Cybercrime

November 5, 2018

The Inception threat group has been observed exploiting the CVE-2017-11882 Microsoft Office memory corruption vulnerability and a PowerShell-based backdoor dubbed POWERSHOWER in their most recent multi-stage attack campaign during October 2018. Inception was seen in action since at least 2014, using multiple highly automated malware toolkits targeting a vast array of industries and platforms from all ...

November 2, 2018

Two botnet gangs are fighting to take control over as many unsecured Android devices as they can to use their resources and mine cryptocurrency behind owners’ backs. The turf war between these two botnets –one named Fbot and the other named Trinity– has been going on for at least a month if we’re to combine the ...

November 1, 2018

Stealing administrative credentials to carry out months-long spy campaigns is a top threat. While industrial control systems (ICS) are the most talked-about when it comes to cyberattacks against energy and utilities firms, most attacks actually take aim at the enterprise IT networks used by these organizations, rather than critical infrastructure itself. The Vectra 2018 Spotlight Report on Energy and ...

October 31, 2018

A notorious malware family that has been on a resurgent path since last year has received a major update this week that will send shivers down any organization’s back. According to a report from Kryptos Logic shared earlier today with ZDNet, the Emotet malware family has started mass-harvesting full email messages from infected victims, starting yesterday. The Emotet group ...

October 30, 2018

SamSam ransomware is still plaguing organisations across the US, with fresh attacks against 67 new targets — including at least one involved with administering the upcoming midterm elections. The malware is designed in such a way that it in addition to encrypting files and data across target networks, it also goes after backups as a means ...

October 30, 2018

As the US midterm elections close in, the underground markets appear to be flush with voter databases available for affordable prices. Voter information is rich with details that could help an attacker learn enough about the victim to steal their identity. Cybersecurity company Carbon Black, at least one market on the dark web lists for sale voter ...

October 25, 2018

In July 2018, US-CERT raised an alert regarding the Emotet banking trojan, which is also being used to distribute a secondary malware known as “Trickbot”. This alert provided recommendations on how businesses can mitigate their exposure to the Trojan. Unfortunately, it looks like criminals are also reading the US-CERT’s warnings as they have adopted new techniques ...

October 17, 2018

The hacking group which took down Ukrainian power grids is systematically targeting critical infrastructure in Ukraine and beyond in what security researchers believe could be cyber espionage and reconnaissance ahead of future attacks. Dubbed GreyEnergy by researchers at ESET, the group is believed to have been active over the last three years and to be linked to ...

October 16, 2018

Two year since its launch, NCSC helped the UK against almost 1,200 cyber attacks, most carried out by hostile nation states The UK’s National Cyber Security Centre (NCSC) has revealed that it helps the country fend off at least ten cyber attacks a week, most of which come from state-sponsored hackers employed by hostile nation states. This ...

October 15, 2018

Researchers have uncovered the Octopus Trojan in a wave of cyberattacks being launched against diplomatic entities across central Asia. According to cybersecurity firm Kaspersky Lab, the targeted campaign has used the recent ban of Telegram messenger across Russia and reported attempts to ban the service across some former Soviet areas such as Kazakhstan to dupe victims into believing ...