Lucene search
K

366 matches found

ThreatPost
ThreatPost
added 2018/10/24 4:32 p.m.559 views

sLoad Banking Trojan Downloader Displays Sophisticated Recon and Targeting

A new PowerShell downloader dubbed sLoad is making the rounds, sporting impressive reconnaissance tactics and a penchant for geofencing, which indicate increasing sophistication when it comes to targeting efforts. First spotted in May 2018, sLoad typically delivers the Ramnit banking trojan but h...

0.3AI score
Exploits0References1
ThreatPost
ThreatPost
added 2018/08/23 8:26 p.m.10 views

AdvisorsBot Downloader Emerges in Raft of Malware Campaigns

A new downloader was disclosed today, sporting significant anti-analysis features and increasingly sophisticated distribution techniques. Researchers at Proofpoint have been tracking the downloader as a first-stage payload in campaigns since May 2018. Dubbed AdvisorsBot due to early...

0.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2018/07/26 9:37 p.m.13 views

Highly Sophisticated Parasite RAT Emerges on the Dark Web

Researchers are tracking a remote access trojan RAT on underground markets that, so far, has only been attributed to one small malicious email campaign. However, the RAT, dubbed Parasite HTTP by the Proofpoint researchers that discovered it, has an impressive list of sophisticated features –...

8.4AI score
Exploits0References1
ThreatPost
ThreatPost
added 2018/07/24 9:30 p.m.130 views

Kronos Banking Trojan Surfaces After Years of Silence

The Kronos banking trojan is back from the malware dustbin. After years of lying dormant, hackers have reworked the underlying code and are actively targeting victims in Germany, Japan and Poland. The latest variant has incorporated a new command-and-control feature designed to work with the Tor...

9.3CVSS8.4AI score0.99945EPSS
Exploits33References4
ThreatPost
ThreatPost
added 2018/07/20 8:57 p.m.19 views

Massive Malspam Campaign Finds a New Vector for FlawedAmmyy RAT

A widespread spam campaign from the well-known financial criminal group TA505 is spreading the FlawedAmmyy RAT using a brand-new vector: Weaponized PDFs containing malicious SettingContent-ms files. The SettingContent-ms file format was introduced in Windows 10; it allows a user to create...

0.1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2018/05/25 2:19 p.m.15 views

Attackers Cashing In On Cryptocurrency With Increased Scams

As the popularity around cryptocurrency has continued to boom in 2018, it has also tempting target for cash-hungry scammers to launch “cryptocurrency giveaway scams.” Researchers at Proofpoint this week said they’ve observed a sharp rise in these scams, which target users of Ethereum and Bitcoin...

1.1AI score
Exploits0References2
ThreatPost
ThreatPost
added 2018/05/21 9:44 p.m.12 views

Malicious PHP Script Infects 2,400 Websites in the Past Week

A botnet dubbed Brain Food is giving webmasters indigestion with related attacks that push bogus diet pills and IQ-boosting pills via web pages hosted on legitimate sites. So far, spammers have been successful, thanks to an effective Hypertext Preprocessor PHP script also called Brain Food that h...

7.7AI score
Exploits0References2
HackRead
HackRead
added 2018/05/12 6:58 p.m.109 views

Vega Stealer malware steals passwords & card data from Chrome & Firefox

By Waqas The IT security researchers at Proofpoint have discovered a new This is a post from HackRead.com Read the original post: Vega Stealer malware steals passwords & card data from Chrome & Firefox...

2.7AI score
Exploits0
ThreatPost
ThreatPost
added 2018/05/11 7:44 p.m.9 views

Vega Stealer Malware Takes Aim at Chrome, Firefox

A malware dubbed Vega Stealer has been uncovered, looking to make off with saved credentials and credit-card information in the Chrome and Firefox browsers. While it’s a simple payload for now, researchers said it has the ability to evolve into something more concerning in the future. Proofpoint,...

