Delaware, USA – May 7, 2019 – The authors of QBot trojan started to use new obfuscation techniques which significantly complicate the detection of the malware. Researchers at Cisco Talos analyzed the increased activity of malware in April and found a number of innovations that allow malware to maintain persistence and remain hidden from security […]
Delaware, USA – May 6, 2019 – Since the beginning of the month, a new player on the ransomware scene has already conducted several dozen attacks on corporate networks. Sophos researchers continue the investigation and report that organizations in the United States, Italy, Canada, France, Ireland, and the Netherlands have become targets of MegaCortex ransomware […]
Delaware, USA – May 3, 2019 – SOC Prime team will be in Brussels next week where Workshop – EU ATT&CK Community will take place on Thursday-Friday 9-10 May. This is the third workshop of EU ATT&CK Community which is organized by practitioners and for practitioners with an interest in the use of the MITRE […]
Delaware, USA – May 2, 2019 – Ransomware attack on a US-based web hosting provider disabled the company’s Windows servers for eight days. As reported by A2 Hosting, the incident occurred on April 22, the security team detected the file encryption process on Windows hosting servers and shut down all of them to prevent the […]
Delaware, USA – April 30, 2019 – The authors of Emotet improved their trojan by starting to use the new evasion technique and adding a new level of protection for command-and-control infrastructure. Researchers at Trend Micro analyzed the new campaign and discovered that the trojan now does not send data directly to C&C servers, instead […]
Delaware, USA – April 26, 2019 – A zero-day vulnerability in Oracle WebLogic allows attackers to remotely execute arbitrary code and it is already used in the wild. The security flaw was discovered on Sunday by KnownSec 404’s researchers, they notified the developer, but so far there is no official response from Oracle. Judging by […]
Delaware, USA – April 25, 2019 – The researchers intercepted the attack of the TA505 hacker group targeted at a large financial organization and analyzed the techniques and tools of cybercriminals. TA505 has been conducting its operations for about 5 years; previously, the group used large-scale malspam campaigns to distribute RATs, ransomware and banking trojans. […]
Delaware, USA – April 24, 2019 – New details about the operation ShadowHammer affecting tens of thousands of systems around the world have published. Experts of Kaspersky Lab linked the distribution of the trojanized ASUS Live Updater to the supply-chain attack by the infamous Chinese Winnti group, in addition, they found three more victims of […]
Delaware, USA – April 23, 2019 – Security researcher Nick Carr uncovered two archives containing the full source code of Carabank’s backdoor including code of never-before-seen plugins uploaded to VirusTotal. The Carabank group (also known as Anunak, Cobalt Group or FIN7) has been active since at least 2014, they have been attacking financial institutions around […]
Delaware, USA – April 22, 2019 – At the end of March, a large-scale campaign to distribute RevengeRAT using Pastebin, BlogSpot, and Bit.ly was uncovered. Palo Alto Networks’ researchers admit that the campaign is being conducted by the Pakistani threat actor ‘Gorgon Group‘, but so far there is not enough evidence to state this with […]