Virus / Malware

Retour à Sécurité

Malwarebytes

    • Report: Organizations remain vulnerable to increasing insider threats 5 décembre 2019
      The latest data breach at Capital One is a noteworthy incident not because it affected over 100 million customer records, 140,000 Social Security numbers (SSNs), and 80,000 linked bank accounts. Nor was it special because the hack was the result of a vulnerable firewall misconfiguration. Many still talk about this breach because a leak of this magnitude, which we’ve historically seen conduct …

    • Explained: What is containerization? 4 décembre 2019
      Containerization. Another one of those tech buzzwords folks love to say but often have no idea what it means. A better way to organize children’s toys? The act of bringing tupperware out to dinner to safely transport home leftovers? Another name for Russian dolls? Containerization is, of course, none of those things. But its definition might be best captured in a quick example rather than a …

    • There’s an app for that: web skimmers found on PaaS Heroku 4 décembre 2019
      Criminals love to abuse legitimate services—especially platform-as-a-service (Paas) cloud providers—as they are a popular and reliable hosting commodity used to support both business and consumer ventures. Case in point, in April 2019 we documented a web skimmer served on code repository GitHub. Later on in June, we observed a vast campaign where skimming code was injected into Amazon S3 buckets. …

    • New version of IcedID Trojan uses steganographic payloads 3 décembre 2019
      This blog post was authored by @hasherezade, with contributions from @siri_urz and Jérôme Segura. Security firm Proofpoint recently published a report about a series of malspam campaigns they attribute to a threat actor called TA2101. Originally targeting German and Italian users with Cobalt Strike and Maze ransomware, the later wave of malicious emails were aimed at the US and pushing the IcedID …

    • A week in security (November 25 – December 1) 2 décembre 2019
      Last week on Malwarebytes Labs, we discussed why the notion of “data as property” may potentially hurt more than help, homed in on sextortion scammers getting more creative, and explored the possible security risks Americans might face if the US changed to universal healthcare coverage. Other cybersecurity news The country of Venezuela turns to cybercrime as their economy continues to …

    • Would ‘Medicare for All’ help secure health data? 26 novembre 2019
      DISCLAIMER: This post is not partisan, but rather focuses on risk assessment based on history and what threats we are facing in the future. We do not endorse any healthcare plan style in any way, outside of examining its data security risk. For many folks, the term ‘Healthcare for All’ brings up an array of emotions ranging from concern to happiness, and with the changes that come with this policy …

    • Sextortion scammers getting creative 26 novembre 2019
      We’ve covered sextortion before, focusing in on how the core of the threat is an exercise in trust. The threat actor behind the campaign will use whatever information available on the target that causes them to trust that the threat actor does indeed have incriminating information on them. (They don’t.) But as public awareness of the scam grows, threat actors have to pivot to less expe …

    • ‘Data as property’ promises fix for privacy problems, but could deepen inequality 25 novembre 2019
      In mid-November, Democratic presidential hopeful Andrew Yang unveiled a four-prong policy approach to solving some of today’s thornier tech issues, such as widespread misinformation, technology dependence, and data privacy. Americans, Yang proposed, should receive certain, guaranteed protections for how their data is collected, shared, and sold—and if they choose to waive those rights, they should …

    • A week in security (November 18 – 24) 25 novembre 2019
      Last week on Malwarebytes Labs, we looked at stalkerware’s legal enforcement problem, announced our cooperation with other security vendors and advocacy groups to launch Coalition Against Stalkerware, published our fall 2019 review of exploit kits, looked at how Deepfake on LinkedIn makes for malign interference campaigns, rounded up our knowledge about the Disney+ security and service issues, exp …

    • IoT bills and guidelines: a global response 22 novembre 2019
      You may not have noticed, but Internet of Things (IoT) rules and regulations are coming whether manufacturers want them or not. From experience, drafting up laws which are (hopefully) sensible and have some relevance to problems raised by current technology is a time-consuming, frustrating process. However, it’s not that long since we saw IoT devices go mainstream—right into people’s homes, contro …

    • Web skimmer phishes credit card data via rogue payment service platform 21 novembre 2019
      Heading into the holiday shopping season, we have been tracking increased activity from a threat group registering domains for skimming and phishing campaigns. While most of the campaigns implemented a web skimmer in the typical fashion—grabbing and exfiltrating data from a merchant’s checkout page to an attacker-controlled server—a new attack scheme has emerged that tricks users into believ …

    • Explained: juice jacking 21 novembre 2019
      When your battery is dying and you’re nowhere near a power outlet, would you connect your phone to any old USB port? Joyce did, and her mobile phone got infected. How? Through a type of cyberattack called “juice jacking.” Don’t be like Joyce. Although Joyce and her infected phone are hypothetical, juice jacking is technically possible. The attack uses a charging port or infected …

    • Disney+ security and service issues: Here’s what we know so far 20 novembre 2019
      The long wait is over. Disney+, the new video-streaming service to rival Netflix and Amazon Prime, debuted last week to much fanfare, racking up 10 million subscribers within a single day of launch. Unfortunately, it wasn’t the kind of splash the majority of users predicted, as they were met with connection and performance issues out the gate—soon to be followed by reports of hacked accounts being …

    • Deepfakes and LinkedIn: malign interference campaigns 20 novembre 2019
      Deepfakes haven’t quite lost the power to surprise, but given their wholesale media saturation in the last year or so, there’s a sneaking suspicion in some quarters that they may have missed the bus. When people throw a fake Boris Johnson or Jeremy Corbyn online these days, the response seems to be fairly split between “Wow, that’s funny” and barely even amused. You may well be more likely t …

    • Exploit kits: fall 2019 review 19 novembre 2019
      Despite a slim browser market share, Internet Explorer is still being exploited in fall 2019 in a number of drive-by download campaigns. Perhaps even more surprising, we’re seeing new exploit kits emerge. Based on our telemetry, these drive-bys are happening worldwide (with the exception of a few that are geo-targeted) and are fueled by malvertising most often found on adult websites. Even t …

    • Malwarebytes teams up with security vendors and advocacy groups to launch Coalition Against Stalkerware 19 novembre 2019
      Today, Malwarebytes is announcing its participation in a joint effort to stop invasive digital surveillance: the Coalition Against Stalkerware. For years, Malwarebytes has detected and warned users about the potentially dangerous capabilities of stalkerware, an invasive threat that can rob individuals of their expectation of, and right to, privacy. Just like the domestic abuse it can enable, stalk …

    • A week in security (November 11 – 17) 18 novembre 2019
      Last week on Malwarebytes Labs, we offered statistics and information on a sneaky new Trojan malware for Android, inspected a bevy of current Facebook scams, and explained the importance of securing food and agriculture infrastructure. We also released our latest report on cybercrime tactics and techniques, offering new telemetry about the many cybersecurity threats facing the healthcare industry. …

    • Stalkerware’s legal enforcement problem 18 novembre 2019
      Content warning: This piece contains brief descriptions of domestic violence and assault against women and children. In the past five years, only two stalkerware developers, both of whom designed, marketed, and sold tools favored by domestic abusers to pry into victims’ private lives, have faced federal consequences for their actions. Following a guilty plea in court, one was ordered to pay $500,0 …

    • Stealthy new Android malware poses as ad blocker, serves up ads instead 14 novembre 2019
      Since its discovery less than a month ago, a new Trojan malware for Android we detect as Android/Trojan.FakeAdsBlock has already been seen on over 500 devices, and it’s on the rise. This nasty piece of mobile malware cleverly hides itself on Android devices while serving up a host of advertisements: full-page ads, ads delivered when opening the default browser, ads in the notifications, and even a …

