Cybercrime

November 2, 2022

The Emotet malware operation is again spamming malicious emails after almost a five-month “vacation” that saw little activity from the notorious cybercrime operation. Emotet is a malware infection distributed through phishing campaigns containing malicious Excel or Word documents. When users open these documents and enable macros, the Emotet DLL will be downloaded and loaded into memory. Once ...

November 2, 2022

Vodafone Italia is sending customers notices of a data breach, informing that one of its commercial partners, FourB S.p.A., who operates as a reseller of the telecommunications services in the country, has suffered a cyberattack. According to the notice, the cyberattack took place in the first week of September and resulted in the compromise of sensitive ...

November 2, 2022

Banks in the US paid out nearly $1.2 billion in 2021 as a result of ransomware attacks, a marked rise over the year before though it may simply be due to more financial institutions being asked to report incidents. The figures come from the most recent Financial Trend Analysis report on ransomware from the US ...

November 1, 2022

The White House has brought together dozens of nations as well as representatives from big tech companies for a two-day summit aimed at figuring out how to tackle the global ransomware problem. “When you look at government networks, as we know — Costa Rica; Montenegro; Bank of Zambia; the city of Palermo, Italy, — this is ...

November 1, 2022

For more than five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on Kaspersky threat intelligence research; and they provide a representative snapshot of what Kaspersky researchers have published and discussed in greater detail in their private APT ...

October 31, 2022

While advanced persistent threats get the most breathless coverage in the news, many threat actors have money on their mind rather than espionage. You can learn a lot about the innovations used by these financially motivated groups by watching banking Trojans. Because attackers constantly create new techniques to evade detection and perform malicious acts, studying monetarily ...

October 30, 2022

A new and destructive ‘Azov Ransomware’ data wiper is being heavily distributed through pirated software, key generators, and adware bundles, trying to frame well-known security researchers by claiming they are behind the attack. The Azov Ransomware falsely claims to have been created by a well-known security researcher named Hasherazade and lists other researchers, myself, and BleepingComputer, ...

October 28, 2022

German copper producer Aurubis has announced that it suffered a cyberattack that forced it to shut down IT systems to prevent the attack’s spread. Aurubis is Europe’s largest copper producer and the second largest in the world, with 6,900 employees worldwide, and produces one million tonnes of copper cathodes yearly. In an announcement published on their website, ...

October 28, 2022

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint guide to provide organizations proactive steps to reduce the likelihood and impact of distributed denial-of-service (DDoS) attacks. These attacks can cost an organization time and money and may impose ...

October 28, 2022

Unit 42 researchers recently discovered a Guloader variant that contains a shellcode payload protected by anti-analysis techniques, which are meant to slow human analysts and sandboxes processing this sample. To help speed analysis for this sample and others like it, we are providing a complete Python script to deobfuscate the Guloader sample that is available ...