all InfoSec news
V3 Detects and Blocks Magniber Ransomware Injection (Direct Syscall Detection)
Malware Analysis, News and Indicators - Latest topics malware.news
The Magniber ransomware is consistently being distributed at high volumes. It has been distributed through the IE (Internet Explorer) vulnerability for the past few years but stopped exploiting the vulnerability after the support for the browser ended. Recently, the ransomware is distributed with filenames disguised as a Windows security update package (e.g. ERROR.Center.Security.msi) in Edge and Chrome browsers. Magniber at the moment injects the ransomware into a running process, having this process cause damage by encrypting the user’s files.
This …
browser detection distributed exploiting explorer high injection internet internet explorer magniber malware analysis ransomware security security update support syscall update vulnerability windows windows security