20 matches found
Malware distributor Storm-0324 facilitates ransomware access
The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors. These handoffs frequently lead to ransomware deployment. Beginnin...
Threat Roundup for January 31 to February 7
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 31 and Feb. 7. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...
Threat Roundup for January 24 to January 31
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 24 and Jan. 31. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...
Threat Roundup for November 15 to November 22
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 15 and Nov. 22. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...
Threat Roundup for October 18 to October 25
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 18 and Oct. 25. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...
Threat Roundup for August 30 to September 6
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Aug. 30 and Sept. 6. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...
Threat Roundup for August 23 to August 30
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Aug. 23 and Aug. 30. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...
Threat Roundup for July 19 to July 26
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 19 and July 26. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...
Threat Roundup for July 12 to July 19
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 12 and July 19. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...
Threat Roundup for July 5 to July 12
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 5 and July 12. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...
Threat Roundup for June 14 to June 21
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 14 and June 21. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...
Feds Target $100M ‘GozNym’ Cybercrime Network
Law enforcement agencies in the United States and Europe today unsealed charges against 11 alleged members of the GozNym malware network, an international cybercriminal syndicate suspected of stealing $100 million from more than 41,000 victims with the help of a stealthy banking trojan by the sam...
'GozNym' Banking Malware Gang Dismantled by International Law Enforcement
In a joint effort by several law enforcement agencies from 6 different countries, officials have dismantled a major global organized cybercrime network behind GozNym banking malware. GozNym banking malware is responsible for stealing nearly $100 million from over 41,000 victims across the globe,...
'GozNym' Banking Malware Gang Dismantled by International Law Enforcement
In a joint effort by several law enforcement agencies from 6 different countries, officials have dismantled a major global organized cybercrime network behind GozNym banking malware. GozNym banking malware is responsible for stealing nearly $100 million from over 41,000 victims across the globe,...
Threat Roundup for Feb. 15 to Feb. 22
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 15 and Feb. 22. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...
Threat Roundup for Jan. 25 to Feb. 1
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 25 and Feb. 01. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...
Threat Roundup for October 19 to October 26
Today, Talos is is publishing a glimpse into the most prevalent threats we've observed between Oct. 19 and Oct. 26. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...
Nymaim Dropper Updates Delivery, Obfuscation Methods
A new variant of the Nymaim dropper has been identified that includes updated delivery and obfuscation methods, and the use of PowerShell routines to download its payloads. The updated dropper, used primarily to download banking Trojans in the past, has also been spreading ransomware, according t...
GozNym Trojan Attackers Set Sights on Europe, Poland
The banking malware GozNym has legs; only a few weeks after the hybrid Trojan was discovered, it has reportedly spread into Europe and begun plaguing banking customers in Poland with redirection attacks. The malware has started targeting corporate, SMB, investment banking and consumer accounts at...
Bank Trojans Nymaim, Gozi Merge Create GozNym
Two powerful Trojans, Nymaim and Gozi ISFB, have been combined to create a “double-headed beast” called GozNym. The Trojan has managed to steal $4 million since it was first discovered just two weeks ago, according to IBM X-Force Research. It reports the hybrid Trojan is currently engaged in an...