Source
Malwarebytes
A roundup of the previous week's blog posts, and the most important and interesting security events and happenings. Categories: A week in security Tags: awis hackers malware phishing roundup week in security *( Read more... ( https://blog.malwarebytes.com/a-week-in-security/2021/11/a-week-in-security-oct-25-oct-31-2021/ ) )* The post A week in security (Oct 25 – Oct 31) appeared first on Malwarebytes Labs.
This blog post was authored by Hasherezade Twice in the past (2017, 2018) we published a Capture-The-Flag challenge dedicated to aspiring malware analysts. Each time it was a Windows executable, containing up to 3 stages to break, in order to get the final flag. The goal of the crackme was to provide an exercise where... Categories: Threat Intelligence Tags: crackme malware *( Read more... ( https://blog.malwarebytes.com/threat-intelligence/2021/10/the-return-of-the-malwarebytes-crackme/ ) )* The post The return of the Malwarebytes CrackMe appeared first on Malwarebytes Labs.
We look at a recent WordPress plugin compromise, explain what it is, and also what you have to do to ensure your blog and visitors are safe. Categories: Exploits and vulnerabilities Tags: api compromise key optinmonster redirect wordpress *( Read more... ( https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/10/update-your-optinmonster-wordpress-plugin-immediately/ ) )* The post Update your OptinMonster WordPress plugin immediately appeared first on Malwarebytes Labs.
One of the hands-on experts from our forums shares their advice on how to protect your data, security, and privacy. Categories: Malwarebytes news Tags: data privacy security tips *( Read more... ( https://blog.malwarebytes.com/malwarebytes-news/2021/10/tips-to-protect-your-data-security-and-privacy-from-an-hands-on-expert/ ) )* The post Tips to protect your data, security, and privacy from a hands-on expert appeared first on Malwarebytes Labs.
Shrootless is a vulnerability found in macOS that can bypass the System Integrity Protection by abusing inherited permissions. Categories: Exploits and vulnerabilities Mac Tags: cve-2021-30892 macOS post installation script Shrootless SIP system_installid zsh zshenv *( Read more... ( https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/10/shrootless-microsoft-finds-apple-vulnerability-in-macos/ ) )* The post Shrootless: Microsoft finds Apple macOS vulnerability appeared first on Malwarebytes Labs.
What you need to know about Ranzy Locker ransomware. Categories: Ransomware Tags: brute force protection exchange raas Ranzy Locker rdp RIG EK shadow volumecopies yara rule *( Read more... ( https://blog.malwarebytes.com/ransomware/2021/10/threat-profile-ranzy-locker-ransomware/ ) )* The post Threat profile: Ranzy Locker ransomware appeared first on Malwarebytes Labs.
What is fileless malware, and what does a fileless attack look like? Some answers. Categories: Explained Tags: attack surface CactusTorch credentials dropper exfiltrate exploit kits fileless fileless attacks fileless malware initial access registry key siem *( Read more... ( https://blog.malwarebytes.com/explained/2021/10/what-is-fileless-malware/ ) )* The post What is fileless malware? appeared first on Malwarebytes Labs.
We look at a small batch of Steam scam messages, focused on offering potential victims "free" knife and bayonet skins. Categories: Scams Tags: community fake free knife phish phishing skin steam trading *( Read more... ( https://blog.malwarebytes.com/scams/2021/10/watch-out-for-the-steam-skin-free-knife-scam/ ) )* The post Watch out for the Steam skin “free knife” scam appeared first on Malwarebytes Labs.
Apple has issued updates for iOS 14.8.1 iPadOS 14.8.1, iOS 15.1, and iPadOS 15.1. We take a look at some of the patched vulnerabilities. Categories: Exploits and vulnerabilities Tags: 14.8 15.1 Apple *( Read more... ( https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/10/update-now-apple-patches-bugs-in-ios-and-ipados/ ) )* The post Update now! Apple patches bugs in iOS and iPadOS appeared first on Malwarebytes Labs.
Trusting the wrong people often leads to cybersecurity mistakes, and it's one of the biggest things our support team gets asked about. Categories: How-tos Tags: advertisements algorithms cookies facebook floc haveibeenpwned phishing privacy trust *( Read more... ( https://blog.malwarebytes.com/how-tos-2/2021/10/how-social-media-mistakes-can-impact-cybersecurity/ ) )* The post How social media mistakes can impact cybersecurity appeared first on Malwarebytes Labs.