In this instalment of Kaspersky SOC Files series, Kaspersky researchers will walk you through a targeted campaign that our MDR team identified and hunted down a few months ago.
It involves a threat known as Horabot, a bundle consisting of an infamous banking Trojan, an email spreader, and a notably complex attack chain. Although previous research has documented Horabot campaigns, the researchers goal is to highlight how active this threat remains and to share some aspects not covered in those analyses.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Bot and drone misuse could lead to cybercrime explosion
February 21, 2018
The rapid development of drones and artificial intelligence is a “game-changer” that will present a serious threat to national security if it isn’t addressed. The assessment, made by 26 experts from institutions including Cambridge and Oxford Universities, warns of the potential for malicious use of artificial intelligence (AI) by rogue states, criminals, and terrorists. The panel forecast ...
- Reported Critical Vulnerabilities In Microsoft Software On the Rise
February 15, 2018
The number of reported vulnerabilities in Microsoft software has mounted from 325 in 2013 to 685 last year, a rise of 111 percent, according to new research. Moreover, there has also been a 54 percent increase in critical Microsoft vulnerabilities since 2016, researchers at Avecto said in their report, which is based on data from Microsoft’s Security ...
- Crucial iPhone source code posted in unprecedented leak
February 8, 2018
Critical, top secret Apple code for the iPhone’s operating system was posted on Github, opening a new, dangerous avenue for hackers and jailbreakers to access the device, Motherboard reported. The code, known as “iBoot,” has since been pulled, but Apple may have confirmed it was the real deal when it issued a DMCA takedown to Github, as Twitter user ...
- X.509 metadata can carry information through the firewall
February 6, 2018
A security researcher, who last year demonstrated that X.509 certificate exchanges could carry malicious traffic, has now published his proof-of-concept code. Fidelis Cybersecurity’s Jason Reaves has disclosed a covert channel that uses fields in X.509 extensions to sneak data out of corporate networks. The X.509 standard defines the characteristics of public key certificates, and anchors much of ...
- Meltdown-Spectre: Malware is already being tested by attackers
February 1, 2018
German antivirus testing firm AV-Test has identified 139 samples of malware that seem to be early attempts at exploiting the Meltdown and Spectre CPU bugs. “So far, the AV-Test Institute discovered 139 samples that appear to be related to recently reported CPU vulnerabilities. CVE-2017-5715, CVE-2017-5753, CVE-2017-5754,” the company wrote on Twitter. The company has posted SHA-256 hashes of several ...
- Ransomware: Is time running out for the biggest menace on the web?
January 26, 2018
Ransomware attacks like WannaCry and Petya caused major chaos last year, while the likes of Locky and Cerber were less high-profile, but still managed to generate large amounts of income for their criminal creators. 2017 was the year of ransomware, but it could be that the file-encrypting malware has already reached its peak, as an analysis of cybercriminal campaigns appears to show that malicious ...