Remove Banking Remove Cybercrime Remove Security Intelligence
article thumbnail

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

Microsoft has uncovered Zerologon attacks that were allegedly conducted by the infamous TA505 Russia-linked cybercrime group. Microsoft spotted a series of Zerologon attacks allegedly launched by the Russian cybercrime group tracked as TA505 , CHIMBORAZO and Evil Corp. states Microsoft. We strongly recommend patching.

article thumbnail

Anubis, a new info-stealing malware spreads in the wild

Security Affairs

The new malware shares a name with an unrelated family of Android banking malware. — Microsoft Security Intelligence (@MsftSecIntel) August 26, 2020. Anubis has been around since June when it appeared on several cybercrime forums. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware 140
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Security Affairs

Security experts from Microsoft have uncovered an ongoing p hishing campaign launched by the TA505 cybercrime gang (aka Evil Corp ) that is employing attachments featuring HTML redirectors for delivering malicious Excel docs. pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020.

Malware 106
article thumbnail

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Security Affairs

Most targeted sectors have been Government/Military (17% of all exploit attempts), followed by Manufacturing (14%), and then Banking (11%). — Microsoft Security Intelligence (@MsftSecIntel) March 12, 2021. Microsoft protects against this threat known as Ransom:Win32/DoejoCrypt.A, and also as DearCry. Pierluigi Paganini.

article thumbnail

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Security Affairs

pic.twitter.com/POppQ51uMX — Microsoft Security Intelligence (@MsftSecIntel) September 22, 2020. The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Additional malware is downloaded and installed when running these macros. .

Malware 145
article thumbnail

HTML Smuggling technique used in phishing and malspam campaigns

Security Affairs

— Microsoft Security Intelligence (@MsftSecIntel) July 23, 2021. More recently, the HTML smuggling technique was used to deliver the banking Trojan Mekotio , as well as AsyncRAT/NJRAT and Trickbot. HTML smuggling is a highly evasive technique for malware delivery that leverages legitimate HTML5 and JavaScript features.

Phishing 134
article thumbnail

2022: The threat landscape is paved with faster and more complex attacks with no signs of stopping

Webroot

The cybercrime marketplace also continued to get more robust while the barrier to entry for malicious actors continued to drop. This has created a perfect breeding ground for aspiring cybercriminals and organized cybercrime groups that support newcomers with venture capitalist-style funding. “In Consumers also remain at risk.