Delaware, USA – July 8, 2019 – A Magecart group cranks out compromised websites injecting card skimming scripts to steal credit card data and personal info of customers. Last week, Sanguine Security discovered 962 websites with an installed skimmer, and all victims were compromised within 24 hours. For now, it is the largest automated attack […]
Delaware, USA – July 5, 2019 – For some, summer is the sea and the beach, and for TA505 this is the season of active spam campaigns and the use of new malware. In mid-June, countries in the Middle East were flooded by spam with malicious documents and archives spreading the FlawedAmmyy RAT. It is […]
Delaware, USA – July 4, 2019 – The DNS over HTTPS protocol designed to protect DNS queries from being intercepted by adversaries, now helps the newly discovered Godlua malware avoid detection by traffic monitoring solutions. The malware was discovered by Network Security Research Lab of Qihoo 360, who published an analysis of the finding earlier […]
Delaware, USA – July 3, 2019 – Silence APT attacked at least three banks in Bangladesh; Dutch Bangla Bank Limited suffered the most, from which the attackers stole about $3 million. Other banks, Prime Bank and NCC Bank, claim that they detected a cyber attack in time and avoided financial losses, but The Daily Star […]
Delaware, USA – July 2, 2019 – Threat actor developed Ratsnif remote access trojan in 2016 and used it in cyber espionage campaigns for almost three years. Cylance cybersecurity experts analyzed 4 samples of malware, 3 of which were compiled in August-September 2016 and almost immediately began to be used in attacks. The last Ratsnif […]
Delaware, USA – July 1, 2019 – Appeared a few months ago Spelevo exploit kit was seen spreading banking Trojans via a compromised business-to-business contact website. The first mention of this exploit kit appeared in early March, and since then its creators have slightly tuned URL structure and obfuscation to cause less suspicion. Researchers from […]
Delaware, USA – June 27, 2019 – Six more victims of the Cloud Hopper campaign became known. The campaign targeting Managed Service Providers conducted by APT10 was discovered at the end of last year, and now Reuters publishes the results of the investigation, in which Tata Consultancy Services, Dimension Data, Computer Sciences Corporation, NTT Data, […]
Delaware, USA – June 26, 2019 – Spam campaigns spreading LokiBot and NanoСore RAT started in April, and by the end of June, researchers from Netskope discovered 10 samples of malicious attachments used in the campaigns. The ISO Image file format is unusual for this type of attack since attachments have large size (1-2 megabytes). […]
Delaware, USA – June 25, 2019 – Researchers have discovered the first OSX/Linker malware samples exploiting the unpatched vulnerability in Gatekeeper, for which proof-of-concept is publicly available for more than a month. Security researcher Filippo Cavallarin published PoC on his blog after the 90-day deadline had elapsed since notifying Apple of the vulnerability and the […]
Delaware, USA – June 24, 2019 – One of the most notorious APT groups secretly used OilRig (aka APT34 or Crambus) infrastructure to attack the government entity in a Middle Eastern country. This is a rare, but not unique, case in which one of the cyber espionage groups hacks the servers of another group in […]