vulnerable to attack? Learn how to use regex safely and avoid ReDoS attacks in the process. Categories: Business Technology Tags: ddosJavaScriptnode.jsredosregexsearchservervulnerability (Read more...) ...
Reversing malware in a custom format: Hidden Bee elements
hasherezade | | custom malware, hidden bee, hidden bee miner, Malware, payload, Reverse Engineering, reversing malware, Threat analysis
When we recently analyzed payloads related to Hidden Bee (dropped by the Underminer EK), we noticed something unusual. After reversing the malware, we discovered that its authors actually created their own executable ...
Fileless malware: getting the lowdown on this insidious threat
Vasilios Hioureas | | file history, fileless infections, fileless malware, fileless malware attacks, Kovter, magnitude EK, Malware, poweliks, powershell, ram, samsam, samsam ransomware, semi-fileless, SOC team, Threat analysis, Windows
In this series of articles, we provide an in-depth discussion of fileless malware and their related attacks. In part one, we cover a brief overview of the problems with and general features ...
Official Cardi B website plagued by spammers
Christopher Boyd | | blog comments, cardi b, cardib, cybercrime, developers, GDPR, moderation, online privacy, Privacy, Spam, spammers, Videos, website. spam, YouTube
Over the past few days, fans of singer Cardi B noticed her website was slowly filling up with spam. We take a look at what happened. Categories: Cybercrime Privacy Tags: blog commentscardi ...
Mobile Menace Monday: FakeGift is the gift that keeps on frustrating
Nathan Collier | | android, cybercrime, fakegift, Google Play, Mobile, mobile menace monday, mobile riskware, PUP, triple m
Last spring, we found yet another piece of riskware on Google Play we call Android/PUP.Riskware.FakeGift. FakeGift does exactly what its name implies: gives its users fake gifts that can be redeemed for...absolutely ...
A week in security (August 20 – 26)
Malwarebytes Labs | | a week in security, badgelife, Cobalt Dickens, Cybersecurity, cybersecurity awareness, digital entropy of death, Elections, facebook, google, green card scam, Privacy, project insecurity, Ransomware, recap, Ryuk, search browser extensions, Security world, superdrug, the lazarus group, Twitch, Vulnerabilities, Week in security, weekly blog roundup
A roundup of the security news from August 20 – 26, including a look at insider threats, several breaches, and what tech giants Google and Facebook are doing about their privacy issues ...
Green card scams: preying on the desperate
Most online scams depend on two things: a legitimate entity that has a complicated or broken process, and a desperate target population. With immigration, you get both, which results in an environment ...
Can search extensions keep your searches private?
A lot of search extensions have been marketed over the year claiming to protect online privacy. Are they worth installing? We take a look at what these plugins actually have to offer ...
Badgelife: A Defcon 26 retrospective
Another year, another Defcon. In this retrospective, we take a look at the crown jewel of Defcon swag: badges. Reminisce with us about the coolest badges ever made and traded. Categories: Conferences ...