Month: August 2019

Delaware, USA – August 30, 2019 – Last weekend, another large-scale ransomware attack targeting US companies took place, and it seems that average ransom payment will once again shoot upwards this quarter. Adversaries compromised PercSoft, a cloud management provider for Digital Dental Record, who provides online data backup service archiving medical records and other information […]

Delaware, USA – August 29, 2019 – Not only MegaCortex ransomware gained new features over this summer preparing to autumn campaigns. During August, Trickbot sequentially received three modules to attack users of US-based mobile carriers: Verizon Wireless, T-Mobile, and Sprint. SecureWorks researchers discovered that new trojan versions harvest PIN code of these operators when a […]

Delaware, USA – August 28, 2019 – New details of Hexane group operations show how proven techniques and tools, as well as some custom malware pieces, allow the threat actor to effectively attack oil and gas companies in the Middle East. The cybersecurity company Dragos Inc was the first to report the group after they […]

Delaware, USA – August 27, 2019 – Emotet botnet like a relic monster of cyberspace has woken up and is preparing to strike a new blow. Earlier this year, the known command-and-control infrastructure of the botnet disappeared from researchers’ radars, presumably for maintenance and modification. As expected, this did not last too long, and on […]

Delaware, USA – August 23, 2019 – DarkHotel group (aka APT-C-06) modified Asruex backdoor, adding the capability of infecting PDFs, Word documents, and executables to spread infection within a targeted organization. The group is known for its stealth attacks, sophisticated techniques, and access to zero-day vulnerabilities, even more interesting is a fresh sample of their […]

Delaware, USA – August 22, 2019 – The fresh version of NanoCore RAT emerged on an underground forum despite the fact that its author is sentenced to 33 months imprisonment. LMNTRIX Labs discovered a relatively new version of the trojan with modifications, which is available to any user of the forum. Nanocore has been used […]

Delaware, USA – August 21, 2019 – In the three years since its inception, the financially motivated Silence group has stolen more than $4 million from banks located in Europe, Asia, Africa, and Latin America. In 2016, the group consisted of supposedly two people and effectively operated exclusively within the CIS. This spring, Silence group […]

Delaware, USA – August 20, 2019 – The new campaign focuses on national grid utilities infrastructure. Unknown attackers sent spam emails from the compromised account of Friary Shoes employee, which successfully bypassed email filters of companies from the utilities sector. Cofense researchers analyzed malicious emails and discovered domain registered on August, 3 to host Adwind […]

Delaware, USA – August 19, 2019 – The Texas Department of Information Resources reported a coordinated ransomware attack on Government Agencies. The attack occurred on Friday, August 16, at least 23 agencies were hit by ransomware, most of which are smaller local governments. The list of victims has not yet been disclosed, but the report […]

Delaware, USA – August 16, 2019 – DanaBot banking Trojan continues to attack European countries. Webroot discovered a new campaign that targeted German users. DanaBot appeared about a year and a half ago, and in the first months, all campaigns were aimed only at Australia. In the fall, malware authors entered the world market, several […]