2.1AI score
Exploits0References5
The Hacker News
The Hacker News
added 2018/05/08 5:28 p.m.76 views

Hackers Found Using A New Way to Bypass Microsoft Office 365 Safe Links

Security researchers revealed a way around that some hacking groups have been found using in the wild to bypass a security feature of Microsoft Office 365, which is originally designed to protect users from malware and phishing attacks. Dubbed Safe Links, the feature has been included in Office 3...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2018/03/14 6:37 p.m.23 views

New Web-Based Malware Distribution Channel ‘BlackTDS’ Surfaces

A new traffic distribution system for malware is being offered as a service on the Dark Web and is promoting itself as an affordable way to deploy exploit kits and malware. The traffic distribution system TDS is being called BlackTDS by the Proofpoint researchers that found it. Traffic distributi...

7.2AI score
Exploits0References2
ThreatPost
ThreatPost
added 2018/02/01 10:44 a.m.7 views

Massive Smominru Cryptocurrency Botnet Rakes In Millions

Criminals behind the cryptocurrency miner Smominru have raked in between $2.8 to $3.6 million since May. The payday is impressive, say researchers at Proofpoint, who report that operators have amassed a formidable botnet of infected servers pumping out 24 Monero daily, or the equivalent of $8,500...

0.4AI score
Exploits0References2
The Hacker News
The Hacker News
added 2017/12/20 2:14 a.m.19 views

Greedy North Korean Hackers Targeting Cryptocurrencies and Point-of-Sale Terminals

The North Korean hacking group has turned greedy. Security researchers have uncovered a new widespread malware campaign targeting cryptocurrency users, believed to be originated from Lazarus Group, a state-sponsored hacking group linked to the North Korean government. Active since 2009, Lazarus...

6.7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2017/11/07 1:58 p.m.43 views

November 7, 2017 – Morning Cyber Coffee Headlines – “Election Day” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! November 7, 2017 - Headlines Carbon Black in the News: CRN Exclusive: Carbon...

6.6AI score
Exploits0
ThreatPost
ThreatPost
added 2017/10/10 1:53 p.m.18 views

Porn Site Becomes Hub for KovCoreG Group Malvertising Campaigns

Pornhub, a top-20 ranked U.S. website according to Alexa, was serving up large-scale malvertising attacks exposing millions of visitors to click-fraud. Behind the attacks is the KovCoreG Group, best known for distributing Kovter click-fraud malware. The campaigns, spotted by researchers at...

0.2AI score
Exploits0References2
ThreatPost
ThreatPost
added 2017/09/22 2:2 p.m.79 views

EternalBlue Exploit Used in Retefe Banking Trojan Campaign

Criminals behind the Retefe banking Trojan have added a new component to their malware that uses the NSA exploit EternalBlue. The update makes Retefe the latest malware family to adopt the SMBv1 attack against a patched Windows vulnerability, and could signal an emerging trend, said researchers a...

9.3CVSS0.3AI score0.9923EPSS
Exploits55References3
The Hacker News
The Hacker News
added 2017/07/14 11:57 p.m.13 views

Two New Platforms Found Offering Cybercrime-as-a-Service to 'Wannabe Hackers'

Cybercrime has continued to evolve and today exists in a highly organised form. Cybercrime has increasingly been commercialised, and itself become big business by renting out an expanded range of hacking tools and technologies, from exploit kits to ransomware, to help anyone build threats and...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/07/05 4:5 p.m.62 views

AdGholas malvertising thrives in the shadows of ransomware outbreaks

The latest wave of ransomware following the WannaCry outbreak has kept everyone very busy and been the topic of many conversations. In the meantime, other threat actors have been quite active and perhaps even enjoyed this complimentary diversion. This is certainly true for the most prolific...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2017/05/16 6:41 a.m.11 views

Weeks Before WannaCry, Cryptocurrency Mining Botnet Was Using Windows SMB Exploit

A security researcher has just discovered a stealthy cryptocurrency-mining malware that was also using Windows SMB vulnerability at least two weeks before the outbreak of WannaCry ransomware attacks. According to Kafeine, a security researcher at Proofpoint, another group of cyber criminals was...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2017/04/12 9:41 p.m.341 views

Not Just Criminals, But Governments Were Also Using MS Word 0-Day Exploit

Recently we reported about a critical code execution vulnerability in Microsoft Word that was being exploited in the wild by cyber criminal groups to distribute malware like Dridex banking trojans and Latentbot. Now, it turns out that the same previously undisclosed vulnerability in Word...

9.3CVSS8AI score0.99933EPSS
Exploits29
Rows per page
Query Builder