Delaware, USA – May 4, 2018 – The early May has marked by two campaigns infected web servers with cryptocurrency-mining malware. Researchers from Alien Vault discovered a new family of malware they dubbed MassMiner, which exploits several known vulnerabilities for distribution and propagation and can even conduct brute-force attacks on Microsoft SQL Servers. The infected […]
Delaware, USA – May 3, 2018 – Attackers from Fancy Bear group (aka APT28) slightly modified the legitimate application LoJack turning it into a multifunctional trojan. LoJack app is used by many companies to track the location of devices should they be stolen. Researchers from Arbor Networks discovered agents that send requests to and receive […]
Delaware, USA – May 2, 2018 – Researchers from TrendMicro discovered new ransomware strain, which is distributed with the legitimate application AnyDesk. AnyDesk is a popular application for remote control between various operating systems that can log sessions and transfer files. Blackheart ransomware drops two executable files to user’s temp folder, one of which is […]
Delaware, USA – April 30, 2018 – Necurs is one of the world’s largest botnets specializing in mass spam campaigns that can send more than 20 million emails a day. Attackers use it to distribute ransomware, banking trojans and cryptocurrency miners. The botnet is constantly evolving, and this month the researchers discovered new infection techniques […]
Delaware, USA – April 27, 2018 – Less than a month after Drupal developers patched critical vulnerability CVE-2018-7600 (Drupalgeddon 2) they released the new update to cope with the new flaw (CVE-2018-7602), which also allows attackers to gain complete control over the attacked website. Attackers weaponized Drupalgeddon 2 only after the publication of PoC, two […]
Delaware, USA – April 26, 2018 – SOC Prime updated the Sigma UI module in Threat Detection Marketplace (TDM) with new features and interface enhancements. Sigma is an interconnecting language between other SIEM languages ​​and now is available online. Video guides will help you quickly get comfortable with all the new features of the module. […]
Delaware, USA – April 25, 2018 – Trickbot banking trojan almost went off the grid in 2017 but this year it is experiencing significant modifications and amplification with new modules. This week, Fortinet researchers analyzed the latest version of malware and found a new module that allows attackers to collect email addresses from victim systems […]
Delaware, USA – April 24, 2018 – Researchers from Symantec discovered a new hacker group that targets organizations tied to the healthcare industry in the United States, Europe and Asia. Orangeworm APT group is active at least since January 2015, attackers use custom backdoor Kwampirs to obtain remote access to infected systems. Malware can avoid […]
Delaware, USA – April 23, 2018 – The Qihoo 360 team discovered an APT campaign organized by unknown threat actor, which leverages a zero-day vulnerability in Internet Explorer to infect users with malware. Details have not been disclosed, but it is known that vulnerability dubbed “Double Kill” is in the IE kernel code. It affects […]
Delaware, USA – April 20, 2018 – This week, researchers from Palo Alto Networks published an investigation into the new multifunctional malware that is currently being used in attacks against organizations worldwide. They dubbed it SquirtDanger by the name of the DLL it uses in attacks. The virus is written in C # and has […]