Researchers from Forcepoint observed a new Emotet Thanksgiving-themed campaign that appears quite different from previous ones. Security researchers from Forcepoint have observed a new Emotet Thanksgiving-themed campaign that appears quite different from previous ones. EMOTET, aka Geodo, is a banking trojan linked to the dreaded Dridex and Feodo (Cridex, Bugat) malware families. In past campaigns, EMOTET was used by crooks […]
The experts at Cybaze ZLab – Yoroi continue the analysis of new strain of malware used by the Russia-linked APT29 cyberespionage group (aka Cozy Bear) The experts at Cybaze ZLab – Yoroi continue the analysis of new strain of malware used by the Russia-linked APT29 cyberespionage group (aka The Dukes, Cozy Bear, and Cozy Duke). The researchers of Yoroi ZLab, on […]
Malware researcher discovered 13 fraudulent apps into Google Play that have been already downloaded and installed more than 560,000 times. Malware researcher Lukas Stefanko from security firm ESET discovered 13 malicious apps into Google Play that have been already downloaded and installed over half a million times (+560,000). The malicious apps could allow attackers to […]
Security experts from Netscout Asert discovered more than ten Mirai bot variants attempting to exploit a recently disclosed flaw in Hadoop YARN on Intel servers. These Mirai variants are the first one that doesn’t target Internet of Things devices, the bot was specifically developed to target Linux servers. The Hadoop YARN is vulnerability is a command injection […]
Security experts at Palo Alto Networks analyzed the method used by Iran-linked OilRig APT Group to test weaponized docs before use in attacks. Security researchers Palo Alto Networks have analyzed the techniques adopted by Iran-linked APT group OilRig (aka APT34) to test the weaponized documents before use in attacks. The OilRig hacker group is an Iran-linked APT that has been around since at least 2015, since then it targeted mainly […]
Malware researchers from Cybaze ZLab – Yoroi team have detected a new strain of malware that appears to be associated with a new wave of attacks carries out by Russia linked APT29 group. The researchers of Yoroi ZLab, on 16 November, accessed to a new APT29’s dangerous malware which seems to be involved in the recent […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! · CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in […]
Marco Ramilli, founder and CEO at cyber security firm Yoroi has explained how to use Microsoft Powerpoint as Malware Dropper Nowadays Microsoft office documents are often used to propagate Malware acting like dynamic droppers. Microsoft Excel embedding macros or Microsoft Word with user actions (like links or external OLE objects) are the main players in […]
According to Group-IB’s report findings, Asia is one of the most actively attacked regions in the world, the company presented latest cybercrime trends. Hong Kong, 16.11.2018 – Group-IB, an international company that specializes in preventing cyber attacks, presented the findings of its latest Hi-Tech Crime Trends 2018 report at the FinTech Security Conference in Hong Kong organized by Binary Solutions Limited […]
Malware researchers at the Cybaze ZLab- Yoroi team spotted a new variant of the dangerous APT28 Lojax rootkit. A new variant of the infamous APT28 Lojax (aka Double-Agent) has been discovered by the Cybaze ZLab – Yoroi team. It is the latest version of the well-known rootkit Double-Agent, previously analyzed by ESET researchers. The behavior of […]