Delaware, USA – September 3, 2019 – Astaroth malware authors continue experiments with abusing legitimate tools and services to deploy the trojan and hide their traces after infection. Following the recent disclosure of the infection chain, attackers have significantly altered the delivery mechanism and launched a new campaign. Security researcher Marcel Afrahim discovered the misuse […]
Delaware, USA – September 2, 2019 – New cryptocurrency mining malware has switched from IoT devices to Intel systems running Linux. The security researcher at Akamai discovered that one of the botnets attacking MIPS and ARM-powered devices began to attack X86/I686 systems installing XMRig v2.14.1 cryptocurrency miner. The earliest malware samples were developed at the […]
Delaware, USA – August 30, 2019 – Last weekend, another large-scale ransomware attack targeting US companies took place, and it seems that average ransom payment will once again shoot upwards this quarter. Adversaries compromised PercSoft, a cloud management provider for Digital Dental Record, who provides online data backup service archiving medical records and other information […]
Delaware, USA – August 29, 2019 – Not only MegaCortex ransomware gained new features over this summer preparing to autumn campaigns. During August, Trickbot sequentially received three modules to attack users of US-based mobile carriers: Verizon Wireless, T-Mobile, and Sprint. SecureWorks researchers discovered that new trojan versions harvest PIN code of these operators when a […]
Delaware, USA – August 28, 2019 – New details of Hexane group operations show how proven techniques and tools, as well as some custom malware pieces, allow the threat actor to effectively attack oil and gas companies in the Middle East. The cybersecurity company Dragos Inc was the first to report the group after they […]
Delaware, USA – August 27, 2019 – Emotet botnet like a relic monster of cyberspace has woken up and is preparing to strike a new blow. Earlier this year, the known command-and-control infrastructure of the botnet disappeared from researchers’ radars, presumably for maintenance and modification. As expected, this did not last too long, and on […]
Delaware, USA – August 23, 2019 – DarkHotel group (aka APT-C-06) modified Asruex backdoor, adding the capability of infecting PDFs, Word documents, and executables to spread infection within a targeted organization. The group is known for its stealth attacks, sophisticated techniques, and access to zero-day vulnerabilities, even more interesting is a fresh sample of their […]
Delaware, USA – August 22, 2019 – The fresh version of NanoCore RAT emerged on an underground forum despite the fact that its author is sentenced to 33 months imprisonment. LMNTRIX Labs discovered a relatively new version of the trojan with modifications, which is available to any user of the forum. Nanocore has been used […]
Delaware, USA – August 21, 2019 – In the three years since its inception, the financially motivated Silence group has stolen more than $4 million from banks located in Europe, Asia, Africa, and Latin America. In 2016, the group consisted of supposedly two people and effectively operated exclusively within the CIS. This spring, Silence group […]
Delaware, USA – August 20, 2019 – The new campaign focuses on national grid utilities infrastructure. Unknown attackers sent spam emails from the compromised account of Friary Shoes employee, which successfully bypassed email filters of companies from the utilities sector. Cofense researchers analyzed malicious emails and discovered domain registered on August, 3 to host Adwind […]