Monthly Archives: August 2018

Black Hat USA 2018: ransomware is still the star

The Malwarebytes team was at the annual Black Hat USA event held in Las Vegas at the Mandalay Bay Hotel from August 4–9. Large crowds walked through the expo floor, attended talks, and participated in trainings. Among the many topics … Continue reading

Posted in Antivirus | Comments Off on Black Hat USA 2018: ransomware is still the star

Under the hoodie: why money, power, and ego drive hackers to cybercrime

Just one more hour behind the hot grill flipping burgers, and Derek* could call it a day. Under his musty hat, his hair was matted down with sweat, and his work uniform was spattered with grease. He knew he’d smell … Continue reading

Posted in Antivirus | Comments Off on Under the hoodie: why money, power, and ego drive hackers to cybercrime

Spam and phishing in Q2 2018

Quarterly highlights GDPR as a phishing opportunity In the first quarter, we discussed spam designed to exploit GDPR (General Data Protection Regulation), which came into effect on May 25, 2018. Back then spam traffic was limited to invitations to participate … Continue reading

Posted in Antivirus | Comments Off on Spam and phishing in Q2 2018

Back to school cybersecurity: hints, tips, and links for a safer school year

It’s that time of year again when parents are slowly gearing up for a new school term. Some schools have a strict policy of only using their own pre-approved lab devices, while others allow students to bring their own devices. … Continue reading

Posted in Antivirus | Comments Off on Back to school cybersecurity: hints, tips, and links for a safer school year

KeyPass ransomware

In the last few days, our anti-ransomware module has been detecting a new variant of malware – KeyPass ransomware. Others in the security community have also noticed that this ransomware began to actively spread in August: Notification from MalwareHunterTeam Distribution … Continue reading

Posted in Antivirus | Comments Off on KeyPass ransomware

Process Doppelgänging meets Process Hollowing in Osiris dropper

One of the Holly Grails for malware authors is a perfect way to impersonate a legitimate process. That would allow them to run their malicious module under the cover, being unnoticed by antivirus products. Over the years, various techniques have … Continue reading

Posted in Antivirus | Comments Off on Process Doppelgänging meets Process Hollowing in Osiris dropper

A week in security (August 6 – 12)

Last week, we published a review of exploit kits, talked about everyday tech that can give you a headache, and showed how to protect RDP access from ransomware. We also published a study on the true cost of cybercrime. Other … Continue reading

Posted in Antivirus | Comments Off on A week in security (August 6 – 12)

How to protect your RDP access from ransomware attacks

You didn’t really think that the ransomware wave was coming to an end, did you? You’d be tempted to think so, given the decline in reports about massive ransomware campaigns. But this relative radio silence may be due to some … Continue reading

Posted in Antivirus | Comments Off on How to protect your RDP access from ransomware attacks

Osiris dropper found using process doppelgänging

Process doppelgänging, a new technique of impersonating a process, was published last year at Black Hat conference. After some time, a ransomware named SynAck was discovered that adopted this process for malicious purposes. However, this technique is still pretty rare in wild. … Continue reading

Posted in Antivirus | Comments Off on Osiris dropper found using process doppelgänging

8 everyday technologies that can make you vulnerable to cyberattacks

The technological advances of the modern world make for an exciting and convenient lifestyle. With each new development, from artificial intelligence to the Internet of Things, we make the mundane and tedious more manageable. The security vulnerabilities of the latest … Continue reading

Posted in Antivirus | Comments Off on 8 everyday technologies that can make you vulnerable to cyberattacks