Antivirus, Information Security, Malware and Phishing

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware

Security Affairs

FEBRUARY 16, 2021

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware. Latin American trojans share the same modus operandi and even modules and blocks of code observed during the analysis of several malware samples. Background of Latin American Trojans.

Antivirus

Antivirus Malware Banking Internet

Phishers prefer Tesla, top 3 malware strains in Coronavirus phishing campaigns

Security Affairs

APRIL 9, 2020

Group-IB’s CERT-GIB analyzed hundreds of coronavirus -related phishing emails and discovered top malware strains in COVID-19 campaigns. Group-IB’s Computer Emergency Response Team ( CERT-GIB ) analyzed hundreds of coronavirus-related phishing emails between February 13 and April 1, 2020. Source: CERT-GIB. Source: CERT-GIB.

Phishing

Phishing Malware Spyware DDOS

Grandoreiro banking malware targets Mexico and Spain

Security Affairs

AUGUST 21, 2022

A new Grandoreiro banking malware campaign is targeting organizations in Mexico and Spain, Zscaler reported. Zscaler ThreatLabz researchers observed a Grandoreiro banking malware campaign targeting organizations in the Spanish-speaking nations of Mexico and Spain. ” reads the post published by Zscaler. Pierluigi Paganini.

Banking

Banking Malware Antivirus Phishing

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

A flaw in Kaspersky Antivirus allowed tracking its users online

Security Affairs

AUGUST 15, 2019

A vulnerability in Kaspersky Antivirus had exposed a unique identifier associated with users to every website they have visited in the past 4 years. A vulnerability in the Kaspersky Antivirus software, tracked as CVE-2019-8286, had exposed a unique identifier associated with its users to every website they have visited in the past 4 years.

Antivirus

Antivirus Advertising Software Internet

TrickGate, a packer used by malware to evade detection since 2016

Security Affairs

JANUARY 31, 2023

TrickGate is a shellcode-based packer offered as a service to malware authors to avoid detection, CheckPoint researchers reported. TrickGate is a shellcode-based packer offered as a service, which is used at least since July 2016, to hide malware from defense programs. ” continues the report. ” concludes the report.

Malware

Malware Antivirus Manufacturing Healthcare

Researchers uncovered a new Malware Builder dubbed APOMacroSploit

Security Affairs

FEBRUARY 22, 2021

Researchers spotted a new Office malware builder, tracked as APOMacroSploit, that was employed in a campaign targeting more than 80 customers worldwide. Researchers from security firm Check Point uncovered a new Office malware builder called APOMacroSploit, which was employed in attacks that targeted more than 80 customers worldwide.

Malware

Malware Antivirus Phishing Cryptocurrency

Grandoreiro Banking Trojan is back and targets banks worldwide

Security Affairs

MAY 19, 2024

The banking Trojan is likely operated as a Malware-as-a-Service (MaaS). The recent campaign demonstrates that operators are expanding the malware’s deployment globally, starting with South Africa. It also prevented infections on Windows 7 machines in the US without antivirus. ” concludes the report. .

Banking

Banking Malware Antivirus Accountability

BRATA Android Malware evolves and targets the UK, Spain, and Italy

Security Affairs

JUNE 20, 2022

The developers behind the BRATA Android malware have implemented additional features to avoid detection. The operators behind the BRATA Android malware have implemented more features to make their attacks stealthy. “TAs are modifying their code in order to tailor their malware on specific banking institutions.

Malware

Malware Banking Antivirus Phishing

A Google Drive weakness could allow attackers to serve malware

Security Affairs

AUGUST 23, 2020

enabling bad actors to perform spear-phishing attacks comparatively with a high success rate. An attacker could exploit the weakness to carry out spear-phishing campaigns using messages that include links to malicious files hosted on Google Drive. ” reads the post published by THN. Pierluigi Paganini.

