A week in security (April 18 – 24)
The most important and interesting stories in security from the last seven days
Why you shouldn’t automate your VirusTotal uploads
Security teams use VirusTotal as a second opinion scanner, but it’s not advisable to upload documents to VirusTotal as that may result in a breach of confidence and exposure of confidential data.
Babuk ransomware builder leaked following muddled “retirement”
Heads are being scratched after the Babuk ransomware builder appears on VirtuTotal, adding to the gang’s reputation for confusion.
4 things you should know about testing AV software with VirusTotal’s free online multiscanner
SMBs looking to test their endpoint protection often turn to VirusTotal. Here’s four reasons to be careful if you’re doing that.
Breaking free from the VirusTotal silo: Lock and Code S02E07
This week on Lock and Code, we speak to Malwarebytes CISO John Donovan about going beyond VirusTotal to evaluate your cybersecurity tools.
Caution: Misuse of security tools can turn against you
If not implemented correctly, the very security tools we use to keep our information private may actually cause data leaks themselves. We outline a few cases and provide suggestions for researchers and security admins.
Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT
A threat actor implements a newer vulnerability exploited in Internet Explorer to serve up the Quasar RAT and diversify the portfolio of attacks.
CryptoBlock ransomware and its C2
CryptoBlock is an interesting ransomware to keep an eye on. We expect this to be a ransomware that is in development to eventually develop into a RaaS (Ransomware as a Service).
Process Explorer: an introduction
We give you a short introduction to Process Explorer and showed you a few ways to use it when you are trying to identify a possible malware problem with your Windows system.