Browsing tag
Cobalt cyber criminals gang spreading new malware campaign using Weaponized MS Word Document to attack various financial institutions and also this group using various sophisticated Tools to evade the windows defense. Cobalt hackers have a strong tracking record of a various cyber attack and they are primarily targeting financial organizations using ATM malware also researchers […]
A heavy DDoS Attack hit the Bank of Spain’s Website which is started on last Sunday which leads to disturbing the service temporarily. Bank of Spain is one of the largest and oldest banks in Span Established in Madrid in 1782 and an attack targeting the direct bank website and taken down. DDoS attack main aims to […]
A new Android spyware family named as BusyGasper which is distributed by unknown threat actors that contains unique spy implant with stand-out features such as device sensors listeners, motion detectors. Apart from this, BusyGasper capable of exfiltrating data from messaging applications such as WhatsApp, Viber, Facebook along with keylogging capabilities. It communicating via FTP server to […]
Newly discovered Loki Bot Malware spreading as a .iso extension that targets Corporate network and applications to steal passwords from Browsers, Messaging Applications, Mail & FTP Clients. Recently it was observed by Kaspersky researchers that the malware mainly targeting corporate networks around the world and gain a large amount of sensitive information. Loki Bot Malware […]
CeidPageLock RootKit evolves again with more improved features, this times it has been distributed by the RIG Exploit kit. The latest version contains functionalities such as monitoring user browsing activities, replace websites with fake pages and ability to redirect victims to fake pages. The CeidPageLock is a browser hijacker which manipulates the victim’s browser and […]
A new Email campaign spotted by Trustwave spreading HERMES Ransomware through password protected word document to encrypt the system files and lock the victim’s computer. Hermes Ransomware distributed in wild nowadays with newly updated features and targets various countries. The attachment named “Invoice.doc” contains the password protected macro if the user has security setting is […]
Multiple malware campaigns attempting to install Remcos RAT on victim’s machines to gain access to the system. Attackers delivering the malware through Excel spreadsheets and Word documents. Remcos remote access tool offered for sales by a company called Breaking Security and the license ranges from €58.00 to €389.00 based on the license. The tool contains a […]
A cyber espionage APT group called Lazarus hits the cryptocurrency exchanges using fake installer and macOS malware using variously sophisticated techniques. Lazarus group widely known for cyber attacks against various financial institutions and they have successfully compromised several banks and other financial sectors. In this case attackers targeting various platform and developing malware based on […]
A newly discovered different form of Mirai malware leveraging Open-Source Project called Aboriginal Linux to infect multiple cross-platforms such as routers, IP cameras, connected devices, and even Android devices. Mirai malware has strong records of infecting poorly managing IoT devices and performing DDOS attacks on various platforms. Mirai Malware(Mirai.linux) initially reported in 2016, since than […]
Supply Chain Attacks occurs is an advanced threat that determines the weak link in the supply chain to infiltrate into the organization network. Security researchers from TrendMicro and IssueMakersLab uncovered Operation Red Signature that launches supply chain attacks targeting organizations in South Korea. The Threats actor’s behind Operation Red Signature have compromised the server of […]
Newly spreading Ryuk Ransomware campaign targeting various enterprise network around the globe and encrypting various data in storage, personal computers, and data center. The attacker made over $640,000 from various victims by demanding 15 BTC to 50 BTC in order to retrieve their files and some of the organization from the U.S and other countries are […]
Security researchers from Kaspersky uncovered a malware campaign that is active for almost Five years since from 2013. The malware campaign dubbed Dark Tequila primarily targets Mexican users. Dark Tequila was designed to steal the financial credentials of customers associated with Mexican banking institutions and also the login credentials of the popular websites ranging from […]
A new downloader malware dubbed Marap targeting financial institutions, it was written in C and it has the ability to download additional modules and payloads. Threat actors behind downloader malware delivering the Marap payload through Microsoft Excel Web Query .iqy, PDF documents with the .iqy file, Password-protected ZIP with .iqy file and with Microsoft Word […]
A new campaign using Weaponized Microsoft Publisher File(.pub) to deliver the FlawedAmmyy RAT. The FlawedAmmyy RAT is a backdoor tool that gains remote access to the attacker. Security researchers from Trustwave spotted the Email campaign subjected “Payment Advice” with Microsoft Office Publisher file attached. Once the .pub file is opened it asks the victim’s to […]
Trickbot malware is one of the widely known Banking Trojan emerging again with sophisticated techniques to at target the various financial institutions and large bank to steal the banking credentials. The current version of Trickbot malware is spreading with a powerful code injection technique to evade the detection, anti-analysis technique and disable the security tools that run in […]
DHS and FBI identified North Korean malware KEYMARBLE that related to HIDDEN COBRA to attack U.S government entities to capture screenshots, stealing sensitive data, modifying the system files etc. This sophisticated malware variant used by the North Korean government to perform cyberattack that targets various organization and Governments. It works under one of the most […]
Cybercriminals distributing powerful malware that abuse legitimate remote administration tools such as TeamViewer & RMS to gain the victim’s system control remotely and steal money from the target organization. Attackers continuously targeting the industrial companies in different origins since 2017 and still the malware campaign distributing into various organizations. The main goal of the attack […]
Cyber Criminals selling Parasite HTTP RAT (Remote Access Trojan) on the underground marketplace that distributed via Email to the victims using Weaponized Microsoft office documents. A dubbed Parasite HTTP is a professionally coded modular remote administration tool for windows Which is written by malware authors using “C” programming language. It uses a technique called an extensive […]
Newly discovered APT Cyber Espionage Campaign called “Leafminer” from Iranian Hacker Group targeting the wide range of government organizations to steal the sensitive data such as Email Data, Files & Database servers Credentials. This APT group using various types of attack tactics such as watering hole websites, vulnerability scans of network services on the internet, and […]
Newly discovered malware campaign distributing powerful FELIXROOT Backdoor using Microsoft Office Vulnerabilities to compromise the victim’s windows computers. FELIXROOT backdoor campaign initially discovered in September 2017 that distributed via malicious Ukrainian bank documents with macro that download the backdoor from C&C server. Currently attackers distributing weaponized lure documents that contains exploits for Microsoft office vulnerabilities CVE-2017-0199 and CVE-2017-11882 […]
Cybercriminals using a malicious macro that changes the target of Desktop Shortcuts to download malware and when the user clicks on the altered shortcut file, the malware executes. With this new campaign, attackers used common tools like WinRAR, and Ammyy Admin to gather information instead of their own tools. Security researchers from Trend Micro uncovered […]