News

SOC Prime Team will attend SHIELD 2017

Delaware, USA – November 13, 2017 – SOC Prime team will participate in SHIELD 2017 conference in Istanbul on November, 21: http://shield.innoverabt.com/ This event is conducted by Innovera company, leading IT security and IT continuity consulting shop in the Turkish territory. This year, SHIELD conference will be held for the third time and will gather […]

RDP Brute Force is Used to Spread LockCrypt Ransomware

Delaware, USA – November 10, 2017 – On October, the hacker group which infects corporate servers with LockCrypt Ransomware increased the number of attacks. Researchers from Alien Vault report that for the first time this Ransomware strain was seen in June and linked it with the same group that used Satan Ransomware in previous attacks. Unlike […]

Fancy Bear group abused DDE in recent U.S. campaign

Delaware, USA – November 9, 2017 – Cybercriminals from Fancy Bear, also known as APT28, started using DDE techniques in their phishing campaigns. Researchers from McAfee on Tuesday published a report in which they revealed the details of the recent campaign of this hacker group. The primary activity of this group is cyber espionage. On […]

DDE Exploitation Detector is released

Delaware, USA – November 8, 2017 – A month ago, SensePost published an article about the threat of exploiting the Dynamic Data Exchange feature used in Microsoft Office. The usage of DDE allows attackers to execute PowerShell scripts and download malicious files from external servers. A few days after that, Cisco Researchers detected sophisticated APT […]

New Tools in ChessMaster’s Arsenal

Delaware, USA – November 8, 2017 – ChessMaster is a cyber espionage campaign that has been conducted for several months against organizations, mainly located in Japan. Trend Micro links this campaign with a group of APT 10, also known as Stone Panda. Attackers use a wide range of backdoors and Trojans, and the number of […]

Corebot Trojan Targets Online Banking Customers

Delaware, USA – November 7, 2017 – After a two-year break, attacks using the banking Trojan Corebot are resumed. The campaign against a number of Canadian banks was discovered by researchers from Deep Instinct, who continues to analyze this malware. The attackers changed their tactics and armed the Trojan with tools to avoid detailed analysis […]

Compromised Digital Certificates are Used to Deceive Security Scanners

Delaware, USA – November 6, 2017 – Researchers at the University of Maryland conducted a study on the leveraging of compromised digital certificates for signing malware. They managed to find 111 certificates that are used to bypass antivirus solutions. More than a third of them were issued for front companies that are not related to […]

SEO in the Service of Hackers

Delaware, USA – November 3, 2017 – Adversaries leverage a new technique to infect victims. Researchers from Cisco Talos have discovered a botnet from more than 30 websites used to spread a new version of the Zeus Panda banking Trojan. Hacked sites are quite often used by attackers, for example, as a botnet for cryptocurrency miners […]

ONI Outbrake: Ransomware or a Wiper?

Delaware, USA – November 1, 2017 – Cybereason shared the results of their current investigation, which reports on the next use of the Ransomware as a Wiper. Unknown threat actors performed attacks on medium and large Japanese organizations since December 2016. Using macros in malicious documents, they installed Ammy Admin RAT and got full access […]

New APT Campaign Based on Silence Trojan

Delaware, USA – November 1, 2017 – Researchers from Kaspersky Lab have discovered the new APT attack using Silence Trojan that targets financial institutions in Russia, Armenia and Malaysia. The attack started in July 2017 and continued to this day. Adversaries infiltrate the organizations’ networks through malicious CHM attachments in phishing emails. When victim opened […]