Vidar Infostealer Spreads via Fake CAPTCHAs, Hides in JPEG and TXT Files

New version of Vidar infostealer spreads via fake CAPTCHAs, hides in JPEG and TXT files, uses fileless attacks and steals browser, crypto wallet data...

Active HanGhost Loader Campaign Targets Enterprise Payment and Logistics Workflows

Active HanGhost Loader campaign targets enterprise payment and logistics workflows with fileless attacks, multi-stage execution, and stealthy malware delivery...

Webinar: Learn How AI-Powered Zero Trust Detects Attacks with No Files or Indicators

Security teams are still catching malware. The problem is what they're not catching. More attacks today don't arrive as files. They don't drop binaries. They don't trigger classic alerts. Instead, they run quietly through tools that already exist inside the environment — scripts, remote access,...

Fileless Attacks Prompt Intel’s Next-Gen Security

Discover how Trend is strengthening its endpoint solutions to detect fileless attacks earlier. By leveraging Intel Threat Detection Technology, Trend enhances the scalability and resiliency of its solutions...

A week in security (April 24 -30)

Last week on Malwarebytes Labs: LockBit and Cl0p ransomware gangs actively exploiting Papercut vulnerabilities Update now: Critical flaw in VMWare Fusion and VMWare Workstation Magecart threat actor rolls out convincing modal forms Fileless attacks: How attackers evade traditional AV and how to...

Fileless attacks: How attackers evade traditional AV and how to stop them

When you hear about malware, theres a good chance you think of sketchy executables or files with extensions like .DOCX or .PDF that, once opened, execute malicious code. These are examples of file-based attacks--and while they can be bad, theyre nothing compared to their fileless cousins. As the...

Malwarebytes receives highest rankings in recent third-party tests

Malwarebytes Endpoint Protection continues to receive outstanding results in third-party testing. Our recent participation in two highly-regarded industry evaluations, namely MRG-Effitas and Info-Techs Data Quadrant Report, reflects our belief that continual testing and unbiased validation are...

Azure LoLBins: Protecting against the dual use of virtual machine extensions

Azure Defender for Resource Manager offers unique protection by automatically monitoring the resource management operations in your organization, whether theyre performed through the Azure portal, Azure REST APIs, Azure CLI, or other Azure programmatic clients. In this blog, we will look into the...

North Korea-Backed Spy Group Poses as Reporters in Spearphishing Attacks, Feds Warn

The North Korean advanced persistent threat APT group known as Kimsuky is actively attacking commercial-sector businesses, often by posing as South Korean reporters, according to an alert from the U.S. Cybersecurity and Infrastructure Security Agency CISA. Kimsuky a.k.a. Hidden Cobra has been...

This Week in Security News: 7 Tips for Security Pros Patching in a Pandemic and Coinminer, DDoS Bot Attack Docker Daemon Ports

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about a malicious cryptocurrency miner and Distributed Denial of Service DDoS bot that targets open Docker daemon ports. Also, learn...

Fileless Attacks: The Next Frontier for Cybercrime

The world of cybersecurity is rapidly evolving, and so are the methods of cybercriminals. More and more attackers are moving away from traditional malware—in fact, 60% of today’s attacks involve fileless techniques. A fileless attack also known as a “memory-based” or “live-off-the-land” attack is...

Exploit kits: fall 2019 review

Despite a slim browser market share, Internet Explorer is still being exploited in fall 2019 in a number of drive-by download campaigns. Perhaps even more surprising, we're seeing new exploit kits emerge. Based on our telemetry, these drive-bys are happening worldwide with the exception of a few...

The Hottest Malware Hits of the Summer

It's been a summer of ransomware hold-ups, supply chain attacks and fileless attacks flying under the radar of old-school security. With malware running amok while we were lying on the beach, here's a recap of the most burning strains and trends seen in the wild during the months of July and Augu...

The Hottest Malware Hits of the Summer

It's been a summer of ransomware hold-ups, supply chain attacks and fileless attacks flying under the radar of old-school security. With malware running amok while we were lying on the beach, here's a recap of the most burning strains and trends seen in the wild during the months of July and Augu...

Watch Out! Microsoft Spotted Spike in Astaroth Fileless Malware Attacks

Security researchers at Microsoft have released details of a new widespread campaign distributing an infamous piece of fileless malware that was primarily being found targeting European and Brazilian users earlier this year. Dubbed Astaroth, the malware trojan has been making the rounds since at...

Attack Madness: The “Final Four” Cyber Threats According to Security Professionals

In the spirit of March Madness, we’re evaluating the type of cyberattacks that most concern our community of security experts. When approximately one million cyberattacks are attempted per day, this “madness” takes on a whole new level for organizations looking to protect themselves against the...

Carbon Black Global Threat Report: ‘The Year of the Next-Gen Cyberattack’

In 2016, fileless attacks such as PowerWare and the alleged hack against the Democratic National Committee DNC stole sensitive information and global headlines. In 2017, WannaCry, NotPetya and BadRabbit demonstrated ransomware’s global ubiquity. Then, as we kicked off 2018, the Spectre and Meltdo...

Top 5 Threat Hunting Myths: “Threat Hunting Is Just a Fad”

The cybersecurity landscape is in a constant state of change and, as many organizations have learned, it’s no longer a matter of if you’ll face a cyberattack, but when. In today’s world, attackers intentionally look normal to evade automated defenses. With the rise of ransomware, fileless and...

Top 5 Threat Hunting Myths: “Threat Hunting Isn’t Worth My Time”

The cybersecurity landscape is in a constant state of change and, as many organizations have learned, it’s no longer a matter of if you’ll face a cyberattack, but when. In today’s world, attackers intentionally look normal to evade automated defenses. With the rise of ransomware, fileless and...

DarkVishnya: Banks attacked through direct connection to local network

While novice attackers, imitating the protagonists of the U.S. drama Mr. Robot, leave USB flash drives lying around parking lots in the hope that an employee from the target company picks one up and plugs it in at the workplace, more experienced cybercriminals prefer not to rely on chance. In...