Malware

Malware Phishing Advertising Antivirus

The Most Common Types of Malware in 2021

CyberSecurity Insiders

JANUARY 31, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Malware

Malware Computers and Electronics Adware Spyware

U.S. taxpayers hit by a phishing campaign delivering the Amadey bot

Security Affairs

SEPTEMBER 20, 2019

Cofense researchers spotted a phishing campaign that is targeting taxpayers in the United States to infect them with the Amadey malware. Security experts at Cofense uncovered a phishing campaign that is targeting taxpayers in the United States attempting to infect them with a new piece of malware named Amadey.

Phishing

Phishing Social Engineering Malware Advertising

GO#WEBBFUSCATOR campaign hides malware in NASA’s James Webb Space Telescope image

Security Affairs

AUGUST 31, 2022

A malware campaign tracked as GO#WEBBFUSCATOR used an image taken from NASA’s James Webb Space Telescope (JWST) as a lure. Securonix Threat researchers uncovered a persistent Golang-based malware campaign tracked as GO#WEBBFUSCATOR that leveraged the deep field image taken from the James Webb telescope. Pierluigi Paganini.

Malware

Malware DNS Antivirus Encryption

Updated MATA attacks industrial companies in Eastern Europe

SecureList

OCTOBER 18, 2023

In early September 2022, we discovered several new malware samples belonging to the MATA cluster. The actors behind the attack used spear-phishing mails to target several victims, some were infected with Windows executable malware by downloading files through an internet browser.

Malware

Malware Phishing Internet Internet

Info stealers and how to protect against them

Security Affairs

DECEMBER 18, 2023

Info stealers, the type of malware with its purpose in the name, can cripple businesses and everyday users alike. Info stealers, also known as information stealers, are a type of malicious software (malware) designed to covertly collect sensitive and personal information from a victim’s computer or network.

Banking

Banking Cybercrime Malware Accountability

Wannacry, the hybrid malware that brought the world to its knees

Security Affairs

OCTOBER 31, 2022

The infection chain was divided into four stages : The malware was installed through a dropper, a program executed by opening an attachment to a deceptive e-mail, probably a fake pdf or doc file, or executed directly from the Internet, without user interaction, exploiting the exploit described in the point 4. The infection chain.

Malware

Malware Computers and Electronics Encryption Ransomware

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Security Affairs

FEBRUARY 14, 2020

The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) released reports on North Korea-linked HIDDEN COBRA malware. The FBI, the US Cyber Command, and the Department of Homeland Security have published technical details of a new North-Korea linked hacking operation.

Malware

Malware Passwords Advertising Antivirus

Akira ransomware received $42M in ransom payments from over 250 victims

Security Affairs

APRIL 21, 2024

A joint advisory published by CISA, the FBI, Europol, and the Netherlands’ National Cyber Security Centre (NCSC-NL) revealed that since early 2023, Akira ransomware operators received $42 million in ransom payments from more than 250 victims worldwide. The attackers mostly used Cisco vulnerabilities CVE-2020-3259 and CVE-2023-20269.

Ransomware

Ransomware Encryption Antivirus VPN

5 Common Phishing Attacks and How to Avoid Them?

Security Affairs

AUGUST 19, 2019

Phishing is one of the oldest methods of cyberattacks. People fell prey for these manipulative emails and provide confidential details like passwords and bank information in their negligence. This information is then used for unauthorized and illegal activities, which could have a devastating impact on individuals and organizations.

Phishing

Phishing Accountability Authentication Passwords

SharkBot, the new generation banking Trojan distributed via Play Store

Security Affairs

MARCH 7, 2022

SharkBot banking malware was able to evade Google Play Store security checks masqueraded as an antivirus app. The malware was spotted at the end of October by researchers from cyber security firms Cleafy and ThreatFabric, the name comes after one of the domains used for its command and control servers.

Banking

Banking Antivirus Mobile Malware

Bitdefender released a free decryptor for the MortalKombat Ransomware family

Security Affairs

FEBRUARY 28, 2023

Antivirus company Bitdefender has released a free decryptor for the recently discovered ransomware family MortalKombat. Good news for the victims of the recently discovered MortalKombat ransomware , the antivirus firm Bitdefender has released a free decryptor that will allow them to recover their file without paying the ransom.

