Loda Trojan Receives New Features

Delaware, USA – February 14, 2020 – The Loda Remote Access Trojan was recently significantly improved by the authors and is actively used in a campaign targeting the Americas. The trojan appeared in 2016, and it is capable of keylogging, stealing system and user information, taking screenshots, starting and killing processes, and installing other malicious […]

MoleRATs Group Added Pierogi Backdoor to Their Toolkit

Delaware, USA – February 13, 2020 – MoleRATs group uses new backdoors in cyberspying campaigns targeting victims, organizations and individuals, mainly from the Palestinian territories. Cybereason Nocturnus team tracked two separate campaigns happening simultaneously but differing in tools, server infrastructure, and nuances in decoy content and intended targets. MoleRATs group is one of the Gaza […]

KBOT Virus Spreads Through Injecting Code into Executables

Delaware, USA – February 12, 2020 – In recent years, classically viruses have become a thing of the past, now fileless malware, abuse of Cloud Services, and steganography are in fashion. The arms race between cybercriminals and cybersecurity vendors is in full play, but relics of the past every once in a while are brought […]

Ragnar Locker Ransomware Disables Services of MSP Products

Delaware, USA – February 11, 2020 – At the end of December last year, another threat to corporate networks appeared – Ragnar Locker, and it seems that its authors are following all fashion trends of the end of the 2019 season. Adversaries operate for only a month and a half and it is not yet […]

Emotet’s New Module Searches for Victims via Wi-Fi Networks

Delaware, USA – February 10, 2020 – Emotet once again confirms the reputation of “threat number one” in cyberspace: the new self-spreading module allows the malware to connect to Wi-Fi networks and infect more systems. Now we have one more reason not to use free Wi-FI in public places. Researchers at Binary Defense have discovered […]

APT40 Targets Malaysian Government Officials

Delaware, USA – February 7, 2020 – A Chinese cyberespionage group conducts targeted spear-phishing campaign to compromise systems of Malaysian government officials and exfiltrate sensitive data. Malaysia’s Computer Emergency Response Team issued a security advisory warning about an increase in number of victims involving the campaign. APT40 (also known as Leviathan and TEMP.Periscope) members send […]

Cisco Patches Critical CDPwn Vulnerabilities

Delaware, USA – February 6, 2020 – Cisco patched five critical vulnerabilities in Cisco Discovery Protocol (CDP) that were collectively named CDPwn, four of them could lead to remote code execution. “CDP is a Cisco proprietary Layer 2 (Data Link Layer) network protocol that is used to discover information about locally attached Cisco equipment. CDP […]

Bouygues Construction Attacked by Maze Ransomware

Delaware, USA – February 5, 2020 – At the end of January, Maze ransomware gang had a very busy week, and as a result of the attacks, several companies suffered cybersecurity incidents. On January 30, Bouygues Construction fell victim to Maze ransomware and the next day issued the confirmation of a cyberattack, promising to reveal […]

TA505 Group Uses HTML Redirectors in Ongoing Phishing Campaign

Delaware, USA – February 4, 2020 – Since mid-January, financially motivated cybercriminals from the TA505 group started using HTML attachments to infect victims with the FlawedGrace trojan. Microsoft reported that in this campaign TA505 first used this tactic. The campaign is still ongoing, and adversaries send phishing emails with HTML redirectors attached. When the victim […]

ShadowPad Backdoor Used in Attacks on Hong Kong Universities

Delaware, USA – February 3, 2020 – Chinese cyberspies did not disregard the protests in Hong Kong and conducted a highly targeted cyber espionage campaign. The adversaries targeted five universities that were infected with a ‘refreshed’ version of ShadowPad malware. In November 2019, ESET detected malware on multiple systems of two Hong Kong universities that […]