Malware Patrol
Since 2005, organizations have depended on Malware Patrol’s reliable and historically rich threat intelligence to improve their threat detection and response.
Malware Patrol provides real-time threat intelligence that protects against the latest cyber threats, including phishing, malware, ransomware, data exfiltration, and brand infringement. Security teams rely on our dependable and historically rich data to expand their threat landscape visibility, resulting in improved detection rates and response times. For more information, visit malwarepatrol.net.
High-Severity Chrome Bugs Allow Browser Hacks
High-Severity Chrome Bugs Allow Browser Hacks.
https://threatpost.com/google_chrome_bugs_patched/161907/
threatpost.com Desktop versions of the browser received a total of eight fixes, half rated high-severity.
2020: The State of Encrypted Attacks | Zscaler
2020: The State of Encrypted Attacks.
https://www.zscaler.com/blogs/security-research/2020-state-encrypted-attacks
zscaler.com ThreatLabZ analyzed Zscaler cloud traffic for nine months to uncover on the types of cyberattacks that use encryption and the extent of the risk to enterprises.
Protecting computer from unauthorized access
How to avert an evil-maid attack.
https://www.kaspersky.com/blog/evil-maid-attack/37901/
kaspersky.com What an evil-maid attack is and how to defend your company computers against one.
Credit card stealing malware hides in social media sharing icons
Credit card stealing malware hides in social media sharing icons.
https://www.bleepingcomputer.com/news/security/credit-card-stealing-malware-hides-in-social-media-sharing-icons/
bleepingcomputer.com Newly discovered web skimming malware is capable of hiding in plain sight to inject payment card skimmer scripts into compromised online stores.
InfoSec Handlers Diary Blog
Detecting Actors Activity with Threat Intel.
https://isc.sans.edu/diary/rss/26848
isc.sans.edu Detecting Actors Activity with Threat Intel, Author: Guy Bruneau
Another LILIN DVR 0-day being used to spread Mirai.
https://blog.netlab.360.com/another-lilin-dvr-0-day-being-used-to-spread-mirai-en/
Experts Uncover 'Crutch' Russian Malware Used in APT Attacks for 5 Years
Experts Uncover 'Crutch' Russian Malware Used in APT Attacks for 5 Years.
https://thehackernews.com/2020/12/experts-uncover-crutch-russian-malware.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Cyber+Security+Blog%29
thehackernews.com Cybersecurity Researchers Uncover 'Crutch' Russian Malware Framework Used in APT Attacks for 5 Years
How to Protect Your Business From Multi-Platform Malware Systems
How to Protect Your Business From Multi-Platform Malware Systems.
https://www.tripwire.com/state-of-security/featured/protect-your-business-from-multi-platform-malware-systems/
tripwire.com A dive into what you need to know about malware attacks and how multi-platform frameworks are different to standard malware attacks.
Mac users warned of more Ocean Lotus malware targeted attacks
Mac users warned of more Ocean Lotus malware targeted attacks.
https://grahamcluley.com/mac-users-warned-of-more-ocean-lotus-malware-targeted-attacks/
grahamcluley.com Security researchers have warned of the latest incarnation of a backdoor trojan horse that has been used in the past to target Mac users. If you're a Mac user, I really hope you're running anti-virus…
TrickBot's new module aims to infect your UEFI firmware
TrickBot's new module aims to infect your UEFI firmware.
https://www.bleepingcomputer.com/news/security/trickbots-new-module-aims-to-infect-your-uefi-firmware/
bleepingcomputer.com TrickBot malware developers have created a new module that probes for UEFI vulnerabilities, demonstrating the actor's effort to take attacks at a level that would give them ultimate control over infected machines.
IBM Uncovers Global Phishing Campaign Targeting the COVID-19 Vaccine Cold Chain
IBM Uncovers Global Phishing Campaign Targeting the COVID-19 Vaccine Cold Chain.
https://securityintelligence.com/posts/ibm-uncovers-global-phishing-covid-19-vaccine-cold-chain/
securityintelligence.com IBM X-Force recently uncovered a global phishing campaign targeting organizations associated with the COVID-19 vaccine cold chain.
"Free" Symchanger Malware Tricks Users Into Installing Backdoor
“Free” Symchanger Malware Tricks Users Into Installing Backdoor.
https://blog.sucuri.net/2020/12/free-symchanger-malware-tricks-users-into-installing-backdoor.html
blog.sucuri.net Our researcher describes how attackers are distributing malware with backdoors to obtain unauthorized access to other bad actors hacked websites.
