Virus / Malware

Retour à Sécurité

Malwarebytes

    • A look inside the FBI’s 2018 IC3 online crime report 24 avril 2019
      The FBI’s Internet Crime Complaint Center have released their annual Crime Report, with the most recent release focusing on 2018. While the contents may not surprise, it definitely cements some of the bigger threats to consumers and businesses—and not all of them are particularly high tech. Sometimes less is most definitely more. What is the Internet Crime Complaint Center? Good question. For thos …

    • Consumers have few legal options for protecting privacy 23 avril 2019
      There are no promises in the words, “We care about user privacy.” Yet, these words appear on privacy policy after privacy policy, serving as disingenuous banners to hide potentially invasive corporate practices, including clandestine data collection, sharing, and selling. This is no accident. It is a strategy. In the US, companies that break their own privacy policies can—and do—face lawsuits over …

    • Of hoodies and headphones: a spotlight on risks surrounding audio output devices 22 avril 2019
      More than a decade ago, cardiologists from the Beth Israel Medical Center in Boston presented their findings at the American Heart Association (AHA) Scientific Sessions 2008 about MP3 headphones causing disruptions with heart devices—such as the pacemaker and the implantable cardioverter defibrillator (ICD)—when the headphones were placed on their chests, directly over their devices’ locatio …

    • A week in security (April 15 – 21) 22 avril 2019
      Last week, Malwarebytes Labs revealed multiple giveaway online scam campaigns banking on the popularity (and generosity) of Ellen DeGeneres, weighed in on the hack that compromised legacy Microsoft email service accounts like Hotmail and MSN, explained what “like-farming” means and how to spot it on social media, and spotlighted on uncharacteristic executable file formats one of our researchers pr …

    • “Funky malware format” found in Ocean Lotus sample 19 avril 2019
      Recently, at the SAS conference I talked about “Funky malware formats”—atypical executable formats used by malware that are only loaded by proprietary loaders. Malware authors use them in order to make static detection more difficult, because custom formats are not recognized as executable by AV scanners. Using atypical formats may also slow down the analysis process because the file c …

    • Explained: like-farming 18 avril 2019
      Like-farming, aka like-harvesting, is a method used by commercial parties and scammers alike to raise the popularity of a site or domain. The ultimate dream of every like-farmer is for his post to go viral by accumulating as many likes and shares as possible from all over the world. Like-farmers rely on near-instinctual reactions from users by exploiting hot-button topics such as child rearing or …

    • Malware targeting industrial plants: a threat to physical security 17 avril 2019
      We live in a world where more and more manufacturing processes are controlled by computers that send instructions to robots. This might sound like a safe and efficient way of work, as it rules out human error, but what happens when a threat actor decides to target production servers? Consider these other process-killing scenarios: Would ransomware bring a plant to a grinding halt? Could a botnet t …

    • Hackers snab emails and more in Microsoft Outlook, Hotmail, and MSN compromise 16 avril 2019
      Long-time users of certain Microsoft products, such as Hotmail, MSN, and Outlook found they may be wrapped up in a hack grabbing snippets of email information, and in some cases, a little bit more. Microsoft email services have been around forever in Internet time. Yet, many users still have a few Hotmail accounts rattling around. While most have long since moved on from MSN and Hotmail to Live an …

    • Electrum Bitcoin wallets under siege 16 avril 2019
      By Adam Thomas and Jérôme Segura, with additional contributions from Vasilios Hioueras and S!Ri Since at least late December 2018, many users of the popular Electrum Bitcoin wallet have fallen victim to a series of phishing attacks, which we estimate netted crooks well over 771 Bitcoins—an amount equivalent to approximately $4 million USD at current exchange rates. Threat actors were able to trick …

    • Ellen DeGeneres giveaway scam spreading on social media 15 avril 2019
      Scammers are pushing multiple fake Facebook profiles of Ellen DeGeneres, popular US TV show host and producer, with the goal of tricking people into jumping through a few money-making hoops. This isn’t a sophisticated scam. It isn’t hacking the Gibson. It won’t be the focus of a cutting edge infosec talk. However, it’s certainly doing some damage—up to a point. This scam is a victim of its o …

