Delaware, USA – August 19, 2019 – The Texas Department of Information Resources reported a coordinated ransomware attack on Government Agencies. The attack occurred on Friday, August 16, at least 23 agencies were hit by ransomware, most of which are smaller local governments. The list of victims has not yet been disclosed, but the report […]
Delaware, USA – August 16, 2019 – DanaBot banking Trojan continues to attack European countries. Webroot discovered a new campaign that targeted German users. DanaBot appeared about a year and a half ago, and in the first months, all campaigns were aimed only at Australia. In the fall, malware authors entered the world market, several […]
Delaware, USA – August 15, 2019 – The campaign aimed at financial institutions in the Balkans started back in 2016 and continues to this day. Attackers improve the primary tools used and experiment with malware delivery methods. ESET experts linked the use of BalkanDoor and BalkanRAT to a single campaign and published detailed malware analysis […]
Delaware, USA – August 14, 2019 – Active since 2012, cyber espionage group Cloud Atlas has added new malware to its arsenal and expanded its area of ​​activity. Adversaries do not change their Tactics, Techniques, and Procedures since they already allow them to successfully conduct cyber-espionage operations. Since the beginning of the year, the APT […]
Delaware, USA – August 12, 2019 – Researchers found vulnerable kernel-mode drivers developed for the hardware of at least 20 vendors including NVIDIA, AMD, and Realtek. At the DEF CON conference, Eclypsium researchers presented their findings: over forty 64-bit kernel drivers, which are signed by Microsoft and can be used to bypass and disable Windows […]
Delaware, USA – August 9, 2019 – Ursnif is one of the most widespread banking trojans. It appeared about 12 years ago and gained exceptional popularity after its source code was leaked in 2014, and since then various modifications of Ursnif have been used worldwide to steal passwords and banking information. A new ongoing campaign […]
Delaware, USA – August 8, 2019 – This is not the first attempt by LokiBot authors to use the steganography that APT groups periodically use to deliver malware. Previously, attackers added an archived malware to a PNG file, from where it was run using wscript. In a recent campaign discovered by Trend Micro researchers, LokiBot […]
Delaware, USA – August 7, 2019 – The Russian state-sponsored threat actor continues to be interested in IoT Devices and abuses them to infiltrate corporate networks. The Microsoft Security Response Center has published an article revealing details of recent activity of the Fancy Bear group (aka APT28, Sophacy, and Strontium). In April, Microsoft discovered attempts […]
Delaware, USA – August 6, 2019 – MegaCortex ransomware is rapidly evolving reducing the number of manual operations to a minimum. A couple of weeks ago, the first significant step was taken to simplify the infection process when malware authors compiled files the necessary for infection into a single signed executable. The new version of […]
Delaware, USA – August 5, 2019 – The new malware was used in a spear-phishing campaign targeted at US companies in the utility sector. Proofpoint researchers discovered attacks in late June, all the emails were masked as notifications from the ‘US National Council of Examiners for Engineering and Surveying’ and contained failed examination alerts sent […]