CATEGORY ARCHIVES: malware

Bi-Weekly Security Update 4/28/17

Read More

Share this:

Dimnie: Targeting the Unexpected

 

GitHub is a platform used to share any type of code. For this reason, it’s an important part of research and information sharing within the cyber security field. Because it’s a part of this environment, it’s inevitable that malicious actors will try to infect users’ platforms with malware.

Read More

Share this:

Bi-Weekly Security Update 4/17/17

Malicious Content Identified and Inserted:

Read More

Share this:

Bi-Weekly Security Update 3/29/17

Read More

Share this:

Bi-Weekly Security Update 3/15/2017

 

Malicious Content Identified and Inserted:

  • IPs – 3680
  • Domains – 603

Target List Content Updated:

  • TSCritical
  • TSRansomware
  • TSPhishing
  • TSBanking
Read More

Share this:

EITest – The Long Living Campaign

EITest is a campaign initially discovered in 2014 by Malwarebytes. It distributes malware (that uses iframes) through a flash file on a compromised site, followed by exploitation through an Exploit Kit. In the past, this campaign was used to distribute malware including Cerber, CryptoMix, CryptoShield, Gootkit and the Chthonic banking Trojan, all using various types of Exploit Kits.

Read More

Share this:

Magic Hound Sniffs Out Trouble

 

Magic Hound, as dubbed by researchers at Palo Alto Networks, is a targeted espionage campaign against Saudi Arabian government, energy and technology industries. The campaign utilized a common phishing tactic, embedding macros into Word and Excel documents. If the victim enabled macros on the document, Powershell scripts downloaded additional malware onto their computer, such as the open-source Python RAT, Pupy.

Read More

Share this:

Locky Back in Action

Locky, the infamous ransomware plaguing computers worldwide since it was first seen early last year, has recently made a comeback after a severe drop in activity over the holiday season. The Necurs botnet, which is Locky's primary distributor, was offline for the final weeks of 2016, equating to an 81% decrease in the number of Locky attacks.

Read More

Share this:

CryptXXX Ransomware Spread Through SoakSoak Botnet: Two Big Actors As One

CryptXXX and SoakSoak are huge threats individually.

Read More

Share this:

Bi-weekly Security Update

Bi-weekly Security Update

Malicious content identified and inserted:

  • IPs – 960
  • Domains – 1653
Read More

Share this: