Operation ENDTRADE: Finding Multi-Stage Backdoors that TICK

While we have been following cyberespionage group TICK (a.k.a. “BRONZE BUTLER” or “REDBALDKNIGHT”) since 2008, we noticed an unusual increase in malware development and deployments towards November 2018. We already know that the group uses previously deployed malware and modified Read More …

Ransomware: Big paydays and little chance of getting caught means boom time for crooks

Ransomware will continue to plague organisations in 2020 because there’s little risk of the cyber criminals behind the network-encrypting malware attacks getting caught; so for them there’s only a small amount of risk, but a potentially large reward. During the last Read More …

Hotel front desks are now a hotbed for hackers

It seems that any possible way cybercriminals can exploit the hospitality industry, they will. Hotels, restaurant chains, and related tourism services have been subject to a range of techniques when it comes to cybercrime; the compromise of Point-of-Sale (PoS) terminals Read More …

Trickbot Appears to Target OpenSSH and OpenVPN Data in Upgraded Password-Grabbing Module

Trickbot first arrived on the scene in 2016, its initial iteration being a banking trojan that infected computers to steal email passwords and address books to spread malicious emails from compromised accounts. A few years and multiple transformations later, what was a Read More …

DePriMon downloader uses novel ways to infect your PC with ColoredLambert malware

A malware downloader has been spotted using novel “Port Monitor” methods that have not been detected before in active campaigns. Dubbed DePriMon, the malicious downloader is used to deploy malware used by Lambert — also known as the Longhorn advanced Read More …

APT33 Mounts Focused, Highly Targeted Botnet Attacks Against U.S. Victims

The Iran-linked, espionage-focused advanced threat group known as APT33 has been spotted using more than a dozen obfuscated botnets to carry out narrowly targeted attacks against government and academic targets in the Middle East, the U.S. and Asia. Each botnet, Read More …