Credit to Author: Threat Intelligence Team| Date: Fri, 01 Apr 2022 21:44:40 +0000
In late March, the cyber espionage group UNC2589 also known as SaintBear launched a spear phishing campaign targeting several entities in Ukraine. In this blog we review this attack and the intended payloads.
The post New UAC-0056 activity: There’s a Go Elephant in the room appeared first on Malwarebytes Labs.
Read moreCredit to Author: Threat Intelligence Team| Date: Tue, 29 Mar 2022 18:02:48 +0000
We’ve identified a new campaign using a combination of exploits, malicious macros and other lures that is targeted at Russian individuals who may have violated restrictions imposed by the Russian government.
The post New spear phishing campaign targets Russian dissidents appeared first on Malwarebytes Labs.
Read moreCredit to Author: Threat Intelligence Team| Date: Fri, 18 Mar 2022 22:51:14 +0000
We review two of the latest wipers that have targeted Ukraine recently.
The post Double header: IsaacWiper and CaddyWiper appeared first on Malwarebytes Labs.
Read moreCredit to Author: Mark Stockley| Date: Fri, 11 Mar 2022 22:33:07 +0000
Rate limiting can slow a determined password guessing attack to a crawl, giving defenders months of extra time to respond.
The post Blunting RDP brute-force attacks with rate limiting appeared first on Malwarebytes Labs.
Read moreCredit to Author: Threat Intelligence Team| Date: Thu, 10 Mar 2022 17:59:42 +0000
Get the latest information on ransomware trends with our monthly review.
The post Ransomware: February 2022 review appeared first on Malwarebytes Labs.
Read moreCredit to Author: Threat Intelligence Team| Date: Wed, 09 Mar 2022 19:35:09 +0000
A new malspam campaing is delivering Formbook to Ukrainian citizens, targeting them with a lure of government funds.
The post FormBook spam campaign targets citizens of Ukraine️ appeared first on Malwarebytes Labs.
Read moreCredit to Author: Malwarebytes Labs| Date: Sat, 05 Mar 2022 17:35:27 +0000
A new Formbook campaign is targeting oil and gas companies.
The post Beware of malware offering “Warm greetings from Saudi Aramco” appeared first on Malwarebytes Labs.
Read moreCredit to Author: Threat Intelligence Team| Date: Fri, 04 Mar 2022 17:18:26 +0000
Hours before the invasion of Ukraine by Russian forces, a new piece of malware was launched at Ukrainian targets. In this blog post, we take apart its components and highlight its capabilities.
The post HermeticWiper: A detailed analysis of the destructive malware that targeted Ukraine appeared first on Malwarebytes Labs.
Read moreCredit to Author: Threat Intelligence Team| Date: Tue, 01 Mar 2022 20:49:54 +0000
Perhaps one of the most interesting leaks for the threat intelligence community, the Conti data dumps will provide invaluable data for a long time to come.
The post The Conti ransomware leaks appeared first on Malwarebytes Labs.
Read moreCredit to Author: Threat Intelligence Team| Date: Fri, 25 Feb 2022 20:59:40 +0000
There are many uncertainties with Russia’s invasion and war in Ukraine. In this unpredictable environment, we detail previous, current and expected cyber threats to watch out for.
The post Cyber lures and threats in the context of the war in Ukraine appeared first on Malwarebytes Labs.
Read more