Delaware, USA – August 7, 2019 – The Russian state-sponsored threat actor continues to be interested in IoT Devices and abuses them to infiltrate corporate networks. The Microsoft Security Response Center has published an article revealing details of recent activity of the Fancy Bear group (aka APT28, Sophacy, and Strontium). In April, Microsoft discovered attempts […]
Delaware, USA – August 6, 2019 – MegaCortex ransomware is rapidly evolving reducing the number of manual operations to a minimum. A couple of weeks ago, the first significant step was taken to simplify the infection process when malware authors compiled files the necessary for infection into a single signed executable. The new version of […]
Delaware, USA – August 5, 2019 – The new malware was used in a spear-phishing campaign targeted at US companies in the utility sector. Proofpoint researchers discovered attacks in late June, all the emails were masked as notifications from the ‘US National Council of Examiners for Engineering and Surveying’ and contained failed examination alerts sent […]
Delaware, USA – August 1, 2019 – The Hexane group has been active since the middle of last year, and as tensions in the Middle East increase, the group conducts more and more attacks targeting telecommunications companies and organizations in the oil and gas industry. The group was discovered by cybersecurity company Dragos Inc which […]
Delaware, USA – July 31, 2019 – The new version of notorious TrickBot banking trojan stops Windows Defender and blocks the launch of a number of anti-virus solutions before loading the main component. Сybersecurity expert Vitali Kremez and MalwareHunterTeam analyzed the malware and found new methods to bypass the protection of Windows 10 systems. The […]
Delaware, USA – July 30, 2019 – The fifteen-year-old worm is not just alive but also generates more than 1% of emails with malicious attachments worldwide. Now, of course, it is less of a threat than in 2004, but its capabilities and polymorphic nature leave malware “afloat”. A recent analysis by Brad Duncan, Palo Alto […]
Delaware, USA – July 29, 2019 – Cybercriminals install a new Magento skimmer on compromised websites that downloads malicious JavaScript from the Google-like internationalized domain name. The skimmer was discovered by Sucuri researchers and during the analysis, they also found new evasion capabilities of the script. In this case, the attackers registered google-analytîcs[.]com, in the […]
Delaware, USA – July 26, 2019 – Yet another ransomware attack targeting the urban infrastructure happened in South Africa threatening to cut off electricity to many Johannesburg residents. Systems of utility company City Power were encrypted by unknown threat actors making it impossible for prepaid users to buy electricity. The adversaries chose the perfect moment […]
Delaware, USA – July 25, 2019 – After a nearly two-month lull, there has been significant progress in creating a working exploit for BlueKeep flaw (CVE-2019-0708) due to the publication of a detailed technical analysis of the critical vulnerability and incomplete PoC exploit to attack WinXP systems. We recall that this ‘wormable’ vulnerability allows cybercriminals […]
Delaware, USA – July 24, 2019 – The financially motivated cybergang has returned after a two-year absence with a new backdoor and is actively attacking targets in the hospitality and retail sectors. The FIN8 group, which appeared in early 2016, uses backdoors to gain access to the victims’ network and to install POS-malware on key […]