Ursnif – WindowsTechs.com

TA544 threat actors hit Italian firms with Ursnif banking trojan

Posted on September 29, 2021 by Waqas

By Waqas
A new malware campaign from a group called TA544 is targeting organizations in Italy with Ursnif banking trojan – Here’s how it works.
This is a post from HackRead.com Read the original post: TA544 threat actors hit Italian firms with Ursnif b… Continue reading TA544 threat actors hit Italian firms with Ursnif banking trojan→

Valak Loader Revamped to Rob Microsoft Exchange Servers

Posted on May 28, 2020 by Elizabeth Montalbano

Phishing campaigns targeting enterprises in U.S. and Germany have been used to nab enterprise mailing info, passwords and certificates. Continue reading Valak Loader Revamped to Rob Microsoft Exchange Servers→

Malware-Loader ‘Brushaloader’ Grows More Menacing

Posted on July 23, 2019 by Tom Spring

Dropper malware become more popular as hackers turn to more quiet attack techniques to avoid detection. Continue reading Malware-Loader ‘Brushaloader’ Grows More Menacing→

ThreatList: Top 8 Threat Actors Targeting Canada in 2019

Posted on May 27, 2019 by Lindsey O'Donnell

Bad actors are looking to hit financial and banking firms in Canada with geo-specific campaigns touting malware like Emotet, GandCrