Delaware, USA ā July 31, 2019 ā The new version of notorious TrickBot banking trojan stops Windows Defender and blocks the launch of a number of anti-virus solutions before loading the main component. Š”ybersecurity expert Vitali Kremez and MalwareHunterTeam analyzed the malware and found new methods to bypass the protection of Windows 10 systems. The […]
Delaware, USA ā July 30, 2019 ā The fifteen-year-old worm is not just alive but also generates more than 1% of emails with malicious attachments worldwide. Now, of course, it is less of a threat than in 2004, but its capabilities and polymorphic nature leave malware āafloatā. A recent analysis by Brad Duncan, Palo Alto […]
Delaware, USA ā July 29, 2019 ā Cybercriminals install a new Magento skimmer on compromised websites that downloads malicious JavaScript from the Google-like internationalized domain name. The skimmer was discovered by Sucuri researchers and during the analysis, they also found new evasion capabilities of the script. In this case, the attackers registered google-analytĆ®cs[.]com, in the […]
Delaware, USA ā July 26, 2019 ā Yet another ransomware attack targeting the urban infrastructure happened in South Africa threatening to cut off electricity to many Johannesburg residents. Systems of utility company City Power were encrypted by unknown threat actors making it impossible for prepaid users to buy electricity. The adversaries chose the perfect moment […]
Delaware, USA ā July 25, 2019 ā After a nearly two-month lull, there has been significant progress in creating a working exploit for BlueKeep flaw (CVE-2019-0708) due to the publication of a detailed technical analysis of the critical vulnerability and incomplete PoC exploit to attack WinXP systems. We recall that this āwormableā vulnerability allows cybercriminals […]
Delaware, USA ā July 24, 2019 ā The financially motivated cybergang has returned after a two-year absence with a new backdoor and is actively attacking targets in the hospitality and retail sectors. The FIN8 group, which appeared in early 2016, uses backdoors to gain access to the victims’ network and to install POS-malware on key […]
Delaware, USA ā July 23, 2019 ā Sharpness on the Middle East is reflected in cyberspace: the HelixKitten cyber espionage group (aka APT34, and OilRig) associated with the Iranian government, in the last campaign discovered, began to use new tweaks and tools. FireEye managed to stop the attack and analyze the malware used in it. […]
Delaware, USA ā July 22, 2019 ā The threat actor behind the frequent Megacortex ransomware attacks continues to work on malware increasing its effectiveness in infecting corporate networks. The victims of this ransomware strain are usually also infected with Emotet or Qakbot malware, and it can be assumed that the initial compromise of the organization […]
Delaware, USA ā July 19, 2019 ā The Chinese APT group with a nearly ten-year history of attacks added the Okrum backdoor to its arsenal, which is quite different in functionality from the rest of the groupās tools. ESET researchers track the activity of the Ke3chang group (aka APT15, Vixen Panda, Royal APT, and Playful […]
Delaware, USA ā July 18, 2019 ā A new modular backdoor for desktop Linux systems is developed by the Russian Gamaredon group and is not detectable by antivirus solutions. Intezer Labs researchers discovered the backdoor this month and published the analysis of the capabilities of EvilGnome malware, the modules of which, apparently, are still being […]