Information Security, Malware, Ransomware and Security Intelligence

Information Security

Malware

Ransomware

Security Intelligence

STRRAT RAT spreads masquerading as ransomware

Security Affairs

MAY 20, 2021

Microsoft warns of a malware campaign that is spreading a RAT dubbed named STRRAT masquerading as ransomware. Microsoft Security Intelligence researchers uncovered a malware campaign that is spreading a remote access trojan (RAT) tracked as STRRAT. The latest version of the Java-based STRRAT malware (1.5)

Ransomware

Ransomware Malware Encryption Security Intelligence

IT giants warn of ongoing Chromeloader malware campaigns

Security Affairs

SEPTEMBER 20, 2022

VMware and Microsoft are warning of a widespread Chromeloader malware campaign that distributes several malware families. The malware is able to redirect the user’s traffic and hijacking user search queries to popular search engines, including Google, Yahoo, and Bing. SecurityAffairs – hacking, malware).

Malware

Malware Adware Ransomware Security Intelligence

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

Microsoft warns about ongoing PonyFinal ransomware attacks

Security Affairs

MAY 27, 2020

Microsoft is warning organizations to deploy protections against a new strain of PonyFinal ransomware that has been in the wild over the past two months. PonyFinal is Java-based ransomware that is manually distributed by threat actors. PonyFinal is Java-based ransomware that is manually distributed by threat actors.

Ransomware

Ransomware Security Intelligence Encryption Advertising

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Cybercrime gang FIN7 returned and was spotted delivering Clop ransomware

Security Affairs

MAY 20, 2023

Cybercriminal gang FIN7 returned with a new wave of attacks aimed at deploying the Clop ransomware on victims’ networks. The group was spotted deploying the Clop ransomware in opportunistic attacks in April 2023. Then they use OpenSSH and Impacket to move laterally and deploy the Clop ransomware payload.

Cybercrime

Cybercrime Ransomware Security Intelligence Hacking

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Security Affairs

NOVEMBER 11, 2022

Microsoft linked Prestige ransomware attacks against organizations in Ukraine and Poland to Russia-linked threat actors. Microsoft has identified a new ransomware strain "Prestige" in limited targeted attacks in Ukraine and Poland. The campaign shares victimology with recent operations conducted by Russia-linked threat actors.

Ransomware

Ransomware Telecommunications DNS Hacking

Mysterious Prestige ransomware targets organizations in Ukraine and Poland

Security Affairs

OCTOBER 16, 2022

Microsoft warns that new Prestige ransomware is targeting transportation and logistics organizations in Ukraine and Poland. Microsoft reported that new Prestige ransomware is being used in attacks aimed at transportation and logistics organizations in Ukraine and Poland. ” continues the report.

Ransomware

Ransomware Encryption Backups Security Intelligence

Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers

Security Affairs

JANUARY 11, 2022

Another gang, Night Sky ransomware operation, started exploiting the Log4Shell vulnerability in the Log4j library to gain access to VMware Horizon systems. The Night Sky ransomware operation started exploiting the Log4Shell flaw (CVE-2021-44228) in the Log4j library to gain access to VMware Horizon systems.

Ransomware

Ransomware Hacking Internet Internet

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Security Affairs

FEBRUARY 2, 2020

In contrast, past Dudear email campaigns carried the malware as attachment or used malicious URLs. pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. Security experts from cyber-security firm Prevailion reported that TA505 has compromised more than 1,000 organizations.

Malware

Malware Security Intelligence Banking Phishing

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Security Affairs

SEPTEMBER 24, 2020

New Zealand’s Computer Emergency Response Team (CERT) also published a security alert warning of spam campaigns spreading the Emotet threat. jp) email addresses that have been infected with the infamous malware and that can be employed in further spam campaigns. Today was only about a dozen replychain and nothing else.

Malware

Malware Passwords Advertising Cybercrime

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

The TA505 group was involved in campaigns aimed at distributing the Dridex banking Trojan, along with Locky , BitPaymer , Philadelphia , GlobeImposter , and Jaff ransomware families. Security experts from cyber-security firm Prevailion reported that TA505 has compromised more than 1,000 organizations. states Microsoft.

