Lazarus APT conceals malicious code within BMP image to drop its RAT
The North Korean APT uses a clever technique to bypass security products by embedding one of its payload as a BMP image.
Microsoft Exchange attacks cause panic as criminals go shell collecting
The ProxyLogon vulnerability in Microsoft Exchange has moved from an Advanced Persistent Threat to cybercrime’s new toy in record time.
Defending online anonymity and speech with Eva Galperin: Lock and Code S02E03
On Lock and Code, we talk to Eva Galperin, director of cybersecurity for EFF, about the importance of defending online anonymity and speech.
SolarWinds advanced cyberattack: What happened and what to do now
Possibly the largest hacking operation of 2020 was just unveiled. In this blog we share what we know and what you should do right now.
Silent Librarian APT right on schedule for 20/21 academic year
As expected, this Iranian APT set up a new campaign to target universities around the world when schools and universities went back.
Release the Kraken: Fileless injection into Windows Error Reporting service
We discovered a new attack that injected its payload—dubbed “Kraken—into the Windows Error Reporting (WER) service as a defense evasion mechanism.
Lock and Code S1Ep15: Safely using Google Chrome Extensions with Pieter Arntz
This week on Lock and Code, we talk to Pieter Arntz, malware intelligence researcher for Malwarebytes, about Google Chrome extensions.
A week in security (July 20 – 26)
A roundup of cybersecurity news from July 20 – 26, including Deepfakes, Bluetooth technology, and APT groups.
Chinese APT group targets India and Hong Kong using new variant of MgBot malware
We uncovered an active campaign in early July that we attribute to a new Chinese APT group attacking India and Hong Kong with MgBot malware.
Multi-stage APT attack drops Cobalt Strike using Malleable C2 feature
A newly discovered APT spear-phishing attack implements several evasion techniques to drop Cobalt Strike toolkit.
