Lucene search
K

374 matches found

ThreatPost
ThreatPost
added 2017/06/15 2:28 p.m.43 views

Nigerian BEC Scams Hit 500 Companies in 50 Countries

Nigerian cybercriminals targeting industrial firms have stolen a slew of sensitive technical drawings, network diagrams, cost estimates, and project plans already this year. The data, exfiltrated by a cocktail of different spyware programs, wasn’t stolen from just executives, but also operators,...

9.3CVSS0.5AI score0.97327EPSS
Exploits1References6
Securelist
Securelist
added 2017/06/15 9:0 a.m.163 views

Nigerian phishing: Industrial companies under attack

In late 2016, the Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team Kaspersky Lab ICS CERT reported on phishing attacks that were primarily targeting industrial companies from the metallurgy, electric power, construction, engineering and other sectors. As further research...

9.3CVSS9.7AI score0.97327EPSS
Exploits1
ThreatPost
ThreatPost
added 2017/04/24 2:53 p.m.13 views

Locky Ransomware Roars Back to Life Via Necurs Botnet

Cybercriminals behind the Locky ransomware and Necurs botnet are back in business. Last Friday researchers spotted both delivering nearly 35,000 emails in just a few hours, the first major Locky campaign researchers have seen in months, according to Cisco Talos. Researchers warn the latest Locky...

0.4AI score
Exploits0References3
Microsoft Malware Protection
Microsoft Malware Protection
added 2017/04/20 1:2 p.m.77 views

Combating a spate of Java malware with machine learning in real-time

In recent weeks, we have seen a surge in emails carrying fresh malicious Java .jar malware that use new techniques to evade antivirus protection. But with our research team’s automated expert systems and machine learning models, Windows 10 PCs get real-time protection against these latest threats...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2017/03/30 2:29 p.m.10 views

Github Repository Owners Targeted by Data-Stealing Malware

Phishing emails zeroing in on developers who own Github repositories were infecting victims with malware capable of stealing data through keyloggers and modules that would snag screenshots. Researchers at Palo Alto Networks this week said that in mid-January, an unknown number of developers were...

7.2AI score
Exploits0References1
ThreatPost
ThreatPost
added 2016/11/30 7:0 a.m.50 views

New Cerber Variant Leverages Tor2Web Proxies, Google Redirects

Criminals behind the latest Cerber ransomware variant are leveraging Google redirects and Tor2Web proxies in a new and novel way to evade detection. Researchers with Cisco Talos spotted the shifting tactic last week when it began tracking the latest Cerber 5.0.1 ransomware variant. The technique...

10CVSS1.9AI score0.22487EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2016/10/31 3:57 p.m.21 views

Nymaim Dropper Updates Delivery, Obfuscation Methods

A new variant of the Nymaim dropper has been identified that includes updated delivery and obfuscation methods, and the use of PowerShell routines to download its payloads. The updated dropper, used primarily to download banking Trojans in the past, has also been spreading ransomware, according t...

0.1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2016/09/26 2:22 p.m.8 views

Hancitor Downloader Abusing APIs, PowerShell Commands

Developers behind the malicious downloader Hancitor have bolstered the malware again, this time with new delivery approaches that make it more difficult to detect. The downloader is still spread through malicious attachments, and distributing malware designed to steal data, such as Pony and...

7.1AI score
Exploits0References4
FireEye
FireEye
added 2016/05/22 3:0 a.m.18 views

Targeted Attacks against Banks in the Middle East

UPDATE Dec. 8, 2017: We now attribute this campaign to APT34, a suspected Iranian cyber espionage threat group that we believe has been active since at least 2014. Learn more about APT34 and their late 2017 targeting of a government organization in the Middle East. Introduction In the first week ...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2016/05/13 1:24 p.m.43 views

Cerber Ransomware On The Rise, Fueled By Dridex Botnet

Starting in April security experts at FireEye spotted a massive uptick in Cerber ransomware attacks delivered via a rolling wave of spam. Researchers there link the Cerber outbreaks to the fact that attackers are now leveraging the same spam infrastructure credited for making the potent Dridex...

