Waterbear is Back, Uses API Hooking to Evade Security Product Detection
By Vickie Su, Anita Hsieh, and Dove Chiu Waterbear, which has been around for several years, is a campaign that...
Security
December Patch Tuesday: Vulnerabilities in Windows components, RDP, and PowerPoint Get Fixes
Microsoft released a total of 36 patches for December’s Patch Tuesday. Decembers tend to have a relatively low number of...
Obfuscation Tools Found in the Capesand Exploit Kit Possibly Used in “KurdishCoder” Campaign
by William Gamazo Sanchez and Joseph C. Chen In November 2019, we published a blog analyzing an exploit kit we...
Mobile Cyberespionage Campaign Distributed Through CallerSpy Mounts Initial Phase of a Targeted Attack
We found a new spyware family disguised as chat apps on a phishing website. We believe that the apps, which...
Building a Culture of Security Awareness: How to Use Performance Metrics to Communicate SOC Effectiveness Throughout Your Org
It’s no secret that as the security landscape becomes increasingly complex, resources are becoming harder and harder to find. Team...
IoT Vuln Disclosure: Children’s GPS Smart Watches (R7-2019-57)
Executive summary As part of a recent IoT hacking training exercise, a number of Rapid7 penetration testers set out to...
Patch Tuesday – December 2019
Today we come to the end of 2019's monthly Microsoft Patch Tuesday (also known as Update Tuesday). This Christmas, Microsoft...
How to Actually Reduce Risk in Your Environment
What is a vulnerability risk management program? A vulnerability risk management program is imperative at any organization to secure assets,...
How I Shut Down a (Test) Factory with a Single Layer 2 Packet
At Rapid7 Labs we are always on the look for new research topics and fields to stick our fingers in...
Ffuf – Fast Web Fuzzer Written In Go
A fast web fuzzer written in Go.Heavily inspired by the great projects gobuster and wfuzz.FeaturesFast!Allows fuzzing of HTTP header values,...
Fileintel – A Modular Python Application To Pull Intelligence About Malicious Files
This is a tool used to collect various intelligence sources for a given file. Fileintel is written in a modular...
Genact – A Nonsense Activity Generator
Pretend to be busy or waiting for your computer when you should actually be doing real work! Impress people with...
Anti-Virus Maker Discovers A Bug within Ryuk Ransomware
An antivirus maker discovered a bug in the decrypter application of the Ryuk Ransomware, the application "the Ryuk gang" basically...
Fake Elder Scrolls Online developers go phishing on PlayStation
A player of popular gaming title Elder Scrolls Online recently took to Reddit to warn users of a phish via...
A week in security (December 2 – December 8)
Last week on Malwarebytes Labs, we took a look at a new version of the IcedID Trojan, described web skimmers...
Please don’t buy this: smart doorbells
Though Black Friday and Cyber Monday are over, the two shopping holidays were just precursors to the larger Christmas season—a...
Hundreds of counterfeit online shoe stores injected with credit card skimmer
There’s a well-worn saying in security: “If it’s too good to be true, then it probably isn’t.” This can easily...
Another, Here is my OSCP story
So the OSCP journey is hard work, needs commitment, understanding from your wife and a try harder attitude (you will...
AI is key to speeding up threat detection and response
Time is the most important factor in detecting network breaches and, consequently, in containing cyber incidents and mitigating the cost of...
Are we surpirsed that Millions of ‘must be firewalled’ services are open to the entire internet
Millions of services that ought to be restricted are exposed on the open internet, creating a huge risk of hacker...
Linux.Wifatch ‘malware’ may be patching up security flaws
SYMANTEC is reporting about Linux.Wifatch They are suggesting that it might be a good guy type of internet threat that wants to...
Androids still vulnerable, even after Google patch
Update flawed, new one needed for countless gadgets Google's security update to fix the Stagefright vulnerability in millions of Android...
BitDefender fails to encrypt usernames and passwords
BitDefender has compromised the details of around 250 users after a data breach revealed that it doesn't encrypt details of...
Google Patches 43 Vulnerabilities With Release of Chrome 44
Google has updated the stable channel of Chrome to version 44.0.2403.89. In addition to new features, which Google plans to...
