The year is 2023 and there still are some people using Internet Explorer on planet Earth. More shocking perhaps, is the…
Tag: exploit kits
What is fileless malware?
Unlike traditional malware, which relies on a file being written to a disk, fileless malware is intended to be memory resident…
Adobe Flash Player reaches end-of-life
“What now? My farm is no longer working. Can you have a look, honey?” Like millions of other people my wife…
Malsmoke operators abandon exploit kits in favor of social engineering scheme
Exploit kits continue to be used as a malware delivery platform. In 2020, we’ve observed a number of different malvertising campaigns…
Taurus Project stealer now spreading via malvertising campaign
For the past several months, Taurus Project—a relatively new stealer that appeared in the spring of 2020—has been distributed via malspam…
Malvertising campaigns come back in full swing
Malvertising campaigns leading to exploit kits are nowhere near as common these days. Indeed, a number of threat actors have moved…
Copycat criminals abuse Malwarebytes brand in malvertising campaign
While exploit kit activity has been fairly quiet for some time now, we recently discovered a threat actor creating a copycat—fake—Malwarebytes…
A week in security (November 18 – 24)
Last week on Malwarebytes Labs, we looked at stalkerware’s legal enforcement problem, announced our cooperation with other security vendors and advocacy…
Pulse VPN patched their vulnerability, but businesses are trailing behind
In April 2019, Pulse Secure published an advisory about a vulnerability in their software. In August, cybercriminals were massively scanning for…
Five years later, Heartbleed vulnerability still unpatched
The Heartbleed vulnerability was introduced into the OpenSSL crypto library in 2012. It was discovered and fixed in 2014, yet today—five…