ThreatDown powered by Malwarebytes: A 15 Year Journey
With the release of ThreatDown, let’s take a look at Malwarebytes’ 15-year legacy and what’s next.
With the release of ThreatDown, let’s take a look at Malwarebytes’ 15-year legacy and what’s next.
The North Korea-linked nation-state group called BlueNoroff has been attributed to a previously undocumented macOS malware strain dubbed ObjCShellz.
Jamf Threat Labs, which disclosed details of the malware, said it’s used as part of the RustBucket malw…
An evolution in cybersecurity is needed. It starts with us. Announcing ThreatDown.
A new variant of the GootLoader malware called GootBot has been found to facilitate lateral movement on compromised systems and evade detection.
“The GootLoader group’s introduction of their own custom bot into the late stages of their attack chain is …
Numerous industries—including technology, financial services, energy, healthcare, and government—are rushing to incorporate cloud-based and containerized web applications.
The benefits are undeniable; however, this shift presents new security challeng…
Double Venom (DVenom) is a tool that helps red teamers bypass AVs by providing an encryption wrapper and loader for your shellcode. Capable of bypassing some well-known antivirus (AVs). Offers multiple encryption methods including RC4, AES256,…
Okta has concluded that the root cause of its breach was an employee storing company credentials in a private Google account.
ChatGPT: Productivity tool, great for writing poems, and… a security risk?! In this article, we show how threat actors can exploit ChatGPT, but also how defenders can use it for leveling up their game.
ChatGPT is the most swiftly growing consumer appli…
The Pakistan-linked threat actor known as SideCopy has been observed leveraging the recent WinRAR security vulnerability in its attacks targeting Indian government entities to deliver various remote access trojans such as AllaKore RAT, Ares RAT, and DR…
Multiple ransomware groups have begun to actively exploit recently disclosed flaws in Atlassian Confluence and Apache ActiveMQ.
Cybersecurity firm Rapid7 said it observed the exploitation of CVE-2023-22518 and CVE-2023-22515 in multiple customer enviro…