Lucifer malware infects Windows & launch DDoS attack using NSA exploits

By Waqas Lucifer malware is capable of launching DDoS attacks and... This is a post from HackRead.com Read the original post: Lucifer malware infects Windows & launch DDoS attack using NSA exploits...

InvisiMole Group Resurfaces Touting Fresh Toolset, Gamaredon Partnership

The InvisiMole threat group has resurfaced in a new campaign, revealing a new toolset and a strategic collaboration with the high-profile Gamaredon advanced persistent threat APT group. InvisiMole was first uncovered by ESET in 2018, with cyberespionage activity dating back to 2013 in operations ...

TrickBot takes over as top business threat

Last quarter brought with it a maddening number of political ads, shocking and divisive news stories on climate change and gun laws, and mosquitoes. We hate mosquitoes. In related unpleasant news, it also apparently ushered in an era of banking Trojans that, as of this moment, shows no signs of...

PyRoMine malware disables security & mines Monero using NSA exploits

By Waqas The IT security researchers at Fortinet have discovered a dangerous new This is a post from HackRead.com Read the original post: PyRoMine malware disables security & mines Monero using NSA exploits...

New Monero mining malware infected 500K PCs by using 2 NSA exploits

By Waqas Another day, another Monero mining malware - This one uses two This is a post from HackRead.com Read the original post: New Monero mining malware infected 500K PCs by using 2 NSA exploits...

October 26, 2017 – Morning Cyber Coffee Headlines – “Continental Congress” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! October 26, 2017 - Headlines Carbon Black in the News: Protecting elections fro...

New Petya Distribution Vectors Bubbling to Surface

Join Kaspersky Lab and Comae Technologies Thursday June 29, 2017 at 10 a.m. Eastern time for a webinar “The Inside Story of the Petya/ExPetr Ransomware.” Click here to attend. While Microsoft and others continue to shore up links between yesterday’s global ransomware outbreak and the update...

Rare XP Patches Fix Three Remaining Leaked NSA Exploits

The unusual decision Microsoft made to release patches on Tuesday for unsupported versions of Windows was prompted by three NSA exploits that remained unaddressed from April’s ShadowBrokers leak. The worst of the bunch, an attack called ExplodingCan CVE-2017-7269, targets older versions of...

ShadowBrokers Put Price on Monthly Zero Day Leaks

The threat posed by the first wave of ShadowBrokers leaks of Equation Group hacking tools was relatively benign. Some vendors had to scramble to patch zero days in older versions of products, but for the most part, the leaks and accompanying auction were more of a novelty. That obviously changed...

Threat Round-up for May 19 - May 26

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 19 and May 26. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavior characteristics,...

WannaCry Ransom Note Written by Chinese, English Speaking Authors

The WannaCry ransom note was likely written by Chinese- and English-speaking authors, adding more intrigue to the investigation into whether it was indeed a North Korean APT using stolen NSA exploits to spread ransomware worldwide. Analysts at Flashpoint, including some fluent in Chinese, said th...

Next Payload Could be Much Worse Than WannaCry

No one should be letting their guard down now that the WannaCry ransomware attacks have been relatively contained. Experts intimately involved with analyzing the malware and worldwide attacks urge quite the opposite, warning today that there’s nothing stopping attackers from using the available N...

WannaCry Variants Pick Up Where Original Left Off

The inevitable wave of WannaCry ransomware variants began in earnest over the weekend after bit of sleuthing from a U.K. researcher slowed down the initial global outbreak. At least five new takes on the first attack, all still leveraging the NSA’s EternalBlue exploit and DoublePulsar rootkit, ar...

How to Rapidly Identify Assets at Risk to WannaCry Ransomware and ETERNALBLUE Exploit

In what may be the first public weaponizing of April's Shadow Brokers dump of NSA exploits, a ransomware attack has crippled IT systems globally and disrupted operations at major organizations, including patient services at UK hospitals. About 80,000 infections have been detected in about 100...