14 matches found
Magnet Goblin Strikes Public-Facing Servers
Summary: Magnet Goblin, characterized by its financial incentives, strategically exploits zero-day vulnerabilities within publicly accessible services by employing sophisticated malware sourced from the Nerbian family, which also includes NerbianRAT and MiniNerbian. Threat Level - Red | Actor...
Glupteba Botnet Evades Detection with Undocumented UEFI Bootkit
The Glupteba botnet has been found to incorporate a previously undocumented Unified Extensible Firmware Interface UEFI bootkit feature, adding another layer of sophistication and stealth to the malware. "This bootkit can intervene and control the operating system boot process, enabling Glupteba t...
New Android Malware 'FluHorse' Targeting East Asian Markets with Deceptive Tactics
Various sectors in East Asian markets have been subjected to a new email phishing campaign that distributes a previously undocumented strain of Android malware called FluHorse that abuses the Flutter software development framework. "The malware features several malicious Android applications that...
TOP 10 unattributed APT mysteries
Targeted attack attribution is always a tricky thing, and in general, we believe that attribution is best left to law enforcement agencies. The reason is that, while in 90% of cases it is possible to understand a few things about the attackers, such as their native language or even location, the...
Elections GoRansom – a smoke screen for the HermeticWiper attack
Executive summary On February 24, 2022, Avast Threat Research published a tweet announcing the discovery of new Golang ransomware, which they called HermeticRansom. This malware was found around the same time the HermeticWiper was found, and based on publicly available information from security...
Gaming, Banking Trojans Dominate Mobile Malware Scene
The number of cyberattacks launched against mobile users was down last year, researchers have found — but don’t pop the champagne just yet. The decline was offset by jacked-up, more sophisticated, more nimble mobile nastiness. In a Monday report, Kaspersky said that its researchers have observed ...
Mobile malware evolution 2021
These statistics are based on detection verdicts of Kaspersky products received from users who consented to providing statistical data. Figures of the year In 2021, Kaspersky mobile products and technologies detected: 3,464,756 malicious installation packages 97,661 new mobile banking Trojans...
Reverse Engineering Tools: Evaluating the True Cost
When sourcing software for business needs, what criteria should you follow? Price typically tops the list. And sure, free software, like the Linux OS, delivers cost savings, stability, flexibility and ongoing development. No argument there. But when it comes to decompilers, which are used for...
Alleged Mastermind Behind Carbanak Crime Gang Arrested
The suspected mastermind behind the Carbanak criminal gang, which is notorious for stealing as much as $1 billion from more than 100 financial institutions in a string of attacks, has been apprehended, according to the Spanish National Police. According to the European Union Agency for Law...
Malware Evades Detection with Novel Technique
Researchers have found a new strain of document-based macro malware that evades discovery by lying dormant when it detects a security researcher’s test environment. The malware, according to researcher Caleb Fenton with security firm SentinelOne, evades detection simply by counting the number of...
Detecting and Preventing Compromises in Retail Payment Systems
Information Weeks Matthew Swartz published an article on the recently- confirmed payment card breaches at Target, Nieman Marcus and three other unnamed retailers. This article and many others reveal that these attacks involve sophisticated malware and some even suggest it is the work of the same...
More than 1,400 Financial institutions in 88 Countries targeted by Banking Trojan in 2013
As the year draws to a close, we have seen the number of emerging threats like advance phishing attacks from the Syrian Electronic Army, financial malware and exploit kits, Cryptolocker ransomware infections, massive Bitcoin theft, extensive privacy breach from NSA and many more. The financial...
Dissecting the ZeroAccess Rootkit
The ZeroAccess rootkit isn’t the most well-known or closely watched piece of malware in recent history, but, as an extremely detailed new analysis of the program shows, it is a perfect example of the kind of sophisticated malware that attack crews are using to maintain persistent, silent access t...
Here's How to Fix Online Banking Fraud
Guest editorial by Roel Schouwenberg Over the last few months, there’s been quite a lot of news chatter around Banker Trojans emptying out online bank accounts of small businesses in the U.S. Today, I was reading one of such stories on Brian Krebs’ site. After reading that story I came across...