Security Affairs

SEPTEMBER 7, 2020

Security experts from NVISO Labs recently spotted the activity of a new malware gang, tracked as Epic Manchego, that is actively targeting companies across the world with phishing emails since June. The phishing messages carry weaponized Excel documents that are able to bypass security checks and that had low detection rates.

Cybercrime 93

Cybercrime Phishing Advertising Antivirus 93

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Krebs wrote for The Washington Post between 1995 and 2009 before launching his current blog KrebsOnSecurity.com. Read more: Top IT Asset Management Tools for Security.

Accountability 139

Accountability Cybersecurity Penetration Testing InfoSec 139

The Last Watchdog

FEBRUARY 28, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Cyber threats 113

Cyber threats Computers and Electronics Adware Spyware 113

Security Affairs

DECEMBER 1, 2020

New blog: The threat actor BISMUTH, which has been running increasingly complex targeted attacks, deployed coin miners in campaigns from July to August 2020. Learn how the group tried to stay under the radar using threats perceived to be less alarming: [link] — Microsoft Security Intelligence (@MsftSecIntel) November 30, 2020. .”

Cryptocurrency 92

Cryptocurrency Antivirus Manufacturing Government 92

Security Boulevard

MARCH 31, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, March 2021. conduct employee phishing tests. conduct employee phishing tests. Also, see the blog post - The Ransomware Group Tactics which Maximise their Profitability.

Energy and Utilities 122

Energy and Utilities Ransomware Banking Hacking 122

Security Boulevard

FEBRUARY 7, 2024

But in the wake of the attack, manychief information security officers (CISOs) realized that PDNS was the answer to early detection and resiliency against similar attacks simply because log4j was surprisingly easy to detect at a DNS level. AV-TEST has proprietary mechanisms for understanding and scoring security solution efficacy.

DNS 69

DNS Architecture Marketing Cyber threats 69

Security Affairs

MARCH 14, 2022

The trojan has been disseminated via phishing templates impersonating Tax services in Portugal. Phishing wave. At this moment, the infection chain is able to bypass the antivirus detection, with the latter EXE ( WpfApp14.exe Figure 1 below illustrates the high-level diagram of this new variant and how it operates. Key findings.

Banking 85

Banking Encryption Malware Phishing 85

Centraleyes

MARCH 12, 2024

Here’s a general overview: Standards/Frameworks that Typically Require Internal Audits: ISO/IEC 27001: ISO/IEC 27001 requires organizations to conduct regular internal audits of their Information Security Management System (ISMS).

Risk 52

Risk Cybersecurity Government Firewall 52

CyberSecurity Insiders

NOVEMBER 18, 2021

This blog was written by an independent guest blogger. This can be carried out directly or using a shadow payload or using a phishing attack aimed at compromising the user's system. This can be carried out directly or using a shadow payload or using a phishing attack aimed at compromising the user's system. Conclusion.

Accountability 133

Accountability Passwords Authentication Social Engineering 133

Malwarebytes

AUGUST 3, 2022

This blog post was authored by Ankur Saini and Hossein Jazi. In this blog post, we will analyze Woody Rat’s distribution methods, capabilities as well as communication protocol. We believe that these archive files have been distributed using spear phishing emails. We will dive into all these commands below in the blog.

Malware 112

Malware Encryption Antivirus Architecture 112

Security Affairs

MAY 7, 2020

The malware is disseminated via malspam campaigns – phishing emails distributed for a high range of users and using a template that impersonates an invoice email from the Vodafone group. The reason why two paths were identified on the server is simple: the threat is the same but used in different phishing campaigns.

Banking 109

Banking Malware Phishing Social Engineering 109

Security Affairs

MAY 23, 2019

Classic phishing document view. For the sake of correctness, as Chronicle Security states, Virustotal is not a “ comparative metrics between different antivirus products ”, so this result does not imply anything about the overall antivirus solutions quality. At opening time the document looks like many others.

Antivirus 81

Antivirus Malware Advertising Cyber Attacks 81

Security Boulevard

MARCH 24, 2022

On March 12th, Ukraine's Computer Emergency Response Team (UA-Cert) warned about phishing emails impersonating Ukrainian government entities. [ 3 ] The emails redirected victims to a website delivering fake antivirus updates that eventually downloaded Cobalt Strike beacons, or two custom Go malware variants named GraphSteel and GrimPlant.

Ransomware 59

Ransomware Malware Government Antivirus 59

Security Affairs

MARCH 2, 2019

In February 2019, SI-LAB captured multiple samples of phishing campaigns using an Office Excel document carrying a malicious Excel 4.0 This technology is stored in the Workbook OLE stream in Excel 97-2003 format which makes it very difficult to detect and parse by antivirus (AV) engines.

Malware 84

Malware Antivirus Technology Phishing 84

Malwarebytes

AUGUST 3, 2022

This blog post was authored by Ankur Saini and Hossein Jazi. In this blog post, we will analyze Woody Rat's distribution methods, capabilities as well as communication protocol. We believe that these archive files have been distributed using spear phishing emails. Antivirus installed. OS Build Version.NET information.

Malware 66

Malware Encryption Antivirus Architecture 66

Security Affairs

MAY 29, 2019

Information about initial dropper. The intercepted attack starts with a spear-phishing email embedding a spreadsheet. Analyzing it in depth, we discover it actually is the RMS (Remote Manipulator System) client by TektonIT , encrypted using the MPress PE compressor utility, a legitimate tool, to avoid antivirus detection.

Retail 65

Retail Banking Advertising Encryption 65

SecureList

APRIL 24, 2023

In this blog post, we’re excited to share what we now know of Tomiris with the broader community, and discuss further evidence of a possible connection to Turla. The following table lists all Tomiris malware families we are aware of: Name Type Language Comments Tomiris Downloader Downloader C Mentioned in our original blog post.

Malware 96

Malware DNS Government Software 96

Security Affairs

DECEMBER 29, 2019

Last days of 2019 were the perfect time to spread phishing campaigns using email templates based on the Portuguese Government Finance & Tax. This is a clear signal that most of the antivirus engines don’t detect yet the malware signature. Lampion trojan (P-19-2.dll) As noted, 12 of 71 AV engines classified the file as malware.

Malware 94

Malware Internet Internet Antivirus 94

Security Affairs

MAY 16, 2019

Firstly, we noticed this secondary component was well protected against antivirus detection, in fact, the PE file was signed by Sectigo in the first half of May, one of the major Russian Certification Authority. Technical details, including IoCs and Yara Rules, are available in the analysis published on the Yoroi blog. Conclusion.

Banking 70

Banking Malware Surveillance Retail 70