Compromising vital infrastructure: air traffic control

antispyware

While most of us know that flying is the safest mode of transport, we still feel that sigh of relief when the plane has made its landing on the runway and we can text our loved ones that we have arrived safe and sound. Accidents may be rare, but they’re often shocking and horrific and … [Read more…]

A new exploit for zero-day vulnerability CVE-2018-8589

Yesterday, Microsoft published its security bulletin, which patches a vulnerability discovered by our technologies. We reported it to Microsoft on October 17, 2018. The company confirmed the vulnerability and assigned it CVE-2018-8589. In October 2018, our Automatic Exploit Prevention (AEP) systems detected an attempt to exploit a vulnerability in Microsoft’s Windows operating system. Further analysis … [Read more…]

My precious: security, privacy, and smart jewelry

antispyware

Emery was staring at her computer screen for almost an hour, eyes already lackluster as the full-page ad on Motiv looped once more. She was contemplating whether she’d give in and get her boyfriend Ben a new fitness tracker as a present for his upcoming marathon. The phone app he was currently using worked, but … [Read more…]

TrickBot takes over as top business threat

Last quarter brought with it a maddening number of political ads, shocking and divisive news stories on climate change and gun laws, and mosquitoes. We hate mosquitoes. In related unpleasant news, it also apparently ushered in an era of banking Trojans that, as of this moment, shows no signs of slowing down. First it was … [Read more…]

Secret Sister scam returns in time for Christmas

antispyware

The festive season may be imminent, but it’s a Facebook Secret Sister (not Santa) you have to steer clear of. Secret Sister has been a mainstay of Yuletide scams since at least 2015, and has come back around once more. But what is it? Your office probably has a Secret Santa scheme in place. You draw … [Read more…]

IT threat evolution Q3 2018. Statistics

These statistics are based on detection verdicts of Kaspersky Lab products received from users who consented to provide statistical data. Q3 figures According to Kaspersky Security Network: Kaspersky Lab solutions blocked 947,027,517 attacks launched from online resources located in 203 countries. 246,695,333 unique URLs were recognized as malicious by Web Anti-Virus components. Attempted infections by … [Read more…]

IT threat evolution Q3 2018

Targeted attacks and malware campaigns Lazarus targets cryptocurrency exchange Lazarus is a well-established threat actor that has conducted cyber-espionage and cybersabotage campaigns since at least 2009. In recent years, the group has launched campaigns against financial organizations around the globe. In August we reported that the group had successfully compromised several banks and infiltrated a … [Read more…]

A week in security (November 5 – November 11)

antispyware

Last week on Malwarebytes Labs, we looked at browser lockers that fly under the radar with complete obfuscation, transport and logistics in our series about compromising vital infrastructure, Google logins now requiring JavaScript, how to create a sticky cybersecurity training program, and an introduction for Process Hacker. Other cybersecurity news Dutch police have achieved a breakthrough in intercepting … [Read more…]

What’s new in TrickBot? Deobfuscating elements

Trojan.TrickBot has been present in the threat landscape from quite a while. We wrote about its first version in October 2016. From the beginning, it was a well organized modular malware, written by developers with mature skills. It is often called a banker, however its modular structure allows to freely add new functionalities without modifying … [Read more…]

Advanced tools: Process Hacker

Process Hacker is a very valuable tool for advanced users. It can help them to troubleshoot problems or learn more about specific processes that are running on a certain system. It can help identify malicious processes and tell us more about what they are trying to do. Background information Process Hacker is an open source … [Read more…]