News • Insights • Analysis
The RIG Exploit Kit is undergoing its most successful period, attempting roughly 2,000 intrusions daily and succeeding in about 30% of cases, the highest ratio in the service’s long operational history. By exploiting relatively old Internet Explorer vulnerabilities, RIG EK Read More …
While advanced persistent threats get the most breathless coverage in the news, many threat actors have money on their mind rather than espionage. You can learn a lot about the innovations used by these financially motivated groups by watching banking Read More …
In Part 1 of this two-part blog series, Unit 42 researchers discussed briefly how XLL files are exploited to deploy Agent Tesla. During December 2021, they continued to observe Dridex and Agent Tesla exploiting XLL in different ways for initial Read More …
Threat actors now exploit the critical Apache Log4j vulnerability named Log4Shell to infect vulnerable devices with the notorious Dridex banking trojan or Meterpreter. The Dridex malware is a banking trojan originally developed to steal online banking credentials from victims. However, Read More …
Evil Corp has launched a new ransomware called Macaw Locker to evade US sanctions that prevent victims from making ransom payments. The Evil Corp hacking group, also known Indrik Spider and the Dridex gang, has been involved in cybercrime activities Read More …
Cybercriminals have wasted no time in hopping on the American Rescue Plan – the COVID-19 relief legislation just signed into law – as a lure for email-based scams. According to researchers at Cofense, a campaign began circulating in March that Read More …
This tutorial is designed for security professionals who investigate suspicious network activity and review network packet captures (pcaps). Familiarity with Wireshark is necessary to understand this tutorial, which focuses on Wireshark version 3.x. Dridex is the name for a family Read More …
Evil Corp, one of the biggest malware operations on the internet, has slowly returned to life after several of its members were charged by the US Department of Justice in December 2019. In a report shared with ZDNet today, Fox-IT, a division within the NCC Read More …
A Russian national who runs Evil Corp has been indicted in the United States following unprecedented collaboration between the NCA, the FBI and the National Cyber Security Centre. A Russian national who runs Evil Corp – the world’s most harmful Read More …
A never-before-seen Dridex variant has been spotted in phishing emails using anti-virus detection evasion tactics. Researchers have spotted a variant of the Dridex banking trojan with new obfuscation capabilities that help it skirt anti-virus detection. While Dridex has been around since Read More …
