DarkGate reloaded via malvertising and SEO poisoning campaigns
The new version of the DarkGate malware is currently actively being distributed via malspam, malicious ads and SEO poisoning. In July 2023, we observed a malvertising…
Category: MalwareBytes
Ivanti Sentry critical vulnerability—don’t play dice, patch
There is some uncertainty about whether a vulnerability in Ivanti Sentry is being exploited in the wild, but why take the risk when you can…
Update now! WinRAR files can be abused to run malware
A new version of WinRAR is available that patches two vulnerabilities attackers could use for remote code execution. A new version of the file archiving…
Alert Prioritization and Guided Remediation: The future of EDR
Defeat alert fatigue using specialized threat intelligence. Sleepless nights, missed threats, a deluge of notifications—the common symptoms of the bane of IT teams everywhere: Alert fatigue.…
QR codes used to phish for Microsoft credentials
Researchers have been monitoring a phishing campaign that uses QR codes and Bing redirects to lead targets to phishing sites. Researchers have published details about…
Chrome will soon start removing extensions that may be unsafe
We take a look at news that Chrome will soon start asking users if they want to remove outdated extensions. Retroactive removals are finally on…
Trusted Advisor puts you in the security driving seat
Malwarebytes’ new Trusted Advisor makes security easy with a comprehensive, at-a-glance, real-time assessment. Malwarebytes’ new Trusted Advisor dashboard provides an easy to understand assessment of…
Exchange Server security updates updated
Microsoft Exchange Server administrators may have to install a re-released security patch Microsoft has re-released the August 2023 Security Updates (SUs) for Exchange Server. The…
Patch now! Citrix Sharefile joins the list of actively exploited file sharing software
Citrix ShareFile can be exploited remotely by unauthenticated attackers. The Cybersecurity and Infrastructure Security Agency (CISA) has added a vulnerability to its catalog of know…
Attackers demand ransoms for stolen LinkedIn accounts
LinkedIn support channels are being swamped by users that have been locked out of their accounts. An ongoing campaign targeting LinkedIn accounts has led to…
Citrix NetScalers backdoored in widespread exploitation campaign
Researchers have found almost 2000 backdoored Citrix NetScalers, many of which were patched after the backdoor in the form of a web shell was dropped.…
Catching up with WoofLocker, the most elaborate traffic redirection scheme to tech support scams
This tech support scam is one of the most long running and covert ones we have ever seen. Back in January 2020, we blogged about…