Delaware, USA – July 4, 2019 – The DNS over HTTPS protocol designed to protect DNS queries from being intercepted by adversaries, now helps the newly discovered Godlua malware avoid detection by traffic monitoring solutions. The malware was discovered by Network Security Research Lab of Qihoo 360, who published an analysis of the finding earlier […]
Delaware, USA – July 3, 2019 – Silence APT attacked at least three banks in Bangladesh; Dutch Bangla Bank Limited suffered the most, from which the attackers stole about $3 million. Other banks, Prime Bank and NCC Bank, claim that they detected a cyber attack in time and avoided financial losses, but The Daily Star […]
Delaware, USA – July 2, 2019 – Threat actor developed Ratsnif remote access trojan in 2016 and used it in cyber espionage campaigns for almost three years. Cylance cybersecurity experts analyzed 4 samples of malware, 3 of which were compiled in August-September 2016 and almost immediately began to be used in attacks. The last Ratsnif […]
Delaware, USA – July 1, 2019 – Appeared a few months ago Spelevo exploit kit was seen spreading banking Trojans via a compromised business-to-business contact website. The first mention of this exploit kit appeared in early March, and since then its creators have slightly tuned URL structure and obfuscation to cause less suspicion. Researchers from […]
Delaware, USA – June 27, 2019 – Six more victims of the Cloud Hopper campaign became known. The campaign targeting Managed Service Providers conducted by APT10 was discovered at the end of last year, and now Reuters publishes the results of the investigation, in which Tata Consultancy Services, Dimension Data, Computer Sciences Corporation, NTT Data, […]
Delaware, USA – June 26, 2019 – Spam campaigns spreading LokiBot and NanoСore RAT started in April, and by the end of June, researchers from Netskope discovered 10 samples of malicious attachments used in the campaigns. The ISO Image file format is unusual for this type of attack since attachments have large size (1-2 megabytes). […]
Delaware, USA – June 25, 2019 – Researchers have discovered the first OSX/Linker malware samples exploiting the unpatched vulnerability in Gatekeeper, for which proof-of-concept is publicly available for more than a month. Security researcher Filippo Cavallarin published PoC on his blog after the 90-day deadline had elapsed since notifying Apple of the vulnerability and the […]
Delaware, USA – June 24, 2019 – One of the most notorious APT groups secretly used OilRig (aka APT34 or Crambus) infrastructure to attack the government entity in a Middle Eastern country. This is a rare, but not unique, case in which one of the cyber espionage groups hacks the servers of another group in […]
Delaware, USA – June 21, 2019 – Another phishing campaign with the upgraded DanaBot trojan is reported to target Poland and Italy. The new DanaBot strain comes with a Blitzkrieg ransomware module that changes the extension of the encrypted files to .non. Initially, the DanaBot malware was observed during the phishing campaign in Australia back […]
The officials of Riviera Beach, Florida, held a meeting and voted to pay the ransom of 65 bitcoins ($603,000) to regain access to the local services that had been knocked down by the ransomware attack earlier in May 2019. The ransomware attack paralyzed the operations of the Riviera Beach city services including website, billing system, […]