Talking to RATs: Assessing Corporate Risk by Analyzing Remote Access Trojan Infections

Posted onMarch 14, 2019March 15, 2019

Remote access trojans (RATs) on a corporate system may serve as a key pivot point to access information laterally within an enterprise network. By analyzing network metadata, Recorded Future analysts were able to identify RAT command-and-control (C2) servers, and more Read More …

URSNIF, EMOTET, DRIDEX and BitPaymer Gangs Linked by a Similar Loader

Posted onDecember 18, 2018December 18, 2018

As ransomware and banking trojans captured the interest – and profits – of the world with their destructive routines, cybersecurity practitioners have repeatedly published online and offline how cybercriminals have compartmentalized their schemes through exchange of information and banded professional organizations. As a more concrete proof of the way Read More …

Emotet Returns with Thanksgiving Theme and Better Phishing Tricks

Posted onNovember 20, 2018November 21, 2018

After a short break, Emotet malware has been observed concealed in documents delivered through emails that pretended to be from financial institutions or disguised as Thanksgiving-themed greetings for employees. In early October, Emotet activity dropped off the radar, only to Read More …

Emotet Campaign Ramps Up with Mass Email Harvesting Module

Posted onNovember 12, 2018November 13, 2018

The new variant can exfiltrate emails for a period going back 180 days, en masse. A large-scale spam campaign has launched, spreading the Emotet banking trojan. Worryingly, the offensive has launched about a week after a fresh module for mass Read More …

Emotet malware gang is mass-harvesting millions of emails in mysterious campaign

Posted onOctober 31, 2018

A notorious malware family that has been on a resurgent path since last year has received a major update this week that will send shivers down any organization’s back. According to a report from Kryptos Logic shared earlier today with ZDNet, the Read More …

Malware Distributors Adopt DKIM to Bypass Mail Filters

Posted onOctober 25, 2018

In July 2018, US-CERT raised an alert regarding the Emotet banking trojan, which is also being used to distribute a secondary malware known as “Trickbot”. This alert provided recommendations on how businesses can mitigate their exposure to the Trojan. Unfortunately, it Read More …

In County Crippled by Hurricane, Water Utility Targeted in Ransomware Attack

Posted onOctober 15, 2018October 18, 2018

The Emotet Trojan is behind a crippling ransomware attack that hit the Onslow Water and Sewer Authority. A “critical water utility” has been targeted in a recent ransomware attack, significantly impeding its ability to provide service in the week after Read More …

Emotet Malware Evolves Beyond Banking to Threat Delivery Service

Posted onJuly 24, 2018July 26, 2018

The Emotet trojan has been popping up in the news for years: From widespread malspam infections of banking German targets in 2014, all the way up to the costly infection of a New Hampshire town’s computer network in July. And Read More …

Cyber Security Review

Unique content I Global reach I Direct mailing and online

Emotet