#Threat Intelligence

After code obfuscation, anti-debugger tricks we now see virtual machine detection used by credit card skimmers. Categories: Threat Intelligence Tags: Magecart magento online shopping skimmers Virtual Machines *( Read more... ( https://blog.malwarebytes.com/threat-intelligence/2021/11/credit-card-skimmer-evades-virtual-machines/ ) )* The post Credit card skimmer evades Virtual Machines appeared first on Malwarebytes Labs.

This blog post was authored by Hasherezade Twice in the past (2017, 2018) we published a Capture-The-Flag challenge dedicated to aspiring malware analysts. Each time it was a Windows executable, containing up to 3 stages to break, in order to get the final flag. The goal of the crackme was to provide an exercise where... Categories: Threat Intelligence Tags: crackme malware *( Read more... ( https://blog.malwarebytes.com/threat-intelligence/2021/10/the-return-of-the-malwarebytes-crackme/ ) )* The post The return of the Malwarebytes CrackMe appeared first on Malwarebytes Labs.

We look at a recent WordPress plugin compromise, explain what it is, and also what you have to do to ensure your blog and visitors are safe. Categories: Exploits and vulnerabilities Tags: api compromise key optinmonster redirect wordpress *( Read more... ( https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/10/update-your-optinmonster-wordpress-plugin-immediately/ ) )* The post Update your OptinMonster WordPress plugin immediately appeared first on Malwarebytes Labs.

One of the hands-on experts from our forums shares their advice on how to protect your data, security, and privacy. Categories: Malwarebytes news Tags: data privacy security tips *( Read more... ( https://blog.malwarebytes.com/malwarebytes-news/2021/10/tips-to-protect-your-data-security-and-privacy-from-an-hands-on-expert/ ) )* The post Tips to protect your data, security, and privacy from a hands-on expert appeared first on Malwarebytes Labs.

Shrootless is a vulnerability found in macOS that can bypass the System Integrity Protection by abusing inherited permissions. Categories: Exploits and vulnerabilities Mac Tags: cve-2021-30892 macOS post installation script Shrootless SIP system_installid zsh zshenv *( Read more... ( https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/10/shrootless-microsoft-finds-apple-vulnerability-in-macos/ ) )* The post Shrootless: Microsoft finds Apple macOS vulnerability appeared first on Malwarebytes Labs.

This case reminds us that web skimming attacks are ongoing even if we don't always hear about them. Categories: Threat Intelligence Tags: Magecart q-logger skimmers *( Read more... ( https://blog.malwarebytes.com/threat-intelligence/2021/10/q-logger-skimmer-keeps-magecart-attacks-going/ ) )* The post q-logger skimmer keeps Magecart attacks going appeared first on Malwarebytes Labs.

For the second time this year the REvil ransomware group has disappeared off the grid. Will they come back again? All bets are open. Categories: Ransomware Tags: BlackMatter darkside kasey ransomware revil Tor service *( Read more... ( https://blog.malwarebytes.com/ransomware/2021/10/revil-ransomware-gang-disappears-after-tor-services-hijacked/ ) )* The post [updated]REvil ransomware disappears after Tor services hijacked appeared first on Malwarebytes Labs.