Threat Research – Page 8 – WindowsTechs.com

Hackers Launch Cyberattack via U.S. Aid Agency Email Accounts

Posted on May 28, 2021 by Nick Rossmann

Microsoft announced a Russian threat group (ITG05, aka Nobellium, APT28) also thought to be behind the SolarWinds attack conducted an email campaign masquerading as the U.S. Agency for International Development. Microsoft reports that while organizations in the United States received the largest share of attacks, targeted victims span at least 24 countries. The earlier campaign […]

The post Hackers Launch Cyberattack via U.S. Aid Agency Email Accounts appeared first on Security Intelligence.

Continue reading Hackers Launch Cyberattack via U.S. Aid Agency Email Accounts→

Revealing the ‘Snip3’ Crypter, a Highly Evasive RAT Loader

Posted on May 7, 2021 by Nadav Lorber

Introduction
Morphisec has recently monitored a highly sophisticated Crypter-as-a-Service that delivers numerous RAT families onto target machines.
The Crypter is most commonly delivered through phishing emails, which lead to the download of a vi… Continue reading Revealing the ‘Snip3’ Crypter, a Highly Evasive RAT Loader→

Is Multifactor Authentication Changing the Threat Landscape?

Posted on April 29, 2021 by Camille Singleton

Changes to the cybersecurity threat landscape are constant and dynamic: threat actor groups come and go, alter tactics, techniques and procedures (TTPs) and adjust to new defensive mechanisms. Over time, both cyber criminal gangs and nation-state actors endure arrests and swap individuals in what can appear to be an ongoing arms race between good and […]

The post Is Multifactor Authentication Changing the Threat Landscape? appeared first on Security Intelligence.

Continue reading Is Multifactor Authentication Changing the Threat Landscape?→

The Sodinokibi Chronicles: A (R)Evil Cybercrime Gang Disrupts Organizations for Trade Secrets and Cash

Posted on April 28, 2021 by Limor Kessem

It likes big game hunting, it enjoys deploying Cobalt Strike and it dabbles in critical vulnerability abuse. It’s known as Sodinokibi/REvil, a ransomware strain that emerged in 2019 as the heir to the GandCrab ransomware, a malware family that supposedly retired from the cyber crime arena in mid-2019 after reportedly amassing illicit profits of over […]

The post The Sodinokibi Chronicles: A (R)Evil Cybercrime Gang Disrupts Organizations for Trade Secrets and Cash appeared first on Security Intelligence.

Continue reading The Sodinokibi Chronicles: A (R)Evil Cybercrime Gang Disrupts Organizations for Trade Secrets and Cash→

Deceptive Installers Tips | Avast

Posted on April 22, 2021 by Avast Blog

Have you ever downloaded a program you needed, only to realize that it’s actually something else? And then had your antivirus software flag it? It can be confusing and upsetting to fall for a deceptive installer — and the Avast Threat Labs can help you… Continue reading Deceptive Installers Tips | Avast→

An Update: The COVID-19 Vaccine’s Global Cold Chain Continues to Be a Target

Posted on April 14, 2021 by Melissa Frydrych

In December 2020, IBM Security X-Force released a research blog disclosing that the COVID-19 cold chain — an integral part of delivering and storing COVID-19 vaccines at safe temperatures — was targeted by cyber adversaries. After that first report, we recently discovered an additional 50 files tied to spear-phishing emails that targeted 44 companies in […]

The post An Update: The COVID-19 Vaccine’s Global Cold Chain Continues to Be a Target appeared first on Security Intelligence.

Continue reading An Update: The COVID-19 Vaccine’s Global Cold Chain Continues to Be a Target→

New Ransomware Threats Are Getting Bolder: How to Rewrite the Script

Posted on April 9, 2021 by Mark Stone

Greater exposure is both good news and bad news when it comes to new ransomware threats. While ransomware attacks themselves are never good news, it is a positive sign that these attacks are receiving more media attention, such as the attack on an entire hospital chain, an attack on a Las Vegas school district and even […]

The post New Ransomware Threats Are Getting Bolder: How to Rewrite the Script appeared first on Security Intelligence.

Continue reading New Ransomware Threats Are Getting Bolder: How to Rewrite the Script→

Kubesploit: A New Offensive Tool for Testing Containerized Environments

Posted on April 8, 2021 by Eviatar Gerzi

In this blog post, we will introduce a new open-source tool we developed, named Kubesploit, for testing Kubernetes environments. This is a full framework, dedicated to Kubernetes, to assist penetration testers and Red Teamers in performing a comprehens… Continue reading Kubesploit: A New Offensive Tool for Testing Containerized Environments→

The IronNet April Threat Intelligence Brief

Posted on April 7, 2021 by Anthony Grenga

While the fallout of the SolarWinds/SUNBURST attack continues to unfold, China also has entered the threat landscape. Though the APT group HAFNIUM is believed to have been exploiting flaws in on-premise Microsoft Exchange servers since January 6th… Continue reading The IronNet April Threat Intelligence Brief→

Fleeceware Apps On Mobile App Stores | Avast

Posted on March 24, 2021 by Avast Blog

Researchers at Avast have discovered a total of 204 fleeceware applications with over a billion downloads and over $400 million in revenue on the Apple App Store and Google Play Store. The purpose of these applications is to draw users into a free tria… Continue reading Fleeceware Apps On Mobile App Stores | Avast→