Security Affairs

MARCH 2, 2019

In February 2019, SI-LAB captured multiple samples of phishing campaigns using an Office Excel document carrying a malicious Excel 4.0 This technology is stored in the Workbook OLE stream in Excel 97-2003 format which makes it very difficult to detect and parse by antivirus (AV) engines. Technical Analysis.

Malware 84

Malware Antivirus Technology Phishing 84

Security Affairs

DECEMBER 29, 2019

New trojan called ‘Lampion’ has spread using template emails from the Portuguese Government Finance & Tax during the last days of 2019. Last days of 2019 were the perfect time to spread phishing campaigns using email templates based on the Portuguese Government Finance & Tax. The file “ FacturaNovembro-4492154-2019-10_8.vbs

Malware 95

Malware Internet Internet Antivirus 95

Malwarebytes

DECEMBER 2, 2021

This blog post was authored by Hossein Jazi and the Threat Intelligence Team. In this blog post we are providing additional details about SideCopy that have not been published before. The group mainly uses archived files to target victims in spam or spear phishing campaigns. Newly observed lures. Conclusion.

Government 131

Government Banking Phishing Antivirus 131

Malwarebytes

JULY 30, 2021

LemonDuck has evolved from a Monero cryptominer into LemonCat, a Trojan that specializes in backdoor installation, credential and data theft, and malware delivery, according to the Microsoft 365 Defender Threat Intelligence Team, which explained their findings in a two-part story [ 1 ][ 2 ] on the Microsoft Security blog.

Malware 87

Malware Penetration Testing Passwords Antivirus 87

Pentester Academy

FEBRUARY 23, 2023

The damages for 2018 were predicted to reach $8 billion; for 2019, the figure was $11.5 Lab Link: [link] The user is going to get access to a Kali GUI instance and Windows Server 2019. Notably, this technique was observed in a spear-phishing campaign from the threat actor NOBELIUM in May. billion, and in 2021 it was $20 billion.

Ransomware 52

Ransomware Encryption Cryptocurrency Banking 52

Security Boulevard

APRIL 28, 2021

This renders the attacks undetectable and able to bypass conventional security solutions such as EDR, antivirus and other traditional security lines of defense. In later rounds, the Trojan spread through spear-phishing emails with malicious Excel or Word files. Stay tuned to our blog for our next installment in this series. .

Energy and Utilities 72

Energy and Utilities Malware DDOS Internet 72

Security Affairs

MAY 7, 2020

One of the last occurrences was last December 2019, where the Lampion trojan operated in a very similar way, changing only the way the malware was distributed (via AWS S3 buckets and with the first stage encoded in a highly obfuscated VBS file). One of the files was a DLL that exported functions to capture home banking credentials.

Banking 110

Banking Malware Phishing Social Engineering 110

Malwarebytes

SEPTEMBER 21, 2021

Many of them auto-populate the login fields when you attempt to access an online account, so you know you are on the correct site and not an imitation site that’s phishing you. In our Malwarebytes 2019 Privacy Survey we found that younger generations of Internet users are actually quite privacy-conscious. Use strong passwords.

Internet 104

Internet Internet Passwords Password Management 104

eSecurity Planet

DECEMBER 3, 2021

lazydocker : A simple terminal UI for both docker and docker-compose : [link] pic.twitter.com/HsK17rzg8m — Binni Shah (@binitamshah) July 1, 2019. Krebs wrote for The Washington Post between 1995 and 2009 before launching his current blog KrebsOnSecurity.com. — Jason Haddix (@Jhaddix) July 27, 2019.

Accountability 139

Accountability Cybersecurity Penetration Testing InfoSec 139

Security Affairs

SEPTEMBER 7, 2020

Security experts from NVISO Labs recently spotted the activity of a new malware gang, tracked as Epic Manchego, that is actively targeting companies across the world with phishing emails since June. The phishing messages carry weaponized Excel documents that are able to bypass security checks and that had low detection rates.

Cybercrime 95

Cybercrime Phishing Advertising Antivirus 95

Krebs on Security

OCTOBER 21, 2019

Antivirus and security giant Avast and virtual private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions that — while otherwise unrelated — shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with little more than a password.

Accountability 132

Accountability VPN Software Antivirus 132

SecureList

APRIL 24, 2023

In this blog post, we’re excited to share what we now know of Tomiris with the broader community, and discuss further evidence of a possible connection to Turla. The following table lists all Tomiris malware families we are aware of: Name Type Language Comments Tomiris Downloader Downloader C Mentioned in our original blog post.

Malware 96

Malware DNS Government Software 96

Spinone

DECEMBER 16, 2019

RobinHood was the ransomware behind the Baltimore attack in May 2019. Sodinokibi (or REvil) ransomware infects computers by exploiting a vulnerability in Oracle WebLogic and using phishing emails. This ransomware is the suspect behind the Texas ransomware attack in August 2019, where more than 20 local governments were infected.

Ransomware 52

Ransomware Cybersecurity Backups Social Engineering 52

Spinone

OCTOBER 4, 2019

Usually, the links are contained in phishing emails (we have shown you an example). The Most Dangerous Ransomware in 2019 Even though the year is not over yet, several notable ransomware attacks had already happened. Let’s take a closer look at the most dangerous ransomware in 2019. billion in 2019. million dollars.

Ransomware 53

Ransomware Backups Encryption Government 53

Security Affairs

NOVEMBER 6, 2020

Threat Report Portugal Q3 2020: Data related to Phishing and malware attacks based on the Portuguese Abuse Open Feed 0xSI_f33d. The campaigns were classified as either phishing or malware. Phishing and Malware Q3 2020. From Figure 2, January presented a total of 15 phishing campaigns, 29 in February and 46 during March.

Threat Reports 83

Threat Reports Phishing Malware Banking 83

The Last Watchdog

FEBRUARY 28, 2021

Cybercriminals often leverage social engineering tactics like phishing and spear-phishing to propagate sophisticated malware. Computer viruses often utilize deception techniques and keep evolving to evade antivirus software. And it all started with a single employee falling prey to a phishing email. Computer worms.

Cyber threats 113

Cyber threats Computers and Electronics Adware Spyware 113

Spinone

FEBRUARY 11, 2020

Sodinokibi Ransomware Analysis Sodinokibi, also referred to as Sodin or REvil, is a ransomware strain that appeared in April of 2019 and became the 4th most distributed ransomware in the world since then. Sodinokibi often successfully bypasses antivirus software. PerCSoft attack , August 2019.

Ransomware 52

Ransomware Backups Encryption Social Engineering 52

The Last Watchdog

FEBRUARY 15, 2019

Meanwhile, after presumably enjoying a restful holiday, the best and brightest malicious hackers are diving into 2019 with renewed verve. There is not much that an end user can currently do to protect themselves against this type of attack, except to not run any software from a shady source, even if it does not raise any antivirus flag.”

Cybercrime 124

Cybercrime IoT Internet Internet 124