Remove Advertising Remove Ransomware Remove Security Intelligence
article thumbnail

Microsoft warns about ongoing PonyFinal ransomware attacks

Security Affairs

Microsoft is warning organizations to deploy protections against a new strain of PonyFinal ransomware that has been in the wild over the past two months. PonyFinal is Java-based ransomware that is manually distributed by threat actors. PonyFinal is Java-based ransomware that is manually distributed by threat actors.

article thumbnail

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

The TA505 group was involved in campaigns aimed at distributing the Dridex banking Trojan, along with Locky , BitPaymer , Philadelphia , GlobeImposter , and Jaff ransomware families. Security experts from cyber-security firm Prevailion reported that TA505 has compromised more than 1,000 organizations. states Microsoft.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Security Affairs

pic.twitter.com/POppQ51uMX — Microsoft Security Intelligence (@MsftSecIntel) September 22, 2020. Emotet malware is also used to deliver other malicious code, such as Trickbot and QBot trojan or ransomware such as Conti (TrickBot) or ProLock (QBot). Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware 145
article thumbnail

Trickbot is the most prolific malware operation using COVID-19 themed lures

Security Affairs

pic.twitter.com/V2JcZg2kjt — Microsoft Security Intelligence (@MsftSecIntel) April 17, 2020. Then the attackers attempt to monetize their efforts by deploying other payloads, like the Ryuk Ransomware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware 144
article thumbnail

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

The infamous banking trojan is also used to deliver other malicious code, such as Trickbot and QBot trojan or ransomware such as Conti (TrickBot) or ProLock (QBot). pic.twitter.com/POppQ51uMX — Microsoft Security Intelligence (@MsftSecIntel) September 22, 2020. Pierluigi Paganini. SecurityAffairs – hacking, CISA).

article thumbnail

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Security Affairs

pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. The TA505 group was involved in campaigns aimed at distributing the Dridex banking Trojan, along with Locky , BitPaymer , Philadelphia , GlobeImposter , and Jaff ransomware families. based electrical company, a U.S.

Malware 106
article thumbnail

Malware authors join forces and target organisations with Domino Backdoor

Malwarebytes

There’s a new ransomware gang in town, stitched together from members of well known threat creators to push a new kind of malware focused on punishing unwary organisations. The malware family, called “Domino”, is the brainchild of FIN7 and ex-Conti ransomware members. This current campaign is, sadly, no different.

Malware 98