Using Emulation Against Anti-Reverse Engineering Techniques
In this blog post, the FortiGuard Labs team reviews how to use emulation against anti-reverse engineering techniques using the Pandora ransomware as an example. Learn more.
Month: April 2022
North Korean Lazarus APT group targets blockchain tech companies
Credit to Author: Pieter Arntz| Date: Tue, 19 Apr 2022 13:56:55 +0000
The Lazarus Group is targeting companies involved in blockchain technology.
The post North Korean Lazarus APT group targets blockchain tech companies appeared first on Malwarebytes Labs.
Read moreCritically Underrated: Studying the Data Distribution Service (DDS) Protocol
Researchers from Trend Micro Research, TXOne, ADLINK, Alias Robotics, and ZDI looked into the Data Distribution Service (DDS) standard and its implementations from a security angle. The full findings of this research will be presented in the S4X22 Conference in April 2022.
Conti’s Ransomware Toll on the Healthcare Industry
Credit to Author: BrianKrebs| Date: Mon, 18 Apr 2022 20:41:08 +0000
Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But new information confirms this pledge was always a lie, and that Conti has launched more than 200 attacks against hospitals and other healthcare facilities since first surfacing in 2018 under the name “Ryuk.”
Read moreWhen humans make tech mistakes
Credit to Author: Susan Bradley| Date: Mon, 18 Apr 2022 08:54:00 -0700
We often think vendors are perfect. They have backups. They have redundancy. They have experts that know exactly how to deploy solutions without fail. And then we see they aren’t any better than we are.
Let’s look at a few recent examples.
In the small to mid-sized business (SMB) space, StorageCraft has long been a trusted backup software vendor. One of the first to make image backups easy to do, it was used and recommended by many managed service providers. After StorageCraft was acquired by Arcserve in March 2021, there were no immediate major changes in how the company ran.
Why you shouldn’t automate your VirusTotal uploads
Credit to Author: Pieter Arntz| Date: Mon, 18 Apr 2022 15:33:35 +0000
Security teams use VirusTotal as a second opinion scanner, but it’s not advisable to upload documents to VirusTotal as that may result in a breach of confidence and exposure of confidential data.
The post Why you shouldn’t automate your VirusTotal uploads appeared first on Malwarebytes Labs.
Read moreAn Investigation of the BlackCat Ransomware via Trend Micro Vision One
Credit to Author: Lucas Silva| Date: Mon, 18 Apr 2022 00:00:00 +0000
We recently investigated a case related to the BlackCat ransomware group using the Trend Micro Vision One™ platform, which comes with extended detection and response (XDR) capabilities. BlackCat (aka AlphaVM or AlphaV) is a ransomware family created in the Rust programming language and operated under a ransomware-as-a-service (RaaS) model.
Read moreCyber Risk Index (2H’ 2021): An Assessment for Security Leaders
Credit to Author: Jon Clay| Date: Mon, 18 Apr 2022 00:00:00 +0000
We take a look at our latest Cyber Risk Index (CRI) findings across North America, Europe, Asia-Pacific, and Latin/South America, to help security leaders better understand, communicate, and address their enterprise’s cyber risk.
Read moreA week in security (April 11 – 17)
Credit to Author: Malwarebytes Labs| Date: Mon, 18 Apr 2022 11:27:24 +0000
The most important and interesting stories in security from the last 7 days
The post A week in security (April 11 – 17) appeared first on Malwarebytes Labs.
Read moreTrends in the Recent Emotet Maldoc Outbreak
FortiGuard Labs observed that a recent Emotet outbreak is being spread through a variety of malicious Microsoft Office files, or maldocs, attached to phishing emails. Read our blog to learn how the malware spreads, what the malicious documents look like, and how to avoid this scam.