Last week on Malwarebytes Labs, we explored the world of crack hunting, gave you a 101 on the world of bots…
Tag: exploit
New critical vulnerability discovered in open-source office suites
A great number of attack techniques these days are using Microsoft Office documents to distribute malware. In recent years, there has…
Improved Fallout EK comes back after short hiatus
[Edit 2019-01-24] Fallout EK introduces a new dropper to facilitate the final payload retrieval. This update replaces the plain MZ we…
Ryuk ransomware attacks businesses over the holidays
While families gathered for food and merriment on Christmas Eve, most businesses slumbered. Nothing was stirring, not even a mouse—or so…
Vidar and GandCrab: stealer and ransomware combo observed in the wild
We have been tracking a prolific malvertising campaign for several weeks and captured a variety of payloads, including several stealers. One…
New Flash Player zero-day used against Russian facility
For the past couple of years, Office documents have largely replaced exploit kits as the primary malware delivery vector, giving threat…
Fake browser update seeks to compromise more MikroTik routers
This blog post was authored by @hasherezade and Jérôme Segura. MikroTik, a Latvian company that makes routers and ISP wireless systems, has been dealing…
Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT
A variant of a remote code execution vulnerability with Internet Explorer’s scripting engine known as CVE-2018-8373 patched last August has been found in…
‘Hidden Bee’ miner delivered via improved drive-by download toolkit
This blog post was authored by @hasherezade and Jérôme Segura. We recently detected a drive-by download attack trying to exploit CVE-2018-4878, a vulnerability in…
Use TeamViewer? Fix this dangerous permissions bug with an update
TeamViewer, the remote control/web conference program used to share files and desktops, is suffering from a case of “patch it now.”…