Malware

October 19, 2018

Kaspersky Lab said today that it detected computers infected with DarkPulsar, a malware implant that has been allegedly developed by the US National Security Agency (NSA). “We found around 50 victims, but believe that the figure was much higher,” Kaspersky Lab researchers said today. “All victims were located in Russia, Iran, and Egypt, and typically Windows 2003/2008 ...

October 18, 2018

A fresh wave of cyberattacks striking the US, South Korea, and Canada has been connected to an APT group with ties to the Chinese military. On Thursday, cybersecurity researchers from McAfee’s Advanced Threat Research team said they have discovered a new campaign which focuses on cyberespionage and data reconnaissance. South Korea appears to be the primary target of the ...

October 17, 2018

The hacking group which took down Ukrainian power grids is systematically targeting critical infrastructure in Ukraine and beyond in what security researchers believe could be cyber espionage and reconnaissance ahead of future attacks. Dubbed GreyEnergy by researchers at ESET, the group is believed to have been active over the last three years and to be linked to ...

October 15, 2018

Researchers have uncovered the Octopus Trojan in a wave of cyberattacks being launched against diplomatic entities across central Asia. According to cybersecurity firm Kaspersky Lab, the targeted campaign has used the recent ban of Telegram messenger across Russia and reported attempts to ban the service across some former Soviet areas such as Kazakhstan to dupe victims into believing ...

October 15, 2018

The Emotet Trojan is behind a crippling ransomware attack that hit the Onslow Water and Sewer Authority. A “critical water utility” has been targeted in a recent ransomware attack, significantly impeding its ability to provide service in the week after Hurricane Florence hit the East Coast of the U.S. The Onslow Water and Sewer Authority (ONWASA) said ...

October 11, 2018

Malware analysts from Slovak cyber-security firm ESET have found substantial evidence that links cyber-attacks performed against Ukraine’s power grid to the same group behind the NotPetya ransomware outbreak of June 2017. The link is not a direct one, but through a third malware strain that was spotted in an unrelated hacking operation in April this year. Researchers ...

October 10, 2018

A new attack group is targeting government, military, and defense sectors in what appears to be a classic espionage campaign. Symantec researchers have uncovered a previously unknown attack group that is targeting government and military targets, including several overseas embassies of an Eastern European country, and military and defense targets in the Middle East. This group ...

October 4, 2018

The UK government this morning pointed the finger at Russian military intelligence for a litany of cyber nasties. In the bulletin, the UK government’s National Cyber Security Centre (NCSC) declared that a range of attacks blamed on the Kremlin are actually the work of Russian military intelligence, GRU. This comes in the wake of long-standing concerns that Russia ...

October 4, 2018

The Fallout Exploit has been distributing the GandCrab Ransomware for the past few weeks, but has now switched its payload to the Kraken Cryptor Ransomware. Kraken Cryptor is a Ransomware as a Service (RaaS) that is actively being distributed by affiliates. As this is an affiliate system, we are seeing different bad actors distributing the ransomware using a variety ...

October 2, 2018

An extremely high number of keylogger phishing campaigns have been seen tied to the Zoho online office suite software; in an analysis, a full 40 percent spotted in the last month used a zoho.com or zoho.eu email address to exfiltrate data from victim machines. A Cofense analysis, published Tuesday, of popular keylogging malware – which records ...