Using Speakeasy Emulation Framework Programmatically to Unpack Malware
Using Speakeasy Emulation Framework Programmatically to Unpack Malware.
https://www.fireeye.com/blog/threat-research/2020/12/using-speakeasy-emulation-framework-programmatically-to-unpack-malware.html
fireeye.com The Speakeasy framework provides an easy-to-use, flexible, and powerful programming interface that enables analysts to solve complex problems such as unpacking malware.
Signed Bandook Malware Attacks Against Multiple Industrial Sectors
Signed Bandook Malware Attacks Against Multiple Industrial Sectors.
https://gbhackers.com/signed-bandook-malware/
gbhackers.com Considering that a wide array of sectors and countries have been targeted, it is suspected that the malware is not developed by a single entity.
Multi-Vector Miner+Tsunami Botnet with SSH Lateral Movement
Multi-Vector Miner+Tsunami Botnet with SSH Lateral Movement.
https://securityaffairs.co/wordpress/111761/malware/multi-vector-miner-tsunami-botnet.html?utm_source=feedly&utm_medium=rss&utm_campaign=multi-vector-miner-tsunami-botnet
securityaffairs.co Security researcher Tolijan Trajanovski () analyzed the multi-vector Miner+Tsunami Botnet that implements SSH lateral movement.
Malicious npm packages caught installing remote access trojans | ZDNet
Malicious npm packages caught installing remote access trojans.
https://www.zdnet.com/article/malicious-npm-packages-caught-installing-remote-access-trojans/
zdnet.com JavaScript and Node.js developers who installed the jdb.js and db-json.js packages were infected with the njRAT malware.
What is DataOps? Collaborative, cross-functional analytics
What is DataOps? Collaborative, cross-functional analytics.
https://www.cio.com/article/3237694/what-is-dataops-data-operations-analytics.html
cio.com DataOps (data operations) is an emerging discipline that brings together DevOps teams with data engineer and data scientist roles to provide the tools, processes and organizational structures to support the data-focused enterprise.
What to do in case of a Linux kernel panic
What to do in case of a Linux kernel panic.
https://www.redhat.com/sysadmin/linux-kernel-panic
redhat.com Here's how to avoid panicking when you see a Linux kernel panic.
What is XDR (and Why Do Enterprises Need It)? - SentinelOne | SentinelOne
What is XDR (and Why Do Enterprises Need It)?
https://www.sentinelone.com/blog/2020/11/30/what-is-xdr-and-why-do-enterprises-need-it/
sentinelone.com Protecting the organization across multiple layers requires an XDR platform, but what exactly is XDR? And what should you look for when choosing a solution?
MacOS users targeted with updated malware
MacOS users targeted with updated malware.
https://www.itsecurityguru.org/2020/12/01/macos-users-targeted-with-updated-malware/?utm_source=feedly&utm_medium=rss&utm_campaign=macos-users-targeted-with-updated-malware
itsecurityguru.org A new form of malware has been discovered to be targeting Apple MacOS user, with researches saying that it is tied to a state-backed hacking operation. The malw
Microsoft Defender for Identity now detects Zerologon attacks
Microsoft Defender for Identity now detects Zerologon attacks.
https://www.bleepingcomputer.com/news/security/microsoft-defender-for-identity-now-detects-zerologon-attacks/
bleepingcomputer.com Microsoft has added support for Zerologon exploitation detection to Microsoft Defender for Identity to allow Security Operations teams to detect on-premises attacks attempting to abuse this critical vulnerability.
OnionSearch - A Script That Scrapes Urls On Different .Onion Search Engines.
https://www.kitploit.com/2020/12/onionsearch-script-that-scrapes-urls-on.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+PentestTools+%28PenTest+Tools%29
German users targeted with Gootkit banker or REvil ransomware
German users targeted with Gootkit banker or REvil ransomware.
https://blog.malwarebytes.com/threat-analysis/2020/11/german-users-targeted-with-gootkit-banker-or-revil-ransomware/
blog.malwarebytes.com After a noted absence, the Gootkit banking Trojan returns en masse to hit Germany. In an interesting twist, some of the victims may receive ransomware instead.
