Lucene search
K

42 matches found

ThreatPost
ThreatPost
added 2021/03/11 4:5 p.m.63 views

FIN8 Resurfaces with Revamped Backdoor Malware

The FIN8 cyberattack group has resurfaced after a period of relative quiet, researchers have found. The gang is using new versions of the BadHatch backdoor to compromise companies in the chemical insurance, retail and technology industries. The attacks have been seen hitting organizations around...

0.3AI score
Exploits0References8
Securelist
Securelist
added 2020/11/11 10:0 a.m.64 views

Targeted ransomware: it’s not just about encrypting your data!

When we talk about ransomware, we need to draw a line between what it used to be and what it currently is. Why? Because nowadays ransomware is not just about encrypting data – its primarily about data exfiltration. After that, its about data encryption and leaving convincing proof that the attack...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/12 7:52 a.m.56 views

Watch Out — Microsoft Warns Android Users About A New Ransomware

Microsoft has warned about a new strain of mobile ransomware that takes advantage of incoming call notifications and Android's Home button to lock the device behind a ransom note. The findings concern a variant of a known Android ransomware family dubbed "MalLocker.B" which has now resurfaced wit...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/08/27 9:59 a.m.93 views

QakBot Banking Trojan Returned With New Sneaky Tricks to Steal Your Money

A notorious banking trojan aimed at stealing bank account credentials and other financial information has now come back with new tricks up its sleeve to target government, military, and manufacturing sectors in the US and Europe, according to new research. In an analysis released by Check Point...

7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/23 3:0 p.m.63 views

What’s Coming in 2020: An RSA Recap

VMWare Carbon Black recently published our Outlook 2020 Threat Report largely fueled by the work of our amazing Threat Analysis Unit. Greg Foss @Heinzarelli and Andrew Costis @0x4143 did some in-depth research on Malware samples seen in 2019. As part of RSA, Greg and I had the chance to present o...

7.3AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/16 3:0 p.m.21 views

2019: Looking Back at Ransomware

In security, 2016 was “The Year of Ransomware.” Since then, ransomware has only gotten more pervasive, costing billions in damages. In that vein, 2019 could have been referred to as “The Year of Ransoming Governments.” More than 70 state and local governments across the U.S. suffered ransomware...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2019/12/20 5:25 p.m.82 views

Greta Thunberg: Emotet's Person of the Year

There’s no doubt that teenage climate-change activist and Time Person of the Year Greta Thunberg inspires people around the world – and it turns out, this includes cybercriminals. More specifically, she’s inspiring as an opportunity: According to the Proofpoint Threat Insight team, a global...

6.9AI score
Exploits0References8
Malwarebytes
Malwarebytes
added 2019/12/19 6:3 p.m.44 views

A decade in cybersecurity fails: the top breaches, threats, and ‘whoopsies’ of the 2010s

This post was co-authored by Wendy Zamora and Chris Boyd. All opinions expressed belong to your mom. Back in the days before climate change stretched frigid winter months directly into the insta-sweat of summer, there was a saying about March: in like a lamb, out like a lion. The same might be sa...

6.9AI score
Exploits0
Talos Blog
Talos Blog
added 2019/05/30 9:47 a.m.218 views

10 years of virtual dynamite: A high-level retrospective of ATM malware

Executive summary It has been 10 years since the discovery of Skimer, first malware specifically designed to attack automated teller machines ATMs. At the time, the learning curve for understanding its functionality was rather steep and analysis required specific knowledge of a manufacturer's ATM...

Exploits0
ThreatPost
ThreatPost
added 2019/02/19 5:23 p.m.80 views

ATM Jackpotting Malware Hones Its Heist Tools

The WinPot ATM jackpotting malware is evolving, as its authors look to solve the obstacles that get in their way. The latest is an effort to help ATM hackers, a.k.a. jackpotters, better target their efforts in order to steal more cash in a lesser amount of time. Thieves infect ATMs through physic...

