Maze ransomware gang announces retirement

Malwarebytes Labs-- The threat actors behind Maze ransomware have announced their retirement. On November 1, they posted the retirement announcement on the website where they would normally name and shame their victims that were unwilling to pay the ransom. image courtesy of Graham Cluley “The Project is closed.Maze Team Project is announcing it is officially … Continue reading Maze ransomware gang announces retirement

Hospital ransomware: Gangs are back to target healthcare

Malwarebytes Labs-- Healthcare is not in a good place right now. With some countries and states deciding to go back in to lockdown due to the continued rise of reported COVID-19 infections—and several garnering record-high numbers compared to when almost every country initially went into lockdown—it seems horrible timing that hospital ransomware is back in … Continue reading Hospital ransomware: Gangs are back to target healthcare

A week in security (October 26 – November 1)

Malwarebytes Labs-- We had a very busy week at Malwarebytes Labs. We offered advice on Google’s patch for an actively exploited zero-day bug that affects Chrome users, our podcast talked about finding consumer value in Cybersecurity Awareness Month with Jamie Court, we provided guidance about keeping ransomware cash away from your business, pointed out how … Continue reading A week in security (October 26 – November 1)

Vastaamo psychotherapy data breach sees the most vulnerable victims extorted

Malwarebytes Labs-- “Hell is too nice a place for these people.” Never have we seen outrage about a cybercrime at such a level. The outrage is aimed at cybercriminals behind the data breach that occurred at Finnish psychotherapy practice Vastaamo. Vastaamo, which has treated some 40,000 patients, is a subcontractor to several major public-sector hospital … Continue reading Vastaamo psychotherapy data breach sees the most vulnerable victims extorted

California’s Prop 24 splits data privacy supporters

Malwarebytes Labs-- California’s data privacy house is divided. On the Golden State’s November ballot this year is the question as to whether to amend California’s barely-two-year-old data privacy law, the California Consumer Privacy Act. Far from the first attempt to change the fledgling law, Proposition 24 sets itself apart because its primary backer is the … Continue reading California’s Prop 24 splits data privacy supporters

New Emotet delivery method spotted during downward detection trend

Malwarebytes Labs-- Emotet, one of cybersecurity’s most-feared malware threats, got a superficial facelift this week, hiding itself within a fake Microsoft Office request that asks users to update Microsoft Word so that they can take advantage of new features. This revamped presentation could point to internal efforts by threat actors to increase Emotet’s hit rate—a … Continue reading New Emotet delivery method spotted during downward detection trend

Fake COVID-19 survey hides ransomware in Canadian university attack

Malwarebytes Labs-- This post was authored by Jérôme Segura with contributions from Hossein Jazi, Hasherezade and Marcelo Rivero. In recent weeks, we’ve observed a number of phishing attacks against universities worldwide which we attributed to the Silent Librarian APT group. On October 19, we identified a new phishing document targeting staff at the University of … Continue reading Fake COVID-19 survey hides ransomware in Canadian university attack

Scammers are spoofing bank phone numbers to rob victims

Malwarebytes Labs-- It can be a very convincing trick… “You can check the number in your display online sir. You’ll see I’m really calling from your bank.” That is, of course, if you are unaware that phone numbers can be spoofed. Then again, they wouldn’t be successful scammers if they weren’t convincing. If you suggest … Continue reading Scammers are spoofing bank phone numbers to rob victims

Keeping ransomware cash away from your business

Malwarebytes Labs-- A ransomware gang has made headlines for donating a big chunk of stolen funds to two charities. Two separate donations given to Children International and The Water Project rang tills to the tune of $10,000 each. Their reason was that they’re targeting “only large profitable corporations, we think it’s fair that some of … Continue reading Keeping ransomware cash away from your business