The Microsoft 365 Defender Research Team has warned that attackers are increasingly leveraging Internet Information Services (IIS) extensions as covert backdoors into servers. IIS extensions are able to stay hidden in target environments and as such provide a long-term persistence mechanism for attackers. IIS IIS is webserver software created by Mic

It’s fun to jump on our favorite social media sites such as Facebook, Instagram, or LinkedIn and know we can quickly check in with friends and family, discover interesting content, and instantly connect with colleagues worldwide. The last thing on most of our minds when tapping our way into these familiar online communities is being the target of cybercrime.

Experts warn that the popular antivirus product Norton 360 has installed a cryptocurrency miner on its customers’ computers. Many users ignore that Norton 360 comes with a cryptomining feature, dubbed Norton Crypto, that could allow them to earn money mining Ethereum (ETH) cryptocurrency while the customer’s computer is idle. Norton keeps a 15% of the mi

As you may already know, the business, tech, and cybersecurity industries have been buzzing about Log4Shell (CVE-2021-44228), aka Logjam, the latest software flaw in an earlier version of the Apache Log4j logging utility. As the name suggests, a logger is a piece of software that logs every event that happens in a computer system. The records it produces are

A fair few cryptocurrency scams have been doing the rounds across 2021. Most of them are similar if not identical to tactics used in previous years with an occasional twist. Here’s some of the most visible ones you should be steering clear of. Recovery code theft Many Bitcoin wallets make use of something called recovery codes. These are, as the name s

Last week on Malwarebytes Labs: DNS-over-HTTPS takes another small step towards global dominationNope, that isn’t Elon Musk, and he isn’t offering a free Topmist Dust watch eitherFour in-the-wild exploits, 13 critical patches headline bumper Patch TuesdayIs crypto’s criminal rollercoaster approaching a terminal dip?Ransomware’s Russia problemSonicWall war

It’s a turbulent time in the cryptomining realm, especially for malware authors. Some big attacks and a lot of publicity has resulted in prolific groups promising to disband, even if potentially only temporarily. Running a tight(er) ship The mining banhammer continues to swing as China keeps putting pressure on miners to do it elsewhere. The US is tipp

Last week on Malwarebytes Labs: Is it Game Over for VR Advergaming?Lil’ skimmer, the Magecart impersonatorWhat is the WireGuard VPN protocol?Binance receives the ban hammer from UK’s FCAFired by algorithm: The future’s here and it’s a robot wearing a white collarSecond colossal Linkedin “breach” in 3 months, almost all users affectedPolice seize DoubleVPN

Only last week we posted a blog about multiple zero-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. Seeing how this disclosure came with a patch being available, under normal circumstances you would see some companies update quickly and others would dally until it bubbled up to the top of t

byDanny BradburyRemember when as a server operator all you had to worry about were people scanning for open ports and then stealing secrets via telnet shells? Those were the days, eh?Things got a lot more complicated when the cloud got popular. Now, hackers are gaining access to cloud-based systems via the web, and they’re using them to mine for cryptocurren

A previously undocumented botnet called “VictoryGate” propagated via infected USB devices in order to perform Monero-mining functionality.Slovakian security firm ESET revealed that it had sinkholed several command-and-control (C&C) domains so that it could monitor VictoryGate’s activity.Through this process, the company learned that Vic

byDanny BradburyCryptojacking may not be entirely dead following the shutdown of a notorious cryptomining service, but it isn’t very healthy, according to a paper released this week.Cryptomining websites embed JavaScript code that forces the user’s browser to begin mining for cryptocurrency. The digital asset of choice is normally Monero, which i