Heimadal Security

DECEMBER 8, 2021

Emotet is a virus infection that is propagated by spam email attachments that contain malicious Word or Excel documents. These documents utilize macros to download and install the Emotet Trojan on a victim’s computer, which is then used to steal email and install further malware.

Malware 117

Malware Cybersecurity 117

Fox IT

NOVEMBER 1, 2023

We provide an overview of payloads dropped by the Blister loader based on 137 unpacked samples from the past one and a half years and take a look at recent activity of Blister. Furthermore, there has been a shift in payload type from Cobalt Strike to Mythic agents, matching with previous reporting.

Computers and Electronics 92

Computers and Electronics Encryption DNS Ransomware 92

Security Affairs

APRIL 30, 2022

Emotet operators are testing new attack techniques in response to Microsoft’s move to disable Visual Basic for Applications (VBA) macros by default. The operators of the infamous Emotet botnet are testing new attack techniques in response to Microsoft’s move to disable Visual Basic for Applications (VBA) macros by default.

Ransomware 80

Ransomware Banking Cybercrime Malware 80

Krebs on Security

APRIL 18, 2022

Conti shames victims who refuse to pay a ransom by posting their internal data on their darkweb blog. The story had been updated multiple times throughout the day, and there were at least five healthcare organizations hit with ransomware within the span of 24 hours. “I I asked the source. It’s more like one a day,” the source confided.

Healthcare 284

Healthcare Ransomware Cybersecurity Malware 284

Security Affairs

MAY 7, 2019

” reads a blog post published by Sophos. At the time of the report is still unclear the attack chain, anyway, researchers found a correlation between the MegaCortex attacks and the presence in the same network of both Emotet and Qbot (aka Qakbot) malware. ” continues the report. . ” continues the report.

Ransomware 77

Ransomware Malware Advertising Cybercrime 77

Security Boulevard

MARCH 24, 2022

3 ] The emails redirected victims to a website delivering fake antivirus updates that eventually downloaded Cobalt Strike beacons, or two custom Go malware variants named GraphSteel and GrimPlant. RUSSO-UKRAINIAN WAR 2022: Cyberattacks Reported At High Frequency. The UA-Cert attributes the activity to UAC-0056. Viasat Inc.,

Ransomware 59

Ransomware Malware Government Antivirus 59

SecureList

AUGUST 15, 2022

The attack starts by driving targets to a legitimate website and tricking them into downloading a compressed RAR file that is booby-trapped with the network penetration testing tools Cobalt Strike and SilentBreak. The attackers were using this to hide a last-stage Trojan in the file system. WinDealer’s man-on-the-side spyware.

Mobile 79

Mobile Ransomware Malware Encryption 79