Browsing category
A new highly sophisticated campaign that delivers the Orcus RAT embedded in video files and Images. The campaign mainly focuses on information stealing and .NET evasion. The Orcus RAT is capable of steal browser cookies and passwords, launch server stress tests (DDoS attacks), disable the webcam activity light, record microphone input, spoof file extensions, log […]
A new variant of malicious software is used to perform specially targeted attacks According to network security and ethical hacking specialists from the International Institute of Cyber Security, ransomware remains one of the main threats that organizations face, regardless of their size or the branch they belong to. Recently, the outbreak of new malicious software, […]
ESET researchers have discovered new versions of the DanaBot Trojan, updated with a more complicated protocol for C&C communication and slight modifications to architecture and campaign IDs
Discussing the different stages of web malware attack, explaining how the malware makes its entry, how it gets distributed and then the other stages, namely exploit, infection and the execution. Protect yourself from web malware attacks. Also, Reads Malware Attack Using Google Cloud Computing Malware Attack Would Increase in 2018, Says Report
Many researchers believe that this new Trojan could detonate an important wave of cyberattacks Network security and ethical hacking researchers from the International Institute of Cyber Security reported the emergence of a cryptocurrency mining campaign that uses the Linux backdoor SpeakUp. According to reports, this campaign would have already infected more than 70k servers worldwide […]
A new trojan dubbed SpeakUp exploiting six different Linux distributions with know vulnerabilities. The campaign primarily targeting East Asia and Latin America, including AWS, hosted machines. Security researchers from checkpoint detected the campaign that implants the backdoor and evades the detection from all security vendors. The trojan dubbed SpeakUp propagates with the infected subnet and […]
OceanLotus group known for Multiple attack campaigns around the globe, the threat actor group targets private sectors across multiple industries, foreign governments, activists, and dissidents connected to Vietnam. Palo Alto Networks’ Unit 42 division researchers observed a new custom malware family dubbed “KerrDown” used by the threat actor group since 2018. This ongoing campaign primarily […]
TheMoon botnet was first identified in 2014 and it targets exploits on the router developed by companies such as Linksys, ASUS, MikroTik and D-Link. The botnet operators used the proxy botnet for various activities such as brute forc, video advertisement fraud, general traffic obfuscation and more. To expand the botnet the threat actor will continuously […]
Monero mining malware is in full swing now, as eight Australian companies reported that they were compromised with malware. The cybercriminals were able to monetize their Monero mining malware to the tune of $3900 worth of Monero coins. The mining activities have been active since May 2018, and it took the companies to disclose the […]
Cybercriminals are using new sophisticated techniques to spread CSV malware via Google sheets instead of using Microsoft Excel sheet which is often used by malicious hackers. Cyber attackers are day today increasing and the attackers are always one step ahead to launching sophisticated cyber attackers which is very difficult to detect and mitigate. Basically .CSV […]
The underground markets flooded with a number of hacking tools that can be used to perform various malicious activities in the form of Cybercrime as a Service. All these tools and services are offered at various pricing range, there are here are a number of dark web markets available such as Berlusconi Market, Empire Market, […]
The very prolific Palo Alto Networks’ Unit 42 has made a huge discovery again, as they revealed to the public another cryptocurrency mining malware. Known as CookieMiner, it is a new crypto mining virus that specifically developed to target Mac hardware. Using cookies connected with login under MyEtherWallet, an interface service supporting Ethereum. “It sparked […]
Iranian cyber espionage group APT39 focus on stealing on personal information o perform monitoring, tracking, or surveillance operations against specific individuals. The group carrying a widespread campaign focused their operations in the Middle East, the U.S. and South Korea. Following are the industries targeted including telecommunications, travel industries, high-tech industry, and government entities. “We have […]
Formbook campaign with what looks like a few changes. Recently the criminals distributing this malware have been using .exe files inside various forms of an archive, including .iso, .ace, .rar. , zip. Frequently they use various Microsoft Office Equation Editor exploits to contact a remote site & download the payload. Very occasionally I have seen […]
Threat actors misuse the popularity of the TeamViewer Tool and utilizing it to drop the malware on victim devices that steal sensitive data. Teamviewer is the most popular tool used for remote control, desktop sharing, online meetings, web conferencing and file transfer between computers. A Security researcher who goes by name FewAtoms spotted a malicious […]
Hackers have unleashed a global malware campaign using the Google cloud computing platform via weaponized PDF. Security researchers at the Netskope Threat Research Labs have detected this malware attack, which mostly targeted the banking and finance sector. Government firms too have been targeted worldwide. A recent Netskope blog post authored by Ashwin Vamshi states, “Netskope […]
Threat actors using Google computing platform (GCP) to deliver the malware through malicious PDF files. The attack targeting governments and financial firms worldwide. According to Netskope Threat Research Labs detected the targeted based on its 42 customers instances and likely the attacks to be launched by the infamous hacking group Cobalt Strike. Last year Cybercriminals […]
Cyber Criminals now using new Stenography technique to distribute a powerful Obfuscated PDF exploit in order to compromise the targets and evade the detection. Malicious hackers are always finding new techniques to exploit the vulnerabilities and compromising victims machine without more user interaction to increase the success ratio of the attack. Steganography is the technique […]
A 2015-era banking trojan is seen actively spreading in the wild again, this time specifically targeting potential victims from a specific country only. Palo Alto Networks detected massive number of phishing emails containing the Redaman banking trojan targeting emails ending with .ru domain. Formerly known as RTM banking trojan in 2015, the Redaman malware is […]
Fallout is an exploit kit (EK) first identified at the end of August 2018. It was first seen as a part of a malvertising campaign affecting users in Japan, Korea, the Middle East, Southern Europe, and others in the Asia Pacific. Fallout was observed exploiting vulnerabilities CVE-2018-4878 and CVE-2018-8174 and distributing the Gandcrab ransomware to […]
A new phishing email campaign contained a malicious word document with macros downloads and executes Ursnif malware and GandCrab ransomware. Security researchers from Carbon Black observed the campaign in wild and roughly 180 variants detected. The first stage of attack starts in delivering of weaponized MS word document to deliver the initial stages, according to […]