A cyberattack is not the same thing as malware—in fact, malware itself is typically the last stage of an attack, the…
Month: November 2022
QBot uses zero-day MotW bypass in phishing campaign
QBot, an infostealer-turned-dropper malware, is being successfully dropped onto affected systems, thanks to a zero-day bypass once used by cybercriminals in Magniber…
Meta contractors ousted after internal probe catches them abusing Oops tool
Meta (formerly named Facebook) reportedly fired “more than a dozen security guards and workers” in the past year after user information and logins…
A week in security (November 14 – 20)
Last week on Malwarebytes Labs: Stay safe!
FBI concerned about TikTok’s US operations
In a live hearing of the Worldwide Threats to the Homeland, conducted on Tuesday, November 15, FBI Director Christopher Wray expressed deep…
Stealing Mastodon passwords
With large parts of the security community flocking to Mastodon, seemingly the closest thing to a Twitter alternative, some of them…
Ransomware access provider DEV-0569 innovates phishing tactics
The evolving work of a threat actor and access provider that Microsoft has tracked as “DEV-0569” was recently spotted in broader ransomware delivery, according…
APT broke into a federal agency using Log4Shell
In a joint cybersecurity advisory, two US federal agencies have revealed that an attacker sponsored by the Iranian government broke into…
Longest running WordPress malware campaign promotes rogue McAfee affiliate
Many websites owners often ask themselves why criminals are putting malware on their WordPress instance. It doesn’t always make sense, especially when it’s…