10CVSS0.8AI score0.22487EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2015/06/05 7:21 a.m.11 views

Phishers Going the Long Way Round to Avoid Filtering Systems

Any human with an email address likely has gotten thousands of spam messages that look like delivery notifications, invoices, or other alleged communications from shipping companies such as UPS or DHL. They typically contain malicious attachments with exploits for a browser or plug-in...

6.9AI score
Exploits0References2
ThreatPost
ThreatPost
added 2015/01/07 12:15 p.m.16 views

Dridex Banking Trojan Spreading Via Office Macros

The left-for-dead Office macro has apparently made a comeback with cybercriminals who have found them to be a good hiding place for banking malware. Recently, Microsoft reported a spike in the use of macros in hacking campaigns, peaking in mid-December. This has been corroborated by researchers a...

7.4AI score
Exploits0References3
ThreatPost
ThreatPost
added 2015/01/05 2:46 p.m.12 views

Microsoft Reports Massive Increase in Macros Enabled Threats

The Microsoft Malware Protection Center says there has been a dramatic increase in threats using macros to spread malware via spam and social engineering over the last month. Macros are used for automating frequently used tasks in Office. Macro-related infections were constant and near zero daily...

0.5AI score
Exploits0References4
CISA
CISA
added 2014/10/16 12:0 a.m.17 views

Ebola Phishing Scams and Malware Campaigns

US-CERT reminds users to protect against email scams and cyber campaigns using the Ebola virus disease EVD as a theme. Phishing emails may contain links that direct users to websites which collect personal information such as login credentials, or contain malicious attachments that can infect a...

6.6AI score
Exploits0References2
ThreatPost
ThreatPost
added 2014/07/14 4:4 p.m.15 views

Five Year Old Phishing Campaign Unveiled

UPDATE: A previous version of this story reported that Cyphort found 300,000 stolen credentials on a Gmail server. This figure was incorrectly reported by the firm and has been corrected to the adjusted number, 2,500 stolen credentials, in this story. Details have been disclosed on a five-year-ol...

7.4AI score
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Microsoft Internet Explorer 6.0 File Attachment Script Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5450/info An error has been reported in Microsoft Internet Explorer 6, which may allow malicious file attachments to execute arbitrary code in the context of the local system. HTM files are associated with Internet...

7.1AI score
Exploits0
Cisco Threats
Cisco Threats
added 2014/05/29 1:49 p.m.24 views

Threat Outbreak Alert: Email Messages with Malicious Attachments on May 28, 2014

Medium Alert ID: 34407 First Published: 2014 May 29 13:49 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that contain a malicious attachment for the recipient. The text in the email message attempts to convince the recipient to open the...

0.2AI score
Exploits0
Cisco Threats
Cisco Threats
added 2014/05/29 1:23 p.m.11 views

Threat Outbreak Alert: Email Messages with Malicious Attachments on May 29, 2014

Medium Alert ID: 34406 First Published: 2014 May 29 13:23 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain an attachment for the recipient. The email message attempts to convince the recipient to open the attachment and...

0.5AI score
Exploits0
Cisco Threats
Cisco Threats
added 2014/05/29 1:15 p.m.13 views

Threat Outbreak Alert: Email Messages with Malicious Attachments on May 29, 2014

Medium Alert ID: 34408 First Published: 2014 May 29 13:15 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages with a blank message body and an attachment for the recipient. The .zip attachment contains a malicious .exe file that, when executed,...

0.4AI score
Exploits0
Cisco Threats
Cisco Threats
added 2014/05/29 1:13 p.m.14 views

Threat Outbreak Alert: Fake Payment Details Email Messages on May 28, 2014

Medium Alert ID: 34404 First Published: 2014 May 29 13:13 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain payment details for the recipient. The email message attempts to convince the recipient to open the attachment and...

0.5AI score
Exploits0
Rows per page
Query Builder