Preventing the Unknown with Static Analysis - Check Point Software
Preventing the Unknown with Static Analysis.
https://blog.checkpoint.com/2020/11/30/preventing-the-unknown-with-static-analysis/
blog.checkpoint.com This blog provides insights into zero-day unknown threats – what are they, and why is it a challenge to protect against them. Also, it covers Check Point
DNS data mining case study - skidmap.
https://blog.netlab.360.com/security-with-dns-data_en/
Chip maker Advantech hit by Conti ransomware gang.
https://securityaffairs.co/wordpress/111606/security/advantech-conti-ransomware.html?utm_source=feedly&utm_medium=rss&utm_campaign=advantech-conti-ransomware
Week in review: Drupal-based sites open to attack, cPanel 2FA bypass vulnerability - Help Net Security
Week in review: Drupal-based sites open to attack, cPanel 2FA bypass vulnerability.
https://www.helpnetsecurity.com/2020/11/29/week-in-review-drupal-based-sites-open-to-attack-cpanel-2fa-bypass-vulnerability/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+HelpNetSecurity+%28Help+Net+Security%29
helpnetsecurity.com Here's an overview of some of last week's most interesting news and articles: Challenges organizations face in combating third-party cyber risk A CyberGRX
Europol and partners thwart massive credit card fraud scheme | WeLiveSecurity
Europol and partners thwart massive credit card fraud scheme.
https://www.welivesecurity.com/2020/11/27/europol-partners-thwart-credit-card-fraud-scheme/
welivesecurity.com Europol and partners have teamed up to disrupt trade in stolen credit card data on the dark web, preventing around €40 million in losses for both consumers and organizations.
Top 5 business sectors targeted by ransomware
Top 5 business sectors targeted by ransomware.
https://www.techrepublic.com/article/top-5-business-sectors-targeted-by-ransomware/
techrepublic.com Any business is subject to ransomware attacks, but some are more hit more than others. Tom Merritt lists five business sectors that are targeted by ransomware.
Digitally Signed Bandook Malware Once Again Targets Multiple Sectors.
https://thehackernews.com/2020/11/digitally-signed-bandook-malware-once.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Cyber+Security+Blog%29
WAPDropper – Android Malware Subscribing Victims To Premium Services By Telecom Companies - GBHackers On Security
WAPDropper – Android Malware Subscribing Victims To Premium Services By Telecom Companies.
https://gbhackers.com/wapdropper-android-malware/
gbhackers.com Security analysts have found a new malware that infects mobile devices and subscribes the victims to premium subscription provided by telecom companies, and the victim remains oblivious to this. The CAPTCHA verification that is usually required to subscribe to these services is bypassed via Machine....
Canon publicly confirms August ransomware attack, data theft
Canon publicly confirms August ransomware attack, data theft.
https://www.bleepingcomputer.com/news/security/canon-publicly-confirms-august-ransomware-attack-data-theft/
bleepingcomputer.com Canon has finally confirmed publicly that the cyberattack suffered in early August was caused by ransomware and that the hackers stole data from company servers.
Hackers Love Expired Domains
Hackers Love Expired Domains.
https://blog.sucuri.net/2020/11/hackers-love-expired-domains.html
blog.sucuri.net Our researcher explains how attackers leverage expired domains to replace legitimate resources with their own malware, impacting anyone who continues to use the deprecated domain.
vSphere Backup Best Practices.
https://www.solarwindsmsp.com/blog/vsphere-backup-best-practices
Click here to claim your Sponsored Listing.
The Threat Intelligence You Need
Malware Patrol offers a wide range of real-time, actionable cyber threat intelligence. Founded in 2005, our historically rich data is now used by thousands to protect networks and assets in more than 175 countries.
Collecting, analyzing, and sharing data for over a decade has allowed us to develop an extensive network of geographically diverse sensors, sharing agreements, and community contributors. Proprietary systems work non-stop to monitor and continually validate IOCs; each indicator is verified daily to ensure we provide only active and newly detected threats. These efforts result in our vast database of unique and “intelligent” threat data.
Our data is related to the most prevalent attack vectors and it helps to identify compromised machines, bots, data leaks, botnets, malware and phishing control infrastructures, malware infection points and other threats.
Cyber security teams and researchers rely on Malware Patrol’s timely and accurate intelligence to expand their threat landscape visibility, improve detection rates and response times and to block malicious traffic to/from their networks.
Videos (show all)
Category
Contact the business
Telephone
Website
Address
Saint Petersburg, FL
33701
Opening Hours
Monday | 9am - 5pm |
Tuesday | 9am - 5pm |
Wednesday | 9am - 5pm |
Thursday | 9am - 5pm |
Friday | 9am - 5pm |