5 matches found
Threat Roundup for May 24 to May 31
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 24 and May 31. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...
Ransomware: A declining nuisance or an evolving menace?
Note: Read our latest comprehensive report on ransomware: Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene. The volume of ransomware encounters is on a downward trend. Are we seeing the beginning of the end of this vicious threat? Unfortunately, a look at the...
SVG Javascript Nemucod Downloader
SVG file may contain a malicious JavaScript downloader. A successful implementation might result in the browser running arbitrary code on the infected system...
Nemucod Infections Moving Locky Over Facebook
Update: Facebook has said that some of the Nemucod infections spreading over Facebook Messenger are not dropping Locky ransomware on victims’ computers as was initially reported. A Facebook spokesperson told Threatpost: “We maintain a number of automated systems to help stop harmful links and fil...
Nemucod dot dot..WSF
The latest Nemucod campaign shows the malware distributing a spam email attachment with a .wsf extension, specifically ..wsf with a double dot extension. It is a variation of what has been observed since last year 2015 – the TrojanDownloader:JS/Nemucod malware downloader using JScript. It still...