Hackers Target Middle East Governments with Evasive "CR4T" Backdoor

Government entities in the Middle East have been targeted as part of a previously undocumented campaign to deliver a new backdoor dubbed CR4T. Russian cybersecurity company Kaspersky said it discovered the activity in February 2024, with evidence suggesting that it may have been active since at...

Linux Malware Deemed ‘Nearly Impossible’ to Detect

A new Linux malware that’s “nearly impossible to detect” can harvest credentials and gives attackers remote access and rootkit functionality by acting in a parasitic way to infect targets, researchers said. Researchers from The BlackBerry Research and Intelligence Team have been tracking the...

Attackers use Morse code, other encryption methods in evasive phishing campaign

Cybercriminals attempt to change tactics as fast as security and protection technologies do. During our year-long investigation of a targeted, invoice-themed XLS.HTML phishing campaign, attackers changed obfuscation and encryption mechanisms every 37 days on average, demonstrating high motivation...

Combing through the fuzz: Using fuzzy hashing and deep learning to counter malware detection evasion techniques

Today’s cybersecurity threats continue to find ways to fly and stay under the radar. Cybercriminals use polymorphic malware because a slight change in the binary code or script could allow the said threats to avoid detection by traditional antivirus software. Threat actors customize their wares...

IcedID Trojan Rebooted with New Evasive Tactics

Threat actors have enhanced a banking trojan that has been widely used during the COVID-19 pandemic with new functionality to help it avoid detection by potential victims and standard security protections. Attackers have implemented several new features — including a password-protected attachment...

Astaroth’s New Evasion Tactics Make It 'Painful to Analyze'

The operators of the Astaroth infostealer have implemented several new tactics aimed at evading detection, which researchers say have made the malware “painful to analyze.” Astaroth first emerged in 2017, but has steadily been used over the years in increasingly sophisticated campaigns aimed at...

Quarterly Report: Incident Response trends in fall 2019

By David Liebenberg and Kendall McKay. While many Cisco Talos Incident Response CTIR engagements have shown similar patterns over the past two quarters, we’re seeing a dangerous trend emerge this winter. Threat actors are increasingly combining the exfiltration of sensitive data along with data...