Credit to Author: Pieter Arntz| Date: Thu, 05 Oct 2017 16:19:25 +0000
 | |
| ILSpy is an open-source .NET assembly browser and decompiler. We demonstrate its use looking at a simple adware file. Categories: Tags: .NETadwareassemblydecompiledotdograndfather.exeilspyPieter Arntz |
The post Using ILSpy to analyze a small adware file appeared first on Malwarebytes Labs.
Read moreCredit to Author: Jérôme Segura| Date: Thu, 28 Sep 2017 14:58:32 +0000
 | |
| See how scammers redirected visitors from MSN to their tech support scam page in this latest malvertising campaign. Categories: Tags: click baitfraudmalvertisingmsnTaboolatech support scams |
The post Tech support scammers abuse native ad and content provider Taboola to serve malvertising (updated) appeared first on Malwarebytes Labs.
Read moreCredit to Author: Jérôme Segura| Date: Thu, 28 Sep 2017 14:58:32 +0000
| |
| See how scammers redirected visitors from MSN to their tech support scam page in this latest malvertising campaign. Categories: Tags: click baitfraudmalvertisingmsnTaboolatech support scams |
The post Tech support scammers abuse native ad and content provider Taboola to serve malvertising appeared first on Malwarebytes Labs.
Read moreCredit to Author: Malwarebytes Labs| Date: Wed, 27 Sep 2017 01:06:51 +0000
 | |
| In this post, we take apart a clever set of scripts used in a targeted attack against the government of Saudi Arabia. Categories: Tags: espionagegovermentmacromicrosoft wordpowershellsaudi arabiascriptingtrojan |
The post Elaborate scripting-fu used in espionage attack against Saudi Arabia Government entity appeared first on Malwarebytes Labs.
Read moreCredit to Author: Malwarebytes Labs| Date: Wed, 27 Sep 2017 01:06:51 +0000
| |
| In this post, we take apart a clever set of scripts used in a targeted attack against the government of Saudi Arabia. Categories: Tags: espionagegovermentmacromicrosoft wordpowershellsaudi arabiascriptingtrojan |
The post Elaborate scripting-fu used in espionage attack against Saudi Arabia Government appeared first on Malwarebytes Labs.
Read moreCredit to Author: Jérôme Segura| Date: Mon, 25 Sep 2017 17:16:27 +0000
 | |
| Cryptomining in the browser is all the rage lately. But what are the impacts for users when it is being abused by dubious publishers? Categories: Tags: adsbrowsercoinhivecryptominercryptominingcryptonightexploit kitJSmalvertisingmalware |
The post Drive-by mining and ads: The Wild Wild West appeared first on Malwarebytes Labs.
Read moreCredit to Author: Jérôme Segura| Date: Thu, 21 Sep 2017 15:00:24 +0000
 | |
| Threat actors leverage a Microsoft Office exploit to spy on their victims. In this blog post, we will review its delivery mechanism and analyze the malware we observed, a modified version of a commercial Remote Administration Tool (RAT). Categories: Tags: CP2000CVE-2017-0199docexploitIRSmalspammalwareOfficephishingratremote administration toolRMSspyword |
The post Fake IRS notice delivers customized spying tool appeared first on Malwarebytes Labs.
Read moreCredit to Author: Pieter Arntz| Date: Fri, 15 Sep 2017 15:00:08 +0000
 | |
| YARA is a tool that can be used to identify files that meet certain conditions. It is mainly in use by security researchers to classify malware. Categories: Tags: ExplainedmalwarePieter Arntzrulesthe more you knowyara |
The post Explained: YARA rules appeared first on Malwarebytes Labs.
Read more