News

Qrypter RAT is used in campaigns targeted organizations worldwide

Delaware, USA – March 20, 2018 – Cybersecurity firm Forcepoint shared information about the recent campaigns, in which attackers used cross-platform trojan Qrypter. In February 2018 the researchers discovered three campaigns targeted more than 240 organizations around the world. Trojan Qrypter is known since 2016, it is created by ‘QUA R&D’group, which continually modifies it […]

New Activities of Fancy Bear Group

Delaware, USA – March 2, 2018 – APT28 hacker group, aka Fancy Bear, recently launched a new cyber espionage campaign aimed at Ministries of Foreign Affairs in North America and European countries. Researchers from Palo Alto found that attackers send spear phishing emails spoofing “events@ihsmarkit.com” which contained a malicious Microsoft Excel document. In the email […]

Adversaries Abuse Memcached Protocol to Amplify DDoS Attacks

Delaware, USA – March 1, 2018 – Researchers from Cloudflare reported that in recent massive DDoS attacks adversaries began to abuse memcached protocol. The abuse of widespread memcached servers allows them to amplify initial attack in more than 50,000 times. By sending 15 bytes of request to the vulnerable server to UDP port 11211, the […]

Intel Issued New Updates to Mitigate Spectre Vulnerability

Delaware, USA – February 27, 2018 – Intel released new microcode updates to cope with vulnerability CVE-2017-5715 (Spectre Variant 2) for the Skylake, Kaby Lake and Coffee Lake processors, as well as for some other CPU lines. Updates for the other lines are still under development, for detailed information on the status of updates for […]

APT37 (Reaper) Enters the World Stage

Delaware, USA – February 22, 2018 – Known by numerous cyber espionage campaigns against South Korea, APT37 hacker group is spotted in attacks against organizations in the countries of the Middle East, Vietnam and Japan. Researchers from FireEye published a report linking the activities of this group with the government of North Korea. The researchers […]

SOC Prime Announces Threat Detection Marketplace

Delaware, USA – February 21, 2018 – SOC Prime, Inc. announces Threat Detection Marketplace, the first global cross-platform marketplace developed by security incident responders for fastest threat detection content delivery to CISO’s, SOC Managers and SOC Analysts. Threat Detection Marketplace provides actionable and relevant Use Cases to defend against cyber threats and to facilitate SOC […]

New RaaS Portal Offers Saturn Ransomware for Free

Delaware, USA – February 20, 2018 – Last week, researchers from MalwareHunterTeam discovered a new Saturn Ransomware. Methods of virus spreading are common for Ransomware: spam and malvertising campaigns. The amount of ransom payment for the decryption is about $300 in bitcoins, and the payment site is hidden in the Tor network. A few days […]

New Macro-less Technique for Infecting Users with Malware

Delaware, USA – February 16, 2018 – Attackers have adopted a new macro-less technique that allows them to deliver malware to the victim’s systems without causing suspicion and bypassing email gateways. Researchers at Trustwave discovered a spam campaign in which attackers used emails with attached Microsoft Word documents to initiate a four-stage process of delivering […]

HaoBao APT Campaign of Lazarus Group

Delaware, USA – February 15, 2018 – The infamous North Korean hacker group Lazarus performs a new APT campaign dubbed HaoBao. Analysts from McAfee ATR discovered a never-before-seen sample of malware, the analysis of which allowed them to link the attack with Lazarus group. The HaoBao campaign directed against large banks and cryptocurrency users. Attackers […]

0-day Flaw in Telegram was Used to Spread Malware

Delaware, USA – February 14, 2018 – Researchers from Kaspersky Lab discovered a zero-day vulnerability in the Windows client for Telegram software, which has been used by attackers for almost a year to infect users with malware. In October 2017, researchers spotted a vulnerability that allows attackers to perform a right-to-left override attack. Further investigation […]