Ransomware

Ransomware Antivirus Backups Malware

DEV-0569 group uses Google Ads to distribute Royal Ransomware

Security Affairs

NOVEMBER 19, 2022

Researchers from the Microsoft Security Threat Intelligence team warned that a threat actor, tracked as DEV-0569, is using Google Ads to distribute various payloads, including the recently discovered Royal ransomware. The downloader, tracked as BATLOADER , shares similarities with another malware called ZLoader. anydeskos[.]com

Ransomware

Ransomware Malware Antivirus Phishing

How to Avoid Phishing Attacks

Spinone

JANUARY 9, 2019

In this article we will discuss how to avoid phishing attacks in G Suite and provide phishing prevention best practices on how companies can enhance G Suite security awareness and protection against phishing scams. What is phishing and what risks are presented by phishing scams? What are Phishing Scams?

Phishing

Phishing Scams Firewall Antivirus

Woody RAT: A new feature-rich malware spotted in the wild

Malwarebytes

AUGUST 3, 2022

We believe that these archive files have been distributed using spear phishing emails. The used lure is in Russian is called “ Information security memo ” which provide security practices for passwords, confidential information, etc. The malware communicates with its C2 using HTTP requests.

Malware

Malware Encryption Antivirus Architecture

Threat actors target crypto and NFT communities with Babadeda crypter

Security Affairs

NOVEMBER 26, 2021

Morphisec researchers spread cryptocurrency malware dubbed Babadeda in attacks aimed at crypto and NFT communities. Morphisec researchers spotted a new crypto-malware strain, tracked as Babadeda, targeting cryptocurrency, non-fungible token (NFT), and DeFi passionates through Discord channels. ” concludes the report.

Cryptocurrency

Cryptocurrency Malware Antivirus Phishing

China-linked APT uses a new backdoor in attacks at Russian defense contractor

Security Affairs

APRIL 30, 2021

The state-sponsored hackers sent spear-phishing messages to a general director working at the Rubin Design Bureau , in Saint Petersburg, which is one of three main Russian centers of submarine design. The spear-phishing messages used a malicious Rich Text File (RTF) document that included descriptions of an autonomous underwater vehicle. .”

Phishing

Phishing Malware Antivirus Encryption

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

North Korea-linked threat actors posed as Samsung recruiters in a spear-phishing campaign aimed at employees at South Korean security firms. According to the Google Threat Horizons report, the state-sponsored hackers sent fake job offers to employees at the security companies. . ” reads the Google Threat Horizons report.

Malware

Malware Phishing Antivirus Hacking

Security Affairs newsletter Round 381

Security Affairs

AUGUST 28, 2022

Twilio hackers also breached the food delivery firm DoorDash Unprecedented cyber attack hit State Infrastructure of Montenegro Threat actor abuses Genshin Impact Anti-Cheat driver to disable antivirus Critical flaw impacts Atlassian Bitbucket Server and Data Center Iran-linked Mercury APT exploited Log4Shell in SysAid Apps for initial access GoldDragon (..)

DDOS

DDOS Data breaches Malware Antivirus

FBI and Australia ACSC agencies warn of ongoing Avaddon ransomware attacks

Security Affairs

MAY 11, 2021

“The Australian Cyber Security Centre (ACSC) is aware an ongoing ransomware campaign utilising the Avaddon Ransomware malware. The ACSC also provided the following recommendations: Patch operating systems and applications, and keep antivirus signatures up to date. ” reads the alert published by ACSC.

Ransomware

Ransomware Backups Antivirus DDOS

Tomiris called, they want their Turla malware back

SecureList

APRIL 24, 2023

It is worth noting that while we identified a few targets in other locations, all of them appear to be foreign diplomatic entities of the colored countries: Tomiris’s polyglot toolset Tomiris uses a wide variety of malware implants developed at a rapid pace and in all programming languages imaginable.