0.9AI score
Exploits0References8
ThreatPost
ThreatPost
added 2019/02/15 5:15 p.m.151 views

Trickbot Malware Goes After Remote Desktop Credentials

The banking trojan known as Trickbot has resurfaced, with an updated info-stealing module that allows it to harvest remote desktop application credentials. According to Trend Micro’s Noel Anthony Llimos and Carl Maverick Pascual, a new variant has recently come on the scene, and is being spread v...

0.8AI score
Exploits0References7
Securelist
Securelist
added 2018/11/22 10:0 a.m.45 views

The Rotexy mobile Trojan – banker and ransomware

On the back of a surge in Trojan activity, we decided to carry out an in-depth analysis and track the evolution of some other popular malware families besides Asacub. One of the most interesting and active specimens to date was a mobile Trojan from the Rotexy family. In a three-month period from...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2018/10/11 6:11 p.m.686 views

Adaptable, All-in-One Android Trojan Shows the Future of Malware

A new Android trojan, dubbed “GPlayed”, has been identified by researchers who said the malware is both extremely dangerous and could herald a new and very dangerous age for malicious code, according to Cisco Talos researchers. The trojan has all of the capabilities of a banking trojan as well as...

7AI score
Exploits0References1
ThreatPost
ThreatPost
added 2018/08/06 4:57 p.m.10 views

Ramnit Changes Shape with Widespread Black Botnet

The recently uncovered “Black” botnet campaign using the Ramnit malware racked up 100,000 infections in the two months through July– but the offensive could just be a precursor to a much larger attack coming down the pike, according to researchers, thanks to a second-stage malware called Ngioweb...

0.1AI score
Exploits0References3
Securelist
Securelist
added 2018/07/17 10:0 a.m.39 views

The return of Fantomas, or how we deciphered Cryakl

In early February this year, Belgian police seized the C&C servers of the infamous Cryakl cryptor. Soon afterwards, they handed over the private keys to our experts, who used them to update the free RakhniDecryptor tool for recovering files encrypted by the malware. The ransomware, which for year...

0.4AI score
Exploits0
ThreatPost
ThreatPost
added 2018/05/10 10:35 a.m.11 views

Secrets of the Wiper: Inside the World's Most Destructive Malware

Shamoon, Black Energy, Destover, ExPetr/Not Petya and Olympic Destroyer: All of these wiper malwares, and others like them, have a singular purpose of destroying systems and/or data, usually causing great financial and reputational damage to victim companies. However, the threat actors behind thi...

0.3AI score
Exploits0References8
Malwarebytes
Malwarebytes
added 2017/06/29 4:39 p.m.44 views

EternalPetya and the lost Salsa20 key

We have recently been facing a huge outbreak of a new Petya-like malware armed with an infector similar to WannaCry. The research is still in progress, and the full report will be published soon. In this post, we will focus on some new important aspects of the current malware. The low-level attac...

6.5AI score
Exploits0
ThreatPost
ThreatPost
added 2014/11/18 10:33 a.m.13 views

Matsnu Botnet DGA Builds Domains From List of Nouns, Verbs

Domain generation algorithms have been botmasters’ favorite tool for keeping malware up and running—and for frustrating security researchers and detection technologies. Like malware, DGAs evolve, thus complicating an already tricky cat-and-mouse game between criminals and white hats. The latest i...

0.6AI score
Exploits0References3
ThreatPost
ThreatPost
added 2012/08/08 1:58 a.m.8 views

South Korea Leads Nations for PC Infections, According to PandaLabs' Q2 Report

South Korea for the first time topped PandaLabs’ quarterly ranking of countries with the highest number of infected computers. The nation’s PC infection rate stood at 57.3 percent for Q2, followed by China at almost 52 percent and Taiwan at 42 percent. Other heavy hitters were Bolivia, Honduras,...

0.5AI score
Exploits0References2
ThreatPost
ThreatPost
added 2012/05/17 2:46 a.m.63 views

Trojan Mimics Chrome Installer to Steal Banking Information

Malware impersonating a Google Chrome Installer is actually stealing data while stripping software used to protect online banking transactions. The Trojan at present appears to target users in Brazil and Peru. Trend Micro researchers report in a blog post that they have discovered a malicious fil...

0.2AI score
Exploits0References1
Rows per page
Query Builder