IcedID Banker is Back, Adding Steganography, COVID-19 Theme

A new version of the IcedID banking trojan has debuted that notably embraces steganography – the practice of hiding code within images – in order to stealthily infect victims. It has also changed up its process for eavesdropping on victims’ Read More …

US bank customers targeted in ongoing Qbot campaign

Security researchers at F5 Labs have spotted ongoing attacks using Qbot malware payloads to steal credentials from customers of dozens of US financial institutions. Qbot (also known as Qakbot, Pinkslipbot, and Quakbot) is a banking trojan with worm features [1, 2, 3] used to steal banking Read More …

City of Knoxville shuts down network after ransomware attack

The City of Knoxville, Tennessee, was forced to shut down its entire computer network following a ransomware attack that took place overnight and targeted the city’s offices. Knoxville has a population of over 180,000, it’s Tennessee’s third-largest city after Nashville and Memphis, and it’s Read More …

Espionage Group Hits U.S. Utilities with Sophisticated Spy Tool

The APT known as TA410 has added a modular remote-access trojan (RAT) to its espionage arsenal, deployed against Windows targets in the United States’ utilities sector. According to researchers at Proofpoint, the RAT, called FlowCloud, can access installed applications and Read More …

U.S. Nuclear Contractor Hit with Maze Ransomware, Data Leaked

A U.S. military contractor involved in the maintenance of the country’s Minuteman III nuclear arsenal has been hit by the Maze ransomware, according to reports – with the hackers making off with reams of sensitive information. The company, Westech International, Read More …

Amtrak discloses data breach, potential leak of customer account data

The National Railroad Passenger Corporation (Amtrak) has disclosed a data breach that may have resulted in the compromise of customer personally identifiable information (PII). The data breach was discovered on April 16, 2020. In a letter to the Attorney General’s Read More …

Mozilla, Twitter, Reddit join forces in effort to block browsing data from warrantless access

A group of seven internet companies are vowing to stand up for the privacy of its users this week when the United States House of Representatives considers the USA FREEDOM Reauthorization Act of 2020. Mozilla, Engine, Reddit, Reform Government Surveillance, Twitter, Read More …

SilverTerrier: New COVID-19 Themed Business Email Compromise Schemes

Focusing on one of the most active subsets of the global threat landscape, Palo Alto Networks Unit 42 tracks Nigerian cyber criminals involved in Business Email Compromise (BEC) activities under the name SilverTerrier. Over the past 90 days (Jan. 30 – Read More …