Cybercrime

Cybercrime Security Intelligence Authentication Banking

Emotet operators are running Halloween-themed campaigns

Security Affairs

OCTOBER 31, 2020

Crooks behind Emotet malware attempt to take advantage of the Halloween festivity, a new campaign could invite you to a Halloween party. Threat actors are attempting to take advantage of the Halloween festivities, a recent Emotet malware campaign spotted by BleepingComputer employed spam emails that invite recipients to a Halloween party.

Banking

Banking Malware Security Intelligence Advertising

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

In the middle-August, the malware was employed in fresh COVID19-themed spam campaign. Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents.

Government

Government Banking Advertising Malware

Microsoft partnered with other security firms to takedown TrickBot botnet

Security Affairs

OCTOBER 12, 2020

The security firms have collected more than 125,000 TrickBot malware samples and mapped the command and control infrastructure. The TrickBot botnet was considered by security experts one of the biggest botnets. Microsoft took action against the Trickbot botnet, disrupting one of the world’s most persistent malware operations.

Banking

Banking Malware Advertising Financial Services

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Security Affairs

MARCH 12, 2021

Microsoft researchers also spotted a ransomware gangs that is exploiting ProxyLogon flaws to spread a piece of malware tracked as DearCry. We have detected and are now blocking a new family of ransomware being used after an initial compromise of unpatched on-premises Exchange Servers. and also as DearCry. and also as DearCry.

Cyber Attacks

Cyber Attacks Cybercrime Authentication Hacking

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

Security Affairs

NOVEMBER 11, 2019

“The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), with its state and territory partners, is continuing to respond to the widespread malware campaign known as Emotet while responding to reports that hackers are exploiting the BlueKeep vulnerability to mine cryptocurrency.” ” Noble added.

Small Business

Small Business Malware Cryptocurrency Advertising

Microsoft warns of more disruptive BlueKeep attacks and urges patch installation

Security Affairs

NOVEMBER 8, 2019

BlueKeep is a wormable flaw that can be exploited by malware authors to create malicious code with WannaCry capabilities. ” A new wave of attacks could exploit the vulnerability to spread more dangerous and destructive malware, like ransomware or spyware. . SecurityAffairs – Bluekeep, malware). Pierluigi Paganini.

Penetration Testing

Penetration Testing Malware Advertising Spyware

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

Cyber threat management , being an advanced discipline, craves analytical attention and a commander’s strategic skills of information security executives to confront and overcome the multi-dimensional cyber threats. One example is our phenomenal Ransomware Protection and G Suite security feature.

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

Iran-linked APT groups continue to evolve

Security Affairs

NOVEMBER 17, 2021

Learn more from this blog summarizing these trends, as presented at #CyberWarCon : [link] — Microsoft Security Intelligence (@MsftSecIntel) November 16, 2021. The analysis focuses on six Iranian hacking groups that are increasingly utilizing ransomware to either fundraise or disrupt the computer networks of the targets.

VPN

VPN Social Engineering Accountability Media

Cyber Security Informer

STRRAT RAT spreads masquerading as ransomware

IT giants warn of ongoing Chromeloader malware campaigns

Webinars

Trending Sources

Microsoft warns about ongoing PonyFinal ransomware attacks

Webinars

Cybercrime gang FIN7 returned and was spotted delivering Clop ransomware

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Mysterious Prestige ransomware targets organizations in Ukraine and Poland

Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Emotet operators are running Halloween-themed campaigns

CISA alert warns of Emotet attacks on US govt entities

Microsoft partnered with other security firms to takedown TrickBot botnet

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Australian Govt agency ACSC warns of Emotet and BlueKeep attacks

Microsoft warns of more disruptive BlueKeep attacks and urges patch installation

Cyber Security Awareness and Risk Management

Iran-linked APT groups continue to evolve

Stay Connected