Delaware, USA – April 30, 2019 – The authors of Emotet improved their trojan by starting to use the new evasion technique and adding a new level of protection for command-and-control infrastructure. Researchers at Trend Micro analyzed the new campaign and discovered that the trojan now does not send data directly to C&C servers, instead […]
Delaware, USA – April 26, 2019 – A zero-day vulnerability in Oracle WebLogic allows attackers to remotely execute arbitrary code and it is already used in the wild. The security flaw was discovered on Sunday by KnownSec 404’s researchers, they notified the developer, but so far there is no official response from Oracle. Judging by […]
Delaware, USA – April 25, 2019 – The researchers intercepted the attack of the TA505 hacker group targeted at a large financial organization and analyzed the techniques and tools of cybercriminals. TA505 has been conducting its operations for about 5 years; previously, the group used large-scale malspam campaigns to distribute RATs, ransomware and banking trojans. […]
Delaware, USA – April 24, 2019 – New details about the operation ShadowHammer affecting tens of thousands of systems around the world have published. Experts of Kaspersky Lab linked the distribution of the trojanized ASUS Live Updater to the supply-chain attack by the infamous Chinese Winnti group, in addition, they found three more victims of […]
Delaware, USA – April 23, 2019 – Security researcher Nick Carr uncovered two archives containing the full source code of Carabank’s backdoor including code of never-before-seen plugins uploaded to VirusTotal. The Carabank group (also known as Anunak, Cobalt Group or FIN7) has been active since at least 2014, they have been attacking financial institutions around […]
Delaware, USA – April 22, 2019 – At the end of March, a large-scale campaign to distribute RevengeRAT using Pastebin, BlogSpot, and Bit.ly was uncovered. Palo Alto Networks’ researchers admit that the campaign is being conducted by the Pakistani threat actor ‘Gorgon Group‘, but so far there is not enough evidence to state this with […]
Delaware, USA – April 19, 2019 – SOC Prime, Inc. announces Developer program for the global Threat Detection Marketplace. SOC Prime and the TDM platform has, first and foremost, always been focused on enabling the security community through our open-source and free to access tools. We’re doubling down on that commitment by introducing the Developer […]
Delaware, USA – April 18, 2019 – Sea Turtle cyberespionage campaign lasts for more than 2 years targeting military organizations, energy companies, and government entities in North Africa and the Middle East. Several APT groups actively carry out their operations in this region (1, 2, 3), and Cisco Talos published details about the new operation […]
Delaware, USA – April 17, 2019 – ‘MegaLocker Virus’ ransomware first discovered about a month ago now attacks accessible Samba servers. The first file infections happened presumably via FTP and all attacks were aimed solely at NAS devices. The owners of the compromised devices received instructions to contact the cybercriminals via email and pay the […]
Delaware, USA – April 16, 2019 – In these recent times, cybercriminals having developed and tested malware in China are expanding their list of targets to the nearest countries, or even to the whole world. Bitdefender Labs’ experts published the analysis of the Scranos malware, which appeared at the end of last year and is […]