Browsing category
While detecting malicious software hidden in hardware parts is an incredibly complex task, cyber forensics course specialists believe that important steps are being taken to address this attack vector. Recently, threat actors have refined their methods to hide malware within the firmware of hard disks, graphics cards, motherboards and other commonly used components for the […]
Security researchers tracked a new malware loader JasperLoader, which has been active for the last few months and distributed through digitally signed emails. The campaign primarily targets European countries, it employs a multi-stage infection process with a number of obfuscation techniques, which make the analysis process more complicated. “Over the past several months, we’ve seen […]
A new wave of Emotet malware using a special type of evasion technique to fool the security software and hide the POST-infection traffic and evade the detection. Also it initially uses the hacked devices as proxy command and control (C&C) servers and redirects the traffic to the original C&C server that operating by threat actors. […]
Hackers use malicious MSI files that download and execute malicious files that could bypass traditional security solutions. The dropped malware is capable of initiating a system shutdown or targeting financial systems located in certain locations. Security researchers from TrendMicro discovered JScript/VBScript codes in several malicious *.msi files distributed through spam emails. The malicious JS code […]
Threat actors behind the new malware campaign DNSpionage created a new remote administrative tool that supports HTTP and DNS communication with C&C Server that operates by attackers. Based on a recent incident, the DNSpionage campaign which is developed and operates by APT 34 hacking group to perform MITM Attack to steal the authentication details through […]
Malware Analysis: An Introduction Cybercriminals are turning more sophisticated and innovative, new and advanced varieties of malware are coming up and malware detection is turning out to be a real challenge. Malware analysis, which involves analyzing the origin, the functionalities and the potential impact of any malware sample, is of key importance as regards cybersecurity […]
The cybercriminal group behind the infamous DNSpionage malware campaign has been found running a new sophisticated operation that infects selected victims with a new variant of the DNSpionage malware. First uncovered in November last year, the DNSpionage attacks used compromised sites and crafted malicious documents to infect victims’ computers with DNSpionage—a custom remote administrative tool […]
Cybercriminals abusing Google sites via drive-by download attack to host dubbed “LoadPCBanker” banking malware to steal various sensitive data from compromised victims. Threat actors abusing Google sites file cabinets template and use it as a delivery medium and SQL as an exfiltration channel to share the stolen data to the remote server. Google Sites is […]
Researchers spotted a new wave of cyber attack from Russian speaking hacker who uses the weaponized TeamViewer to compromise and gain the full control of the Government network systems. Teamviewer is the most popular tool used for remote Desktop control, desktop sharing, online meetings, web conferencing and file transfer between computers. Based on the entire […]
More than 50 malicious apps with more than 30 Million installations found on Google play, that display annoying ads and in some cases, it convinces the user to install other apps. According to Avast, all the malicious apps are linked together using the third party Android libraries to bypasses background restrictions with the newer versions […]
New Malware attack campaign dubbed “Aggah” targeting various countries via weaponized Word documents and infect the victims by dropping the available RevengeRAT from Pastebin. Researchers from Palo Alto recently observed the largest malware campaign via telemetry and they named as Aggah based on the actor’s alias “hagga”. Threat actors behind this campaign also make use […]
ERMProtect Launches a new extensive list of animated chalkboard videos, digital games, cyber dictionaries, phishing tests and quizzes that allow employees to recognize the tactics followed by hackers. The educational games were launched to show the employees how to work safely online and to minimize the risk of triggering an organizational data breach. “The games […]
A group of hackers named “Lab Dookhtegan” leaked APT 34 Hacking Group owned powerful hacking tools, Malware source code and Web shell URL’s leaked via their Telegram channel which contains nearly 30 members. APT 34, a Well known hacking group believed to be originated from the Ministry of Intelligence of Iran that appears to target […]
Researchers discovered a new malicious campaign called “Sea Turtle,” attack public and private entities in various countries using DNS hijacking as a mechanism. State sponsored threat actors compromise at least 40 different organizations across 13 different countries during this malicious campaign in the first quarter of 2019. Attackers carried out highly persistent tactics and advanced […]
Cyber criminals launching a new malware campaign that make use of legitimate script engine AutoHotkey with a malicious script to evade detection and also gain the remote access to the targeted system. AutoHotkey is an open source Microsoft Windows tool that allows you to create macros, scripts, and automate frequently performed tasks on your computer. Attackers […]
The term Artificial Intelligence for at least the last five years was abused and still being abused by many marketing teams. It is like the magic word that may help the company persuade more buyers of an electronic product or a web service. Yes, there is real artificial intelligence in some products like a console […]
WannaCry hero, Marcus Hutchins, pleads guilty for writing banking malware UPAS Kit and Kronos, prior to years he started his career as malware analyst. He is known for registering the killswitch domain in 2017 which halted the WannaCry ransomware infection process. According to the court documents obtained by ZDNet, he pleaded guilty to two counts, […]
Youtube channels and malware are not the usual words we can use in just one sentence, but that is changing, as a new prolific rootkit-based malware named Scranos is causing havoc in the wild. It is the first known malware that automatically “subscribes” logged-in Google accounts to specific Youtube channels that the command and control […]
New ransomware spotted NamPoHyu Virus or MegaLocker virus targeting the remote samba servers in a unique way. The common way of delivering ransomware is through email attachments or by compromising the victim’s network and ransomware infection are installed on the computer that to be encrypted. According to Bleeping computer analysis, the new variant searches for […]
BitDam launches a free Email Security Penetration Testing tool to determine the organization’s security posture against advanced threats. The Email accounts are the tempting targets for hackers, they find every possible way to infiltrate your email accounts as they are the unique identifiers for your online account logins. According to BitDam “instances of one malicious […]
Threat actors advertised a new version of the information stealer malware kit HawkEye Reborn v9 that exfiltrates various information from the infected systems. Talos observed the ongoing campaigns targeting organization leveraging HawkEye Reborn v9 to exfiltrate sensitive information and login credentials. HawkEye malware kit is active since 2013, it has roboust stealing capabilities, it exfiltrates […]