Malwarebytes Labs

Ransomware cyberattack forces New Mexico jail to lock down

This attack forced the facility to suspend all prison visits, including from family members and lawyers, which the facility claimed was for the safety of everyone involved.

What SMBs can do to protect against Log4Shell attacks

This flaw allows hackers to worm their way into unpatched systems to take control. It’s can endanger any endpoint because of its ultra-wide attack surface and the accompanying damage potential.

Emotet being spread via malicious Windows App Installer packages

Microsoft’s Azure cloud services have become an attractive option for attackers to store content. Not just for malicious files as in the case of Emotet, but also for phishing sites and C2 servers.

SideCopy APT: Connecting lures to victims, payloads to infrastructure

The phishing lures used by SideCopy APT are usually aimed at delivering archive files that have embedded one of these files: Lnk, Microsoft Publisher, or Trojanized Applications.

"Free Steam games" videos promise much, deliver malware

In all cases, “free Steam keys” are the name of the fake game. No matter which of the many accounts post up these videos, they all typically link to the same download hosting site.

A multi-stage PowerShell based attack targets Kazakhstan

A threat actor under the user name of DangerSklif (perhaps in reference to Moscow’s emergency hospital) created a GitHub account and uploaded the first part of the attack on November 8.

Mozilla fixes security vulnerabilities in Firefox 94

In a security advisory, Mozilla’s announced that several security issues in its Firefox browser have been fixed. Several of these vulnerabilities were listed as having a high impact.

This Steam phish baits you with free Discord Nitro

There’s a fresh, active scam circulating in Discord right now that is propagated by either bot accounts or accounts controlled by scammers. Discord users are directed to a spoofed Discord page.

Lessons from a real-life ransomware attack

According to the Ransomware Task Force, ransomware recovery efforts can last an average of 287 days. The biggest claimed defense to ransomware attacks—backups— can also often fail.

Watch out for the Steam skin "free knife" scam

It’s a tactic designed to scam people in the fastest way imaginable. The scammer makes a minimal effort, they send a message to potential victims on Steam or on services such as Discord.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags