Lock and Code S1Ep15: Safely using Google Chrome Extensions with Pieter Arntz
This week on Lock and Code, we talk to Pieter Arntz, malware intelligence researcher for Malwarebytes, about Google Chrome extensions.
A week in security (July 20 – 26)
A roundup of cybersecurity news from July 20 – 26, including Deepfakes, Bluetooth technology, and APT groups.
Chinese APT group targets India and Hong Kong using new variant of MgBot malware
We uncovered an active campaign in early July that we attribute to a new Chinese APT group attacking India and Hong Kong with MgBot malware.
Multi-stage APT attack drops Cobalt Strike using Malleable C2 feature
A newly discovered APT spear-phishing attack implements several evasion techniques to drop Cobalt Strike toolkit.
New LNK attack tied to Higaisa APT discovered
We describe a new spearphishing campaign tied to the potential North Korean Higaisa APT group.
New Mac variant of Lazarus Dacls RAT distributed via Trojanized 2FA app
The Lazarus group improves their toolset with a new RAT specifically designed for the Mac.
A week in security (April 27 – May 3)
A roundup of the previous week’s security news, including cloud data protection, Troldesh, VPNs, the cybercrime economy, and more.
APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT
We look at a spear phishing attack from APT36, an Advanced Persistent Threat group posing as the government of India and offering guidance on coronavirus. Instead, users are infected with a Crimson RAT that steals data.
Securing the MSP: why they’re their own worst enemy
Behind each cyberattack on the MSP is typically a system left unpatched, asset management undone, security officer not hired, or board who sees investment in security as a cost center rather than a long-term investment.
A week in security (October 28 – November 3)
A roundup of the latest cybersecurity news for the week of October 28 – November 3, including cyberattacks against SMBs, the Internet’s 50th birthday, stalkerware, donation scams, and more.
