Credit to Author: Jérôme Segura| Date: Thu, 10 May 2018 19:58:00 +0000
 | |
| Internet Explorer is yet again leveraged for a zero-day exploit delivered via Office document—the first zero-day observed for IE in over two years. Categories: Tags: 0dayCVE-2018-8174zero day |
The post Internet Explorer zero-day: browser is once again under attack appeared first on Malwarebytes Labs.
Read moreCredit to Author: Christopher Boyd| Date: Wed, 09 May 2018 17:00:54 +0000
 | |
| We take a look at a new Netflix phish in circulation, using the time-honored trick of claiming the recipient is about to lose access unless they hand over some personal information. Categories: Tags: Appleemailemailsnetflixnetflix phishphishphishingscam |
The post Netflix phish claims your membership is on hold appeared first on Malwarebytes Labs.
Read moreCredit to Author: Malwarebytes Labs| Date: Tue, 08 May 2018 16:00:27 +0000
 | |
| Kuik adware, which forces affected machines to join a domain controller, is using this unusual technique to push Google Chrome extensions and coin miner applications. In this blog, we’ll provide technical analysis of the adware and custom removal instructions. Categories: Tags: adwarekuikkuik adwareremoval |
The post Kuik: a simple yet annoying piece of adware appeared first on Malwarebytes Labs.
Read moreCredit to Author: Jérôme Segura| Date: Tue, 08 May 2018 13:25:00 +0000
 | |
| The same group behind the Shoppers Stop tech scam campaign is at it again, injecting malicious ad code into thousands of sites and redirecting to a templated warning page. Categories: Tags: malvertisingtech support scamsTSSWP-VCD |
The post Shoppers Stop tech scam draws from thousands of forced ad injections appeared first on Malwarebytes Labs.
Read moreCredit to Author: Malwarebytes Labs| Date: Thu, 03 May 2018 17:44:18 +0000
 | |
| The Necurs gang tries out a new trick to load malware and bypass security defenses. Categories: Tags: botnetmalspamnecurssambaSMBspam |
The post Internet Shortcut used in Necurs malspam campaign appeared first on Malwarebytes Labs.
Read moreCredit to Author: Vasilios Hioureas| Date: Mon, 30 Apr 2018 17:40:09 +0000
 | |
| Spartacus ransomware is a fairly new variant seen in 2018. We’ll walk you through the malware sample to analyze the code in detail, and help you learn how to get an obfuscated .NET sample into a readable state. Categories: Tags: malware analysisransomwareSpartacusSpartacus ransomware |
The post Spartacus ransomware: introduction to a strain of unsophisticated malware appeared first on Malwarebytes Labs.
Read moreCredit to Author: Thomas Reed| Date: Tue, 24 Apr 2018 16:30:00 +0000
 | |
| A new variant of the Crossrider adware has been spotted that is infecting Macs in a unique way, using a configuration profile to keep its effects resident in the system. Categories: Tags: Advanced Mac Cleaneradwareconfiguration profileconfiguration profilescrossridermac |
The post New Crossrider variant installs configuration profiles on Macs appeared first on Malwarebytes Labs.
Read moreCredit to Author: hasherezade| Date: Wed, 18 Apr 2018 15:00:00 +0000
 | |
| Recently, we came across a Python-based sample dropped by an exploit kit. Although it arrives under the disguise of a MinerBlocker, it has nothing in common with miners. In fact, it seems to be PBot: a Python-based adware. Categories: Tags: adwarePBotpbot adwarepythonpython-based adware |
The post PBot: a Python-based adware appeared first on Malwarebytes Labs.
Read more