Browsing tag
Security researchers uncovered a new attack targeting the financial institution such as banks in Kazakhstan, and the attack believed to be initiated by one of the Financially motivated cyber-crime gang “Cobalt”. Cobalt group actively targeting victims in various countries since at least 2016, they particularly focus on the bank’s network to compromise the internal components […]
Security researchers tracked a new malware loader JasperLoader, which has been active for the last few months and distributed through digitally signed emails. The campaign primarily targets European countries, it employs a multi-stage infection process with a number of obfuscation techniques, which make the analysis process more complicated. “Over the past several months, we’ve seen […]
A new wave of Emotet malware campaign distribute the Nozelesn ransomware that targets hospitality industries based endpoint systems via malicious word documents. Telemetry had over 14,000 detections via emotet spam emails that are distributed all over the world between January 9, 2019, and February 7, 2019. These mass infections mainly targeting specific countries including Great […]
A new malspam campaign pushes Emotet banking malware along with Qakbot as the follow-up malware. The Emotet is a banking trojan that has the capabilities to steal personal information such as the username and the passwords. Security researcher Brad Duncan tracked the malspam campaign that pushes Emotet malware and Qakbot as the follow-up malware. Emotet […]
Researchers discovered a new malware that rapidly changing its sophisticated behavior in order to escape from the email security protection and infection the victims. It’s very common that threat actors spreading countless malware via email campaigns, at the same time email security providers are keep fighting with them to block and terminate it. But attackers […]
Cyber Criminals distributing Hermes Ransomware via dangerous malspam that contains Weaponized Password protected Word documents to encrypt the system files and lock the victim’s computer. Hermes Ransomware Attack is wide spreading Ransomware nowadays with newly updated futures under constant development to target various countries. Few Months Before attackers distributed Hermes ransomware through the flash exploit and attacks […]
Locky Ransomware has a piece of a history of going silent and growing back all of a sudden.It is evolving again and spreading via Microsoft Office Word documents. A new wave of locky spreading through Office word documents and well as Libra office documents and the attachment looks like below. Security researchers from Avira detected […]
I’ve seen Twitter traffic today about malspam from the Necurs Botnet pushing Locky ransomware using Word documents as their attachments. These Word documents use the DDE attack technique, something I already wrote about in a previous diary covering Hancitor malspam on 2017-10-16. Here’s a link to My Online Security’s writeup about today’s malspam from the Necurs Botnet. I opened one of […]
[jpshare] MS word Document is on of the main Vector to easily spread the Macro viruses to the Victims. an undisclosed vulnerability has been Discovered in Microsoft Office RTF( Rich Text Format) Document. FireEye Security Researchers Said, This vulnerability allows a malicious actor to execute a Visual Basic script when the user opens a document containing an embedded exploit.This vulnerability found […]
Pernicious spam (malspam) utilizing Microsoft office records with Hancitor-based Visual Basic (VB) macros to send Pony and Vawtrak. Regardless it happens,And A report Said this one from 2016-12-19, where Hancitor/Pony/Vawtrakmalspamwas disguised as a LogMeIn account notification ,And apparently, there’s been a recent lull in Hancitor/Pony/Vawtrakmalspam Once Vawtrak infects a PC, it is capable of logging […]
VBA stands for Visual Basic for Applications and is a programming language developed by Microsoft to help programmers create Windows applications using an easy-to-understand coding syntax. According to a research carried out by Graham Chantry from Sophos, more and more hackers are turning to Visual Basic as a way to deliver their malware using Microsoft […]