In May, a new ransomware variant called GandCrab started spreading. It has continued to evolve over the last few months, with attackers changing the way they deliver it and refining its encryption techniques. The latest variant, version 4.1, uses a new encryption method, changes its extension, and was rumored to use an automated SMB spreader similar to Wannacry. However, one of … [Read more...]
D-Link Cert in Malware – Daily Security Byte
A new backdoor trojan with password stealing capabilities has spread lately, which isn't that unusual save for the fact that this one uses a stolen D-Link digital certificate. Watch today's video to learn a bit more about the Plead malware, and how its use of stolen certificates might help it get past some security mechanisms. Episode Runtime: 1:26 Direct YouTube … [Read more...]
Buggy Microsoft Patches – Daily Security Byte
Last week, Microsoft released a bunch of security updates for July. However, this week they had to release more updates to fix problems with those patches. Watch today's video to learn more, and check out the article in the reference section for details on what you need to do. Episode Runtime: 1:43 Direct YouTube Link: https://www.youtube.com/watch?v=m6lYIy9xXvk EPISODE … [Read more...]
Grab July Patches – Daily Security Byte
As you probably know, the second Tuesday of the month is Microsoft Patch Day. Furthermore, a few other big software vendors, like Adobe and Apple, share the same patch day and week. Last week, all three of those companies released a bunch of security updates for many of their most popular products and operating systems. If you use Microsoft, Apple, or Adobe products, watch the … [Read more...]
New Way to Hijack Office Documents – Daily Security Byte
Recently, MalwareBytes posted a story about a new macro-less technique attackers can use to booby-trap an Office document with malware. Turns out the story was based on research from the SpecterOps team from over a month ago. By leveraging a lesser known file type, an attacker can create a malicious Office document that could execute malware, and even bypass some of Windows' … [Read more...]
