Covid-related malspam campaign impersonates U.S. Treasury to steal taxpayer credentials
The advocacy group Abuse.ch has found a Covid-19-related malspam campaign that impersonates the U.S. Treasury Department and more than likely...
Security
10 best practices for MSPs to secure their clients and themselves from ransomware
Lock-downs and social distancing may be on, but when it comes to addressing the need for IT support—whether by current...
Phishing Attacks Can Now Dodge Microsoft 365’s Multi-Factor Authentication
Of late a phishing attack was found to be stealing confidential user data that was stored on the cloud. As...
IT threat evolution Q1 2020. Statistics
These statistics are based on detection verdicts for Kaspersky products received from users who consented to providing statistical data. Quarterly...
IT threat evolution Q1 2020
Targeted attacks and malware campaigns Operation AppleJeus: the sequel In 2018, we published a report on Operation AppleJeus, one of...
Web Hacker’s Weapons – A Collection Of Cool Tools Used By Web Hackers
A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting.WeaponsType Name DescriptionArmy-Knife/ALL BurpSuite the BurpSuite project...
Spray – A Password Spraying Tool For Active Directory Credentials By Jacob Wilkin(Greenwolf)
A Password Spraying tool for Active Directory Credentials by Jacob Wilkin(Greenwolf)Getting StartedThese instructions will show you the requirements for and...
Q&A from April 2020 Customer Webcast on InsightVM Dashboards & Executive Summary Report
Our recent “Seeing 20/20 with InsightVM” customer webcast on InsightVM dashboards and executive summary report was very well-attended, and we...
Netwalker Fileless Ransomware Injected via Reflective Loading
By Karen Victor Threat actors are continuously creating more sophisticated ways for malware to evade defenses. We have observed Netwalker...
Six need-to-know takeaways from the Verizon breach report
Phishing attacks and stolen credentials have become attackers’ most popular avenues of network compromise, and employee errors are helping pave...
WolfRAT malware targets WhatsApp, Messenger
A new malware called “WolfRAT is targeting messaging apps, such as WhatsApp, Facebook Messenger and Line on Thai Android devices. WolfRAT,...
When the coronavirus infodemic strikes
Social media sites are stepping up their efforts in the war against misinformation… specifically, the coronavirus/COVID-19 infodemic. There’s a seemingly...
Hackers who were preparing attacks on hospitals arrested in Romania
Romanian law enforcement officials stopped the activities of the cybercriminal group PentaGuard, which was preparing to carry out attacks on...
ProLock Ransomware Operators Join Hands with QakBot Trojan to Infect Victims’ Networks
'Human-operated ransomware' has been on a rise with the emergence of ProLock in the month of March, the new ransomware...
Is A Cheap Phone Worth The Cost Of Your Privacy?
There is absolutely no room for doubt that Chinese manufacturers offer an excess of affordable gadgets with extraordinary specs to...
Co-founder of Qiwi Solonin provided Durov a loan of $17 million
Sergey Solonin, one of the founders of the Russian payment service Qiwi Group, decided to re-loan his investment in the...
Verizon’s 2020 DBIR
Verizon’s 2020 DBIR is out, you can download a copy or peruse their publication online. Kaspersky was a contributor once...
Self-XSS – Self-XSS Attack Using Bit.Ly To Grab Cookies Tricking Users Into Running Malicious Code
Self-XSS attack using bit.ly to grab cookies tricking users into running malicious codeHow it works?Self-XSS is a social engineering attack...
Open Sesame – A Tool Which Runs To Display Random Publicly Disclosed Hackerone Reports When Bored
A python tool which runs to display random publicly disclosed Hackerone reports when bored. Automatically opens the report in browser.Contains...
Dancing With the Breaches: A Quick Step Through the 2020 Verizon Data Breach Investigations Report (DBIR)
The Verizon Data Breach Investigations Report (DBIR) has been released, reporting its annual summary of (this year) 32,002 incidents, 3,950...
Integrity Is Indispensable: Assessing Partnerships and Performance Metrics in a Crisis Response
On our third installment of Rapid7’s Remote Work Readiness Series, join us as we reflect on how to leverage partnerships...
A week in security (May 11 – May 17)
Last week on Malwarebytes Labs, we explained why RevenueWire has to pay $6.7 million to settle FTC charges, how CVSS...
Microsoft rolls out a new threat intelligence against COVID-19 attacks
COVID-19 has become a hotspot of cyber attacks and spams as the majority of employees are working from home. These...
Hackers Use Backdoor to Infiltrate Governments and Companies, Motive, not Money.
According to findings by cybersecurity firms Avast and ESET, an APT (Advanced Persistent Threat) cyberattack targeted companies and government authorities...