    • A week in security (April 8 – 14) 15 avril 2019
      Last week on Labs, we said hello to Baldr, a new stealer on the market, we wondered who is managing the security of medical management apps, discussed the different perceptions of personal information, and we looked at fake Instagram assistance apps found on Google Play that are stealing passwords. Other cybersecurity news German pharmaceuticals giant Bayer says it has been hit by malware, possibl …

    • Fake Instagram assistance apps found on Google Play are stealing passwords 12 avril 2019
      We all want those Instagram likes and followers. Many apps on Google Play claim they can assist you with that effort. But what if the app that’s supposed to be helping you is also stealing your username and password?  As a matter of fact, that’s exactly what we found in three fake Instagram assistance apps still available on Google Play at the time of this writing. Moreover, these fake apps a …

    • What is personal information? In legal terms, it depends 11 avril 2019
      In early March, cybersecurity professionals around the world filled the San Francisco Moscone Convention Center’s sprawling exhibition halls to discuss and learn about everything infosec, from public key encryption to incident response, and from machine learning to domestic abuse. It was RSA Conference 2019, and Malwarebytes showed up to attend and present. Our Wednesday afternoon session—“One per …

    • Who is managing the security of medical management apps? 10 avril 2019
      One truth that is consistent across every sector—be it technology or education—is that software is vulnerable, which means that any device running software applications is also at risk. While virtually any application-running device could be compromised by an attacker, vulnerabilities in medical management apps pose a unique and more dangerous set of problems. Now add to vulnerabilities the issue …

    • Say hello to Baldr, a new stealer on the market 9 avril 2019
      By William Tsing, Vasilios Hioureas, and Jérôme Segura Over the past few months, we have noticed increased activity and development of new stealers. Unlike many banking Trojans that wait for the victim to log into their bank’s website, stealers typically operate in grab-and-go mode. This means that upon infection, the malware will collect all the data it needs and exfiltrate it right away. B …

    • A week in security (April 1 – 7) 8 avril 2019
      Last week, Malwarebytes Labs took readers on a brief tour of some of the world’s most notable data privacy laws, explored how gamers can protect themselves against cyberthreats, and offered thoughts about the reports that a 23-year-old Chinese woman gained access to President Donald Trump’s Mar-a-Lago resort while carrying four cellphones, a hard drive, a laptop, and a thumb drive that was “ …

    • Was this really an attempt by the Chinese? 3 avril 2019
      Last weekend, during President Trump’s visit to the Mar-a-Lago resort, a 23-year-old Chinese woman attempted to gain access to the Florida resort by lying and bluffing her way in. After some discussion at the gate, she was escorted to the reception of the resort where it was found out that she was not on the list of people that were allowed to enter. According to the report a search of her belongi …

    • How gamers can protect against increasing cyberthreats 3 avril 2019
      A few years ago, cybersecurity scryers predicted that the video gaming industry would be the next big target of cybercriminals. Whether this will come true in the future or not, the average gamer may have little to no idea of what awaits them, much less be prepared for it. In fact, while generally more technically adept than the average Joe, most gamers lack familiarity with risks they could encou …

    • The global data privacy roadmap: a question of risk 2 avril 2019
      For most American businesses, complying with US data privacy laws follows a somewhat linear, albeit lengthy, path. Set up a privacy policy, don’t lie to the consumer, and check the specific rules if you’re a health care provider, video streaming company, or kids’ app maker. For American businesses that want to expand to a new market, though, complying with global data privacy laws is more akin to …

    • Compromising vital infrastructure: water management 1 avril 2019
      It’s probably unnecessary to explain why water management is considered part of our vital infrastructure, but it’s a wider field than you might expect—and almost every one of its components can be integral to our survival. We all need clean water to drink. As much as I like my coffee, I can’t make it with contaminated liquids. And the farmers that grow our coffee need water to irrigate …

ESET

    • WannaCryptor ‘accidental hero’ pleads guilty to malware charges 23 avril 2019
      Marcus Hutchins, who is best known for his inadvertent role in blunting the WannaCryptor outbreak two years ago, may now face a stretch behind bars The post WannaCryptor ‘accidental hero’ pleads guilty to malware charges appeared first on WeLiveSecurity …

    • Week in security with Tony Anscombe 21 avril 2019
      Microsoft has admitted that some users of its web-based email services such as Outlook.com have had their account information and, in some cases, even email contents exposed The post Week in security with Tony Anscombe appeared first on WeLiveSecurity …

