Ransomware Goes Fileless, Uses Malicious Documents and PowerShell to Encrypt Files

In October 2019, we encountered a phishing campaign delivering a malicious Microsoft Word document that distributed ransomware with a twist. Unlike most ransomware families, such as GandCrab, WannaCry and RobinHood, the malware was not compiled code. I… Continue reading Ransomware Goes Fileless, Uses Malicious Documents and PowerShell to Encrypt Files

Thousands of Windows PCs infected by Nodersok/Divergent fileless malware

By Sudais
A new fileless malware is on the rise which converts computers into bots that can be controlled by hackers remotely.
This is a post from HackRead.com Read the original post: Thousands of Windows PCs infected by Nodersok/Divergent fileless mal… Continue reading Thousands of Windows PCs infected by Nodersok/Divergent fileless malware

Divergent Malware Using NodeJS, WinDivert in Fileless Attacks

Samples of a new malware family called “Divergent” are using both NodeJS and WinDivert in a series of fileless attack campaigns. Cisco Talos didn’t identify the exact delivery method for Divergent. Even so, its researchers observed th… Continue reading Divergent Malware Using NodeJS, WinDivert in Fileless Attacks

Fileless attacks designed to disguise malicious activity up 265%

Trend Micro published its roundup report for the first half of 2019, revealing a surge in fileless attacks designed to disguise malicious activity. Detections of this threat alone were up 265% compared to the first half of 2018. Fileless events were 18… Continue reading Fileless attacks designed to disguise malicious activity up 265%

New ransomware grows 118% as cybercriminals adopt fresh tactics and code innovations

McAfee Labs saw an average of 504 new threats per minute in Q1 2019, and a resurgence of ransomware along with changes in campaign execution and code. More than 2.2 billion stolen account credentials were made available on the cybercriminal underground… Continue reading New ransomware grows 118% as cybercriminals adopt fresh tactics and code innovations

Astaroth-Dropper Trojan Hides in Plain Sight

Malware is getting harder to detect. So says an AV vendor, anyway. But here’s a fascinating case study.
The post Astaroth-Dropper Trojan Hides in Plain Sight appeared first on Security Boulevard.
Continue reading Astaroth-Dropper Trojan Hides in Plain Sight

A fileless campaign is dropping the Astaroth info-stealer

Attackers are delivering the Astaroth info-stealing backdoor by leveraging a combination of fileless malware and “living off the land” techniques, Microsoft’s security team warns. The campaign All through the attack chain, the only to… Continue reading A fileless campaign is dropping the Astaroth info-stealer

Congratulations, You’ve Won a Meterpreter Shell

Posted by Josh Stroschein, Ratnesh Pandey and Alex Holland. For an attack to succeed undetected, attackers need to limit the creation of file and network artifacts by their malware. In this post, we analyse an attack that illustrates two popular tactic… Continue reading Congratulations, You’ve Won a Meterpreter Shell