Malware

Malware DNS Government Software

CISA and FBI warn of potential data wiping attacks spillover

Security Affairs

MARCH 1, 2022

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) published a joint cybersecurity advisory to warn US organizations of data wiping attacks targeting Ukraine that could hit targets worldwide. Enable strong spam filters to prevent phishing emails from reaching end users.

Antivirus

Antivirus Architecture Malware Cybersecurity

Ransomware realities in 2023: one employee mistake can cost a company millions

Security Affairs

OCTOBER 17, 2023

With 85% of campaigns targeting victims with phishing emails containing malicious links, another form of a social engineering attack, education and cyber vigiliance remain a high priority. Why should employers educate employees about cyber security? This method was identified as vishing – a voice-based phishing attack.

Social Engineering

Social Engineering Ransomware Engineering Phishing

Microsoft’s case study: Emotet took down an entire network in just 8 days

Security Affairs

APRIL 4, 2020

The attack described by Microsoft begun with a phishing message that was opened by an internal employee, the malware infected its systems and made lateral movements infected other systems in the same network. The virus halted core services by saturating the CPU usage on Windows devices. ” reads the Microsoft DART announcement.

Antivirus

Antivirus Malware Phishing Advertising

NCSC warns of a surge in ransomware attacks on education institutions

Security Affairs

SEPTEMBER 20, 2020

. “They are also urged to read the NCSC’s newly-updated guidance on mitigating malware and ransomware attacks , and to develop an incident response plan which they regularly test.” The agency recommends to implement an effective vulnerability management and patch management process, and of course to secure RDP services.

Education

Education Ransomware Antivirus Backups

Threat Report Portugal: Q3 2020

Security Affairs

NOVEMBER 6, 2020

Threat Report Portugal Q3 2020: Data related to Phishing and malware attacks based on the Portuguese Abuse Open Feed 0xSI_f33d. The campaigns were classified as either phishing or malware. Phishing and Malware Q3 2020. A new piece of malware was also tracked and analyzed during Q3 – trojan URSA/mispadu.

Threat Reports

Threat Reports Phishing Malware Banking

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Last Watchdog

FEBRUARY 28, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Cyber threats

Cyber threats Computers and Electronics Adware Spyware

Woody RAT: A new feature-rich malware spotted in the wild

Malwarebytes

AUGUST 3, 2022

We believe that these archive files have been distributed using spear phishing emails. The used lure is in Russian is called " Information security memo " which provide security practices for passwords, confidential information, etc. The malware communicates with its C2 using HTTP requests. Archive files.

Malware

Malware Encryption Antivirus Architecture

QNodeService Trojan spreads via fake COVID-19 tax relief

Security Affairs

MAY 16, 2020

Experts spotted a new malware dubbed QNodeService that was involved in Coronavirus-themed phishing campaign, crooks promise victims COVID-19 tax relief. Researchers uncovered a new malware dubbed QNodeService that was employed in a Coronavirus-themed phishing campaign. malware file (either “qnodejs-win32-ia32.js”

Malware

Malware Phishing Advertising Antivirus

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The Last Watchdog

JANUARY 28, 2019

Why we’re in the ‘Golden Age’ of cyber espionageThe fact is cyber criminals are expert at refining and carrying out phishing, malvertising and other tried-and-true ruses that gain them access to a targeted victim’s Internet-connected computing device. Apps from other sources can carry malware or spyware.

Passwords

Passwords Password Management Antivirus Internet

The U.S. CISA and FBI warn of Royal ransomware operation

Security Affairs

MARCH 3, 2023

“After gaining access to victims’ networks, Royal actors disable antivirus software and exfiltrate large amounts of data before ultimately deploying the ransomware and encrypting the systems.” The malware changes the extension of the encrypted files to ‘.royal’. ” reads the alert. ” continues the alert.

Ransomware

Ransomware Healthcare Antivirus Encryption

Report: Threat of Emotet and Ryuk

Security Affairs

JANUARY 31, 2020

Emotet , the most widespread malware worldwide and Ryuk , a ransomware type, are growing threats and real concerns for businesses and internet users in 2020. This study also concludes that a total of 377 Portuguese domains to spread different types of malware in the same period. SecurityAffairs – malware, hacking).

