Banking, Malware and Security Intelligence

Anubis, a new info-stealing malware spreads in the wild

Security Affairs

AUGUST 27, 2020

Microsoft warned of a recently uncovered piece of malware, tracked as Anubis that was designed to steal information from infected systems. This week, Microsoft warned of a recently uncovered piece of malware, tracked as Anubis, that was distributed in the wild to steal information from infected systems. Pierluigi Paganini.

Malware

Malware Advertising Cryptocurrency Cybercrime

French Firms Rocked by Kasbah Hacker?

Krebs on Security

MARCH 2, 2020

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. ‘FATAL’ ERROR.

DNS

DNS Penetration Testing Malware Hacking

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Security Affairs

FEBRUARY 2, 2020

In contrast, past Dudear email campaigns carried the malware as attachment or used malicious URLs. pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. based electrical company, a U.S.

Malware

Malware Security Intelligence Banking Phishing

9 Considerations For Hong Kong Banks To Address The STDB Guidelines

Thales Cloud Protection & Licensing

OCTOBER 4, 2021

9 Considerations For Hong Kong Banks To Address The STDB Guidelines. To address the escalating cyber risks, the Hong Kong Association of Banks (HKAB) developed and published guidelines for Secure Tertiary Data Backup (STDB). Tue, 10/05/2021 - 06:55. Cyber incidents pose a threat to the stability of the global financial system.

Banking

Banking Digital transformation Encryption Backups

Malware authors join forces and target organisations with Domino Backdoor

Malwarebytes

APRIL 18, 2023

There’s a new ransomware gang in town, stitched together from members of well known threat creators to push a new kind of malware focused on punishing unwary organisations. The malware family, called “Domino”, is the brainchild of FIN7 and ex-Conti ransomware members.

Malware

Malware Banking Ransomware Passwords

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. The TA505 group was involved in campaigns aimed at distributing the Dridex banking Trojan, along with Locky , BitPaymer , Philadelphia , GlobeImposter , and Jaff ransomware families. states Microsoft. We strongly recommend patching.

Cybercrime

Cybercrime Security Intelligence Authentication Banking

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. In the middle-August, the malware was employed in fresh COVID19-themed spam campaign. Emotet is a modular malware, its operators could develop new Dynamic Link Libraries to update its capabilities.

Government

Government Banking Malware Advertising

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

The Last Watchdog

MAY 1, 2019

In 2015, penetration tester Oliver Münchow was asked by a Swiss bank to come up with a better way to test and educate bank employees so that passwords never left the network perimeter. He came up with a new approach to testing and training the bank’s employees – and the basis for a new company, LucySecurity.

Social Engineering

Social Engineering Engineering Phishing Banking

European firm DSIRF behind the attacks with Subzero surveillance malware

Security Affairs

JULY 28, 2022

Microsoft linked a private-sector offensive actor (PSOA) to attacks using multiple zero-day exploits for its Subzero malware. Microsoft states that multiple news reports have linked the company to the Subzero malware toolset used to hack a broad range of devices, phones, computers, and network and internet-connected devices.

Surveillance

Surveillance Malware Authentication DNS

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Security Affairs

SEPTEMBER 24, 2020

New Zealand’s Computer Emergency Response Team (CERT) also published a security alert warning of spam campaigns spreading the Emotet threat. jp) email addresses that have been infected with the infamous malware and that can be employed in further spam campaigns. Today was only about a dozen replychain and nothing else.

Malware

Malware Passwords Advertising Cybercrime

HTML Smuggling technique used in phishing and malspam campaigns

Security Affairs

NOVEMBER 12, 2021

— Microsoft Security Intelligence (@MsftSecIntel) July 23, 2021. HTML smuggling is a highly evasive technique for malware delivery that leverages legitimate HTML5 and JavaScript features. More recently, the HTML smuggling technique was used to deliver the banking Trojan Mekotio , as well as AsyncRAT/NJRAT and Trickbot.

Phishing

Phishing Banking Firewall Passwords

Microsoft warns of attacks delivering FlawedAmmyy RAT directly in memory

Security Affairs

JUNE 24, 2019

pic.twitter.com/PQ2g7rvDQm — Microsoft Security Intelligence (@MsftSecIntel) June 21, 2019. — Microsoft Security Intelligence (@MsftSecIntel) June 21, 2019. The final payload is the remote access Trojan FlawedAmmyy,” reads a Tweet published by Microsoft Security Intelligence. Pierluigi Paganini.