    • Labs report finds cyberthreats against healthcare increasing while security circles the drain 13 novembre 2019
      The team at Malwarebytes Labs is at it again, this time with a special edition of our quarterly CTNT report—Cybercrime tactics and techniques: the 2019 state of healthcare. Over the last year, we gathered global data from our product telemetry, honeypots, threat intelligence, and research efforts, focusing on the top threat categories and families that plagued the medical industry, as well as the …

ESET

    • Face scanning – privacy concern or identity protection? 5 décembre 2019
      What issues would face scanning attached to a mobile device resolve and, if used correctly, would it make the incursion into my privacy acceptable? The post Face scanning – privacy concern or identity protection? appeared first on WeLiveSecurity …

    • Notorious spy tool taken down in global operation 3 décembre 2019
      IM-RAT, which could be had for as little as US$25, was bought by nearly 15,000 people The post Notorious spy tool taken down in global operation appeared first on WeLiveSecurity …

    • Week in security with Tony Anscombe 29 novembre 2019
      ESET researchers detail how the operators of the Stantinko botnet have expanded their toolset with a new means of profiting from computers under their control The post Week in security with Tony Anscombe appeared first on WeLiveSecurity …

    • Smartwatch exposes locations and other data on thousands of children 29 novembre 2019
      A device that is supposed to help parents keep track of their children and give them a peace of mind can be turned into a surveillance device The post Smartwatch exposes locations and other data on thousands of children appeared first on WeLiveSecurity …

    • 5 scams to watch out for this shopping season 28 novembre 2019
      Black Friday and Cyber Monday are just around the corner and scammers are gearing up to flood you with bogus offers The post 5 scams to watch out for this shopping season appeared first on WeLiveSecurity …

    • Stantinko botnet adds cryptomining to its pool of criminal activities 26 novembre 2019
      ESET researchers have discovered that the criminals behind the Stantinko botnet are distributing a cryptomining module to the computers they control The post Stantinko botnet adds cryptomining to its pool of criminal activities appeared first on WeLiveSecurity …

    • CyberwarCon – the future of nation‑state nastiness 25 novembre 2019
      How the field of play has changed and why endpoint protection still often comes down to doing the basics, even in the face of increasingly complex threats The post CyberwarCon – the future of nation‑state nastiness appeared first on WeLiveSecurity …

    • Week in security with Tony Anscombe 22 novembre 2019
      ESET researchers publish their findings on Mispadu, a banking trojan targeting Brazil and Mexico, and on DePriMon, a downloader with a unique installation technique The post Week in security with Tony Anscombe appeared first on WeLiveSecurity …

    • Should cybersecurity be taught in schools? 22 novembre 2019
      Experts weigh in on whether schools should teach kids the skills they need to safely reap the benefits of the online world The post Should cybersecurity be taught in schools? appeared first on WeLiveSecurity …

    • What does it take to attract top cybersecurity talent? 20 novembre 2019
      From professional backgrounds to competitive salaries – a study delves into what it takes to build strong cybersecurity teams The post What does it take to attract top cybersecurity talent? appeared first on WeLiveSecurity …

    • Disney+ accounts hacked – How to protect yourself 18 novembre 2019
      As users are losing access to their accounts by the dozens, we offer a few tips to help keep your streaming subscriptions safe The post Disney+ accounts hacked – How to protect yourself appeared first on WeLiveSecurity …

    • Week in security with Tony Anscombe 15 novembre 2019
      ESET experts share how they got started in cybersecurity and whether or not a degree is needed for a career in the industry The post Week in security with Tony Anscombe appeared first on WeLiveSecurity …

    • Getting into cybersecurity: Self‑taught vs. university‑educated? 14 novembre 2019
      Are you considering a career in cybersecurity? What learning path(s) should you take? Does formal education matter? ESET experts share their insights. The post Getting into cybersecurity: Self‑taught vs. university‑educated? appeared first on WeLiveSecurity …

ESET Support