Subparse – Modular Malware Analysis Artifact Collection And Correlation Framework
Subparse, is a modular framework developed by Josh Strochein, Aaron Baker, and Odin Bernstein. The framework is designed to parse...
Ransomware review: September 2022
Malwarebytes Threat Intelligence builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their...
Malvertising on Microsoft Edge’s News Feed pushes tech support scams
While Google Chrome still dominates as the top browser, Microsoft Edge, which is based on the Chromium source code, is gradually gaining...
Winnti APT group docks in Sri Lanka for new campaign
In early August, the Malwarebytes Threat Intelligence team identified a new attack targeting government entities in Sri Lanka. The threat...
Ransomware review: August 2022
Malwarebytes Threat Intelligence builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their...
Large typosquatting campaign delivers tech support scams
In recent years, tech support scammers have become very familiar with the mechanics of malvertising to generate large amounts of...
Scammers capitalize on Black Friday week with massive malvertising campaign
Black Friday is the annual kick off to the shopping season for brick and mortar and online retailers. However, it's...
Ransomware in October 2022
Malwarebytes Threat Intelligence builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their...
Longest running WordPress malware campaign promotes rogue McAfee affiliate
Many websites owners often ask themselves why criminals are putting malware on their WordPress instance. It doesn't always make sense, especially when...
Adult popunder campaign used in mainstream ad fraud scheme
Online advertising is a multi billion dollar industry with projected spending to reach over 600 billion U.S. dollars for 2022. It's not...
Cobalt Stike Beacon Detected – 34[.]221[.]248[.]35:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 155[.]248[.]180[.]127:9998
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]142[.]127[.]241:4000
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]155[.]75[.]235:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
QuestionPro – 22,229,637 breached accounts
HIBP In May 2022, the survey website QuestionPro was the target of an extortion attempt relating to an alleged data...
SitePoint – 1,021,790 breached accounts
HIBP In June 2020, the web development site SitePoint suffered a data breach that exposed over 1M customer records. Impacted...
Twitter – 6,682,453 breached accounts
HIBP In January 2022, a vulnerability in Twitter's platform allowed an attacker to build a database of the email addresses...
Banorte – 2,107,000 breached accounts
HIBP In August 2022, millions of records from Mexican bank "Banorte" were publicly dumped on a popular hacking forum including...
Tuned Global – 985,586 breached accounts
HIBP In January 2021, data from a number of breached services including Tuned Global were released to a public hacking...
Bhinneka – 1,274,340 breached accounts
HIBP In early 2020, the Indonesian consumer electronics website Bhinneka suffered a data breach that exposed almost 1.3M customer records....
TAP Air Portugal – 5,067,990 breached accounts
HIBP In August 2022, the Portuguese airline TAP Air Portugal was the target of a ransomware attack perpetrated by the...
START – 7,455,386 breached accounts
HIBP In August 2022, news broke of an attack against the Russian streaming service "START". The incident led to the...
Wakanim – 6,706,951 breached accounts
HIBP In August 2022, the European streaming service Wakanim suffered a data breach which was subsequently advertised and sold on...
Brand New Tube – 349,627 breached accounts
HIBP In August 2022, the streaming website Brand New Tube suffered a data breach that exposed the personal information of...
