New Jaff Ransomware Part Of Active Necurs Spam Blitz

A new malware family called Jaff has been identified by researchers who say they are currently tracking multiple and massive spam campaigns distributing the malware via the Necurs botnet. Continue reading New Jaff Ransomware Part Of Active Necurs Spam Blitz

more malware via embedded word macro docs in pdf attachments

Nothing special about the emails that are delivering this malware version. It is a typical  well used email template with subjects varying from with literally hundreds if not thousands of subjects. These generally deliver either Locky ransomware or Dridex banking Trojan File_69348406 PDF_9859 Scan_2441975 Document_11048 Copy_9762   They all have Continue reading → Continue reading more malware via embedded word macro docs in pdf attachments

Neverquest Gang Takes Leave — Is It the End of the Quest?

IBM X-Force researchers recently observed a massive drop in Neverquest malware campaigns. Is it the end of an era for this Trojan?

The post Neverquest Gang Takes Leave — Is It the End of the Quest? appeared first on Security Intelligence.

Continue reading Neverquest Gang Takes Leave — Is It the End of the Quest?

The Necurs Botnet: A Pandora’s Box of Malicious Spam

Since its initial launch five years ago, the Necurs botnet has quickly ascended the cybercriminal ranks. Today, it controls more than 6 million endpoints.

The post The Necurs Botnet: A Pandora’s Box of Malicious Spam appeared first on Security Intelligence.

Continue reading The Necurs Botnet: A Pandora’s Box of Malicious Spam

Microsoft zero-day vulnerability was being exploited for cyber-espionage

Two separate attack campaigns exploited the same Microsoft zero-day vulnerability to infect users with spyware and crimeware. But mystery shrouds which country might have been behind the state-sponsored attacks.
David Bisson reports.
Continue reading Microsoft zero-day vulnerability was being exploited for cyber-espionage

CVE-2017-0199 – 0-day malware delivered by a multitude of different emails.

Today has been a mixture so far of different subjects and alleged senders. All the Word attachments, although named differently are all identical and all are trying to exploit the 0 day OLE link exploit CVE-2017-0199    that was fixed in Yesterday’s windows / Office updates from Microsoft.  ( I am late … Continue reading → Continue reading CVE-2017-0199 – 0-day malware delivered by a multitude of different emails.

Millions hit with banking malware using new Microsoft Word zero day

Millions of email users were affected this week by a hacking campaign exploiting a newly discovered vulnerability in Microsoft’s Office suite of software applications — just days after it was controversially made public Friday by cybersecurity outfit McAfee. The news comes as FireEye, another security company that independently discovered the vulnerability last month, revealed it has also been used to help install the “lawful intercept” software known as FinFisher or FinSpy on computers used by Russian-speakers and in a campaign using LatentBot, an information-stealing and remote-access malware package associated with financially motivated cybercriminals. But on Monday evening East Coast time, the vulnerability was exploited in a massive campaign of spam email directed at millions of computer users in Australia. The email was designed to look as if it had come from a printer or scanner on the recipient’s own network. It bore a malicious attachment, known as a lure, designed to infect targeted […]

The post Millions hit with banking malware using new Microsoft Word zero day appeared first on Cyberscoop.

Continue reading Millions hit with banking malware using new Microsoft Word zero day

Microsoft Patches Word Zero-Day Spreading Dridex Malware

A Microsoft Word zero-day vulnerability is being used to spread the Dridex banking Trojan in attacks that have bypassed mitigation efforts. Continue reading Microsoft Patches Word Zero-Day Spreading Dridex Malware

Spoofed HMRC VAT Return and Payment overdue malspam delivers malware

The malware is coming in thick and fast today. The latest is an email with the subject of  VAT Return and Payment overdue coming from  HMRC Business Help and Support Emails <info@hmrccustomersupport143.top> with a malicious word doc or Excel XLS spreadsheet attachment  delivers malware, probably Dridex banking Trojan Update: this appears … Continue reading → Continue reading Spoofed HMRC VAT Return and Payment overdue malspam delivers malware