The National Institute of Standards and Technology (NIST) has published a cybersecurity practice guide enterprises can use to recover from data integrity attacks, i.e., destructive malware and ransomware attacks, malicious insider activity or simply mi… Continue reading NIST guide to help orgs recover from ransomware, other data integrity attacks
Short scripts that deliver malware to a website are nothing new, but during a recent investigation we found a script using hastebin[.]com, which is a domain we see used infrequently. The script was found writing malicious contents into an image direct… Continue reading Malicious One-Liner Using Hastebin
The trojan has seen a big spike in activity since August, the Feds are warning. Continue reading CISA: LokiBot Stealer Storms Into a Resurgence
The cybercriminal group has plagued firms with ransomware, sent via spear phishing emails with COVID-19 lures, since March. Continue reading OldGremlin Ransomware Group Bedevils Russian Orgs
WBRC reports: St. Clair County Commission Chairman Paul Manning said the county is a victim of a cyberattack, but no data has left the system. Manning said on September 21, 2020, around 7:00 p.m., St. Clair County was the target of the cyberattack. The… Continue reading AL: St. Clair County is latest victim of cyberattack
Rustam Mirkasymov and Oleg Skulkin of Group-IB write: The email raised no suspicions. An employee of a Russian medical company boldly clicked on the link and downloaded the attached ZIP archive. The message with the subject “Bill due” looke… Continue reading Big Game Hunting: Now in Russia
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of a significant increase in the use of LokiBot malware over the past couple of months.
QuoINT security researchers have identified a new Zebrocy campaign targeting countries associated with the North Atlantic Treaty Organization (NATO).
I published the following diary on isc.sans.edu: “Malicious Word Document with Dynamic Content“: Here is another malicious Word document that I spotted while hunting. “Another one?” may ask some of our readers. Indeed but malicious documents remain a very common infection vector and you learn a lot when you analyze
The post [SANS ISC] Malicious Word Document with Dynamic Content appeared first on /dev/random.
Let’s talk about the structure of the firmware of an IoT device in order to get a better understanding of the different components. Continue reading Looking for sophisticated malware in IoT devices