7 matches found
PseudoManuscrypt Malware Spreading the Same Way as CryptBot Targets Koreans
Numerous Windows machines located in South Korea have been targeted by a botnet tracked as PseudoManuscrypt since at least May 2021 by employing the same delivery tactics of another malware called CryptBot. "PseudoManuscrypt is disguised as an installer that is similar to a form of CryptBot, and ...
Chinese Hackers Implant PlugX Variant on Compromised MS Exchange Servers
A Chinese cyberespionage group known for targeting Southeast Asia leveraged flaws in the Microsoft Exchange Server that came to light earlier this March to deploy a previously undocumented variant of a remote access trojan RAT on compromised systems. Attributing the intrusions to a threat actor...
It’s Not the Trump Sex Tape, It’s a RAT
As outgoing President Donald Trump continues to dominate headlines, cybercriminals have decided to horn in on the much-gossiped-about — and yet to materialize — Trump sex tape as a lure for malware delivery. A campaign has been uncovered that labels a malware downloader with the filename...
EDR in block mode stops IcedID cold
We are happy to announce the general availability of endpoint detection and response EDR in block mode in Microsoft Defender for Endpoint. EDR in block mode turns EDR detections into real-time blocking of malicious behaviors, malware, and artifacts. It uses Microsoft Defender for Endpoint’s...
Androwarn - Yet Another Static Code Analyzer For Malicious Android Applications
Androwarn is a tool whose main aim is to detect and warn the user about potential malicious behaviours developped by an Android application. The detection is performed with the static analysis of the application's Dalvik bytecode, represented as Smali, with the androguard library. This analysis...
Utilities, Energy Sector Attacked Mainly Via IT, Not ICS
While industrial control systems ICS are the most talked-about when it comes to cyberattacks against energy and utilities firms, most attacks actually take aim at the enterprise IT networks used by these organizations, rather than critical infrastructure itself. The Vectra 2018 Spotlight Report o...
ThreatList: Popular Apps Get Enterprise Blacklisted
Mobile apps on BYOD handhelds tend to keep enterprise security pros worried. Between apps that are malicious, others that leak data and ones with pushy permissions – it’s hard to determine what’s safe and what might violate company rules. On Wednesday, Appthority released its annual list of the...