Security Intelligence

Security Intelligence Advertising Malware Banking

Microsoft partnered with other security firms to takedown TrickBot botnet

Security Affairs

OCTOBER 12, 2020

The security firms have collected more than 125,000 TrickBot malware samples and mapped the command and control infrastructure. The TrickBot botnet was considered by security experts one of the biggest botnets. Microsoft took action against the Trickbot botnet, disrupting one of the world’s most persistent malware operations.

Banking

Banking Malware Advertising Financial Services

Crooks continues to use COVID-19 lures, Microsoft warns

Security Affairs

MAY 13, 2020

The LokiBot data stealer is able to collect information from tens of different web browsers, access to browsing data, locate the credentials for more than 15 different email and file transfer clients, and check for the presence of popular remote admin tools like SSH, VNC and RDP.

Phishing

Phishing Advertising Banking Security Intelligence

Emotet botnet surges back after months of absence

Security Affairs

JULY 18, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Malware researchers Joseph Roosen confirmed that limited activity associate with the botnet was observed earlier this week, botnet operators were using weaponized documents employing old URLs. TNW and Be safe!

Advertising

Advertising Malware Banking Security Intelligence

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Security Affairs

MARCH 12, 2021

Most targeted sectors have been Government/Military (17% of all exploit attempts), followed by Manufacturing (14%), and then Banking (11%). Microsoft researchers also spotted a ransomware gangs that is exploiting ProxyLogon flaws to spread a piece of malware tracked as DearCry. and also as DearCry.

Cyber Attacks

Cyber Attacks Cybercrime Authentication Hacking

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

Security Affairs

NOVEMBER 11, 2019

“The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), with its state and territory partners, is continuing to respond to the widespread malware campaign known as Emotet while responding to reports that hackers are exploiting the BlueKeep vulnerability to mine cryptocurrency.” ” Noble added.

Small Business

Small Business Malware Cryptocurrency Advertising

2022: The threat landscape is paved with faster and more complex attacks with no signs of stopping

Webroot

JANUARY 7, 2022

Below, our security experts forecast where the main areas of concern lie in the year ahead. Malware made leaps and bounds in 2021. As more learning, shopping and personal banking is conducted online, consumers could face identity and financial theft. In particular, six key threats made our list. Ransomware.

Cybercrime

Cybercrime Phishing Cryptocurrency Ransomware

Staying a Step Ahead of the Hack

Webroot

DECEMBER 11, 2020

Social engineering and business email compromise (BEC) are two related cyberattack vectors that rely on human error to bypass the technology defenses businesses deploy to deter malware. Webroot Security Intelligence Director, Grayson Milbourne, offers several suggestions that companies can do to increase their security posture.

Hacking

Hacking Social Engineering Phishing Security Awareness

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

Social engineering attacks , including phishing, spam, and viruses introduced via clickable links within e-mail affected 80% of the banking institutions in 2016. Consequently, when different sophisticated hacking techniques, types of assaults, and malware are learned, your innocent employees become your cyber security partners.

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

Emotet operators are running Halloween-themed campaigns

Security Affairs

OCTOBER 31, 2020

Crooks behind Emotet malware attempt to take advantage of the Halloween festivity, a new campaign could invite you to a Halloween party. Threat actors are attempting to take advantage of the Halloween festivities, a recent Emotet malware campaign spotted by BleepingComputer employed spam emails that invite recipients to a Halloween party.

Banking

Banking Malware Security Intelligence Advertising

Cyber Security Informer

Anubis, a new info-stealing malware spreads in the wild

French Firms Rocked by Kasbah Hacker?

Trending Sources

Microsoft warns TA505 changed tactic in an ongoing malware campaign

9 Considerations For Hong Kong Banks To Address The STDB Guidelines

Malware authors join forces and target organisations with Domino Backdoor

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

CISA alert warns of Emotet attacks on US govt entities

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

European firm DSIRF behind the attacks with Subzero surveillance malware

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

HTML Smuggling technique used in phishing and malspam campaigns

Microsoft warns of attacks delivering FlawedAmmyy RAT directly in memory

Microsoft partnered with other security firms to takedown TrickBot botnet

Crooks continues to use COVID-19 lures, Microsoft warns

Emotet botnet surges back after months of absence

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

2022: The threat landscape is paved with faster and more complex attacks with no signs of stopping

Staying a Step Ahead of the Hack

Cyber Security Awareness and Risk Management

Emotet operators are running Halloween-themed campaigns

Stay Connected