Malware

Malware Retail Advertising Antivirus

Foreign hackers breached Russian federal agencies, said FSB

Security Affairs

MAY 22, 2021

A joint report published by Rostelecom-Solar and the FSB National Coordination Center for Computer Incidents (NKTsKI) revealed that foreign hackers have stolen information from Russian federal agencies. The threat actors employed two previosuly undetected piece of malware dubbed Mail-O and Webdav-O.

Computers and Electronics

Computers and Electronics Malware Antivirus Government

Experts link the Black Basta ransomware operation to FIN7 cybercrime gang

Security Affairs

NOVEMBER 3, 2022

It focused on deploying POS malware and launching targeted spear-phishing attacks against organizations worldwide. The DisableAntiSpyware parameter allows disabling the Windows Defender Antivirus in order to deploy another security solution.

Cybercrime

Cybercrime Ransomware Antivirus Malware

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

“As a result, AvosLocker indicators of compromise (IOCs) vary between indicators specific to AvosLocker malware and indicators specific to the individual affiliate responsible for the intrusion.” Install and regularly update antivirus software on all hosts, and enable real time detection. ransomware and phishing scams).

Ransomware

Ransomware DDOS Passwords Backups

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

In the middle-August, the malware was employed in fresh COVID19-themed spam campaign. Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents.

Government

Government Banking Advertising Malware

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware

Phishers prefer Tesla, top 3 malware strains in Coronavirus phishing campaigns

Webinars

Trending Sources

Grandoreiro banking malware targets Mexico and Spain

Webinars

A flaw in Kaspersky Antivirus allowed tracking its users online

TrickGate, a packer used by malware to evade detection since 2016

Researchers uncovered a new Malware Builder dubbed APOMacroSploit

Grandoreiro Banking Trojan is back and targets banks worldwide

BRATA Android Malware evolves and targets the UK, Spain, and Italy

A Google Drive weakness could allow attackers to serve malware

The Most Common Types of Malware in 2021

U.S. taxpayers hit by a phishing campaign delivering the Amadey bot

GO#WEBBFUSCATOR campaign hides malware in NASA’s James Webb Space Telescope image

Updated MATA attacks industrial companies in Eastern Europe

Info stealers and how to protect against them

Wannacry, the hybrid malware that brought the world to its knees

US Govt agencies detail North Korea-linked HIDDEN COBRA malware

Akira ransomware received $42M in ransom payments from over 250 victims

5 Common Phishing Attacks and How to Avoid Them?

SharkBot, the new generation banking Trojan distributed via Play Store

Bitdefender released a free decryptor for the MortalKombat Ransomware family

DEV-0569 group uses Google Ads to distribute Royal Ransomware

How to Avoid Phishing Attacks

Woody RAT: A new feature-rich malware spotted in the wild

Threat actors target crypto and NFT communities with Babadeda crypter

China-linked APT uses a new backdoor in attacks at Russian defense contractor

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs newsletter Round 381

FBI and Australia ACSC agencies warn of ongoing Avaddon ransomware attacks

Tomiris called, they want their Turla malware back

CISA and FBI warn of potential data wiping attacks spillover

Ransomware realities in 2023: one employee mistake can cost a company millions

Microsoft’s case study: Emotet took down an entire network in just 8 days

NCSC warns of a surge in ransomware attacks on education institutions

Threat Report Portugal: Q3 2020

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

Woody RAT: A new feature-rich malware spotted in the wild

QNodeService Trojan spreads via fake COVID-19 tax relief

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The U.S. CISA and FBI warn of Royal ransomware operation

Report: Threat of Emotet and Ryuk

Foreign hackers breached Russian federal agencies, said FSB

Experts link the Black Basta ransomware operation to FIN7 cybercrime gang

Avoslocker ransomware gang targets US critical infrastructure

CISA alert warns of Emotet attacks on US govt entities

Stay Connected