    • Embracing creativity to improve cyber-readiness 18 avril 2019
      How approaching cybersecurity with creativity in mind can lead to better protection from digital threats The post Embracing creativity to improve cyber-readiness appeared first on WeLiveSecurity …

    • Bug in EA’s Origin client left gamers open to attacks 17 avril 2019
      The gaming company has rolled out a fix for the remote code execution vulnerability, so make sure you run the platform’s latest version The post Bug in EA’s Origin client left gamers open to attacks appeared first on WeLiveSecurity …

    • Your Android phone can now double as a security key 16 avril 2019
      An extra layer of security never hurt anybody, and now you can turn your phone into a physical security key The post Your Android phone can now double as a security key appeared first on WeLiveSecurity …

    • Microsoft reveals breach affecting webmail users 15 avril 2019
      Some users of Microsoft’s web-based email services such as Outlook.com had their account information exposed in an incident that, as it later emerged, also impacted email contents The post Microsoft reveals breach affecting webmail users appeared first on WeLiveSecurity …

    • Hackers crack university defenses in just two hours 12 avril 2019
      More than 50 universities in the United Kingdom had their cyber-defenses tested by ethical hackers, and the ‘grades’ aren’t pretty The post Hackers crack university defenses in just two hours appeared first on WeLiveSecurity …

    • Week in security with Tony Anscombe 12 avril 2019
      ESET researchers publish their findings on a new malware variant that the OceanLotus group uses to target Mac users The post Week in security with Tony Anscombe appeared first on WeLiveSecurity …

    • WPA3 flaws may let attackers steal Wi-Fi passwords 11 avril 2019
      The new wireless security protocol contains multiple design flaws that hackers could exploit for attacks on Wi-Fi passwords The post WPA3 flaws may let attackers steal Wi-Fi passwords appeared first on WeLiveSecurity …

    • OceanLotus: macOS malware update 9 avril 2019
      Latest ESET research describes the inner workings of a recently found addition to OceanLotus’s toolset for targeting Mac users The post OceanLotus: macOS malware update appeared first on WeLiveSecurity …

    • Week in security with Tony Anscombe 5 avril 2019
      Two app developers stored more than half a billion records about Facebook users on unsecured cloud servers The post Week in security with Tony Anscombe appeared first on WeLiveSecurity …

    • 540 million records on Facebook users exposed by third-party apps 4 avril 2019
      The databases, sitting unprotected on cloud servers, contained reams of information amassed by two apps integrated with the social network The post 540 million records on Facebook users exposed by third-party apps appeared first on WeLiveSecurity …

    • NIST cybersecurity resources for smaller businesses 4 avril 2019
      How can smaller businesses address their cybersecurity risks without the resources of large organizations? The post NIST cybersecurity resources for smaller businesses appeared first on WeLiveSecurity …

    • Look who’s stalking 3 avril 2019
      Aren’t we just making it too easy for online followers to become real-life trackers with the amount of open data we are posting online? The post Look who’s stalking appeared first on WeLiveSecurity …

    • Cryptocurrency exchange loses millions in heist 1 avril 2019
      Bithumb believes that, unlike in past incidents, this theft was the work of rogue insiders The post Cryptocurrency exchange loses millions in heist appeared first on WeLiveSecurity …

    • Week in security with Tony Anscombe 29 mars 2019
      World Backup Day reminds businesses that they need to have data backup and recovery plans in place should the unthinkable happen The post Week in security with Tony Anscombe appeared first on WeLiveSecurity …

    • World Backup Day: Is your data in safe hands? 29 mars 2019
      World Backup Day is a reminder that organizations and individuals need to make data backup and protection a priority The post World Backup Day: Is your data in safe hands? appeared first on WeLiveSecurity …

    • Man jailed for destroying former employer’s data 28 mars 2019
      After he was fired for poor performance, the ex-employee was back with a vengeance, literally The post Man jailed for destroying former employer’s data appeared first on WeLiveSecurity …

    • Global police arrest dozens of people in dark web sting 27 mars 2019
      More trouble in dark markets? A notorious black-market bazaar announces plans to close up shop on the same day that police announce the arrests of 61 people The post Global police arrest dozens of people in dark web sting appeared first on WeLiveSecurity …

ESET Support