OFFICIAL SECURITY BLOG

A Week in Security (April 27 – May 3)

May 5, 2014 | BY

Here’s a review of last week’s posts on Malwarebytes Unpacked:

  • Cyber-criminals interested in Microsoft Azure, too (Fraud/Scam Alert) The Microsoft Azure public cloud platform was found being used by online criminals to host phishing pages to target, in this case, Apple users. Azure-hosted phish has been around for quite a while, with the earliest case recorded in 2012 where a phishing site targeted Brazilian bankers.
  • Automating Malware Analysis with Cuckoo Sandbox (Malware Analysis) “To fully understand a sample, it can take a long time–in some cases, it may take years.” writes Malware Intelligence Analyst Joshua Cannell,”The problem for malware analysts and security researchers alike is we don’t have years to dedicate to one sample.” In this blog, Joshua suggested using a sandbox to get the job done a lot quicker. Cuckoo, however, is not the ready-to-install, user-friendly type of software that one would normally expect. He provided tips for beginners.
  • Sideloading Apps is a Dangerous Game (Mobile Security) Malware Intelligence Lead Adam Kujawa advises readers to trust only authorized and reputable  stores when one is looking for apps to download for their mobile devices, whether these be movies, music albums, or new game in the market. More often than not, .APK downloads claiming to be free are malware.
  • Fake and Bundled Malwarebytes Anti-Malware 2.0 Abound (Security Threat) In this blog posts, we discussed the potentially unwanted programs (PUPs) and a survey scam we encountered while scouring the Web for download sites and files that may give users more trouble than the solution our product promises. We’ve seen something like this happen before with other popular security software product. We weren’t surprised when certain groups or individuals started targeting luring users with the MBAM brand.
  • Microsoft warns against new Internet Explorer Zero-Day UPDATED (Exploits) Senior Threat Researcher Jérôme Segura updated his April 28 post to include news of Microsoft also providing a patch or fix for their users who decided to or are sticking to (at least for now) Windows XP.

Top news stories:

Stay secure, everyone!

Jovi Umawing