Google Security

MAY 11, 2022

It’s why today at I/O we announced new ways we’re reducing the risks of phishing by: scaling phishing protections to Google Docs, Sheets and Slides, continuing to auto enroll people in 2-Step Verification and more. This blog will deep dive into the method of phishing and how it has evolved today.

Phishing 106

Phishing Scams Authentication Accountability 106

Malwarebytes

AUGUST 3, 2022

This blog post was authored by Ankur Saini and Hossein Jazi. In this blog post, we will analyze Woody Rat’s distribution methods, capabilities as well as communication protocol. We will dive into all these commands below in the blog. This very capable Rat falls into the category of unknown threat actors we track.

Malware 108

Malware Encryption Antivirus Architecture 108

Malwarebytes

SEPTEMBER 1, 2022

A blog post published earlier this year posed the question "Is Grammarly a keylogger?" Consider Google docs, for example. The most concerning category of keyloggers. I have personally had people reference that post and ask me to add detection of Grammarly to Malwarebytes. The answer has always been, "no." Malicious keyloggers.

Adware 79

Adware Software Spyware Passwords 79

Security Boulevard

AUGUST 3, 2022

This blog is basically an alpha version for a future blog on how we are evolving and improving the shared responsibility model shortcomings with our shared fate model , but this one only has the challenges, and not the solutions. perhaps the most fundamental concept?—?in in cloud security. Too Much Work and More Complexity.

Risk 64

Risk Threat Detection Accountability Technology 64

Malwarebytes

DECEMBER 2, 2021

This blog post was authored by Hossein Jazi and the Threat Intelligence Team. In this blog post we are providing additional details about SideCopy that have not been published before. We believe this category is very well customized to target government or military officials. address-list-ere-update-sep-2021.zip

Government 133

Government Banking Phishing Antivirus 133

Malwarebytes

AUGUST 3, 2022

This blog post was authored by Ankur Saini and Hossein Jazi. In this blog post, we will analyze Woody Rat's distribution methods, capabilities as well as communication protocol. We will dive into all these commands below in the blog. This very capable Rat falls into the category of unknown threat actors we track.

Malware 62

Malware Encryption Antivirus Architecture 62

SecureList

DECEMBER 23, 2020

In this blog, we describe two separate incidents. Each attack used different tactics, techniques and procedures (TTPs), but we found connections between the two cases and evidence linking those attacks to the notorious Lazarus group. Relationship of recent Lazarus group attack.

Malware 76

Malware Cryptocurrency Encryption Passwords 76

SecureList

APRIL 24, 2023

In this blog post, we’re excited to share what we now know of Tomiris with the broader community, and discuss further evidence of a possible connection to Turla. Tools used by Tomiris fall into three categories: Downloaders, rudimentary malicious programs whose role is to deploy a backdoor or required additional legitimate tools.

Malware 89

Malware DNS Government Software 89

Troy Hunt

JULY 18, 2019

So I blocked these as well: That shouldn't have come as a surprise to anyone as the API docs were actually quite clear about this: The user agent should accurately describe the nature of the API consumer such that it can be clearly identified in the request. Not doing so may result in the request being blocked.

Authentication 230

Authentication Firewall Data breaches Mobile 230