Security experts at Proofpoint warn of the resurfacing of the Retefe banking Trojan that implements new techniques to avoid detection. The Retefe banking Trojan resurfaces in that threat landscape and implements new techniques to avoid detection. The new variant resurfaced in April, it uses the stunnel encrypted tunneling mechanism and abuses a legitimate shareware app. […]
International ‘Malvertiser’ Oleksii Petrovich Ivanov extradited from the Netherlands to face hacking charges in New Jersey The Ukrainian national Oleksii Petrovich Ivanov (31) was extradited to the U.S. from the Netherlands and is facing charges of conspiracy to commit wire fraud, wire fraud, and computer fraud. The man is suspected to have carried out malvertising […]
Hacker “Subby” brute-forces the backends of 29 IoT botnets that were using weak or default credentials. A hacker that goes online with the moniker ‘Subby’ took over 29 IoT botnets in the past few weeks with brute-force attacks. The hacker ‘Subby’ took over 29 IoT botnets in the past few weeks brute-forcing the back end […]
The news was reported by the Kyodo News and has caught my attention, Japan will develop its first-ever computer virus as defense against cyber attacks. The Kyodo News revealed that Japan will develop its first-ever computer virus as a defense measure against cyber attacks and that the development will be completed by next March. The […]
The APT34 Glimpse project is maybe the most complete APT34 project known so far, the popular researcher Marco Ramilli analyzed it for us. Indeed we might observe a File-based command and control (a quite unusual solution) structure, a VBS launcher, a PowerShell Payload and a covert channel over DNS engine. This last feature is the most […]
Good news for the victims of the ZQ Ransomware, security experts at Emisisoft have released a free decryptor tool. Good news for the victims of the ZQ Ransomware, security experts at Emisisoft have released a free decryptor tool that allows them to decrypt files for free. ZQ Ransomware infected users in the US, India, Polland, […]
Threat actors are exploiting a recently patched critical Oracle WebLogic Server vulnerability to deliver the Sodinokibi ransomware to organizations. Threat actors are delivering a new piece of malware, tracked as Sodinokibi, by exploiting a recently patched Oracle WebLogic Server vulnerability. Oracle WebLogic Server is a Java EE application server currently developed by Oracle Corporation, it […]
Researchers at Malwarebytes are monitoring the evolution of the ElectrumDoSMiner DDoS botnet that reached 152,000 infected hosts. MalwareBytes researchers are closely monitoring attacks against users of the popular Electrum Bitcoin wallet, in particular, the evolution of the Electrum DDoS botnet. In mid-April, experts at MalwareBytes published a report warning of cyber attacks against users of […]
Researchers at Trend Micro have uncovered a malware campaign distributing a new Emotet Trojan variant that compromises devices and uses them as Proxy C2 servers. Trend Micro discovered a new variant of the Emotet Trojan that is able to infect devices and use them as proxy command-and-control servers. The new variant also employs random URI […]
Experts observed several malspam campaigns using signed emails to deliver the GootKit banking Trojan (aka talalpek or Xswkit). Threat actors leverage a multi-stage malware loader tracked as JasperLoader in the malspam campaigns over the past few months. The JasperLoader was observed while distributing malware to targets from Central Europe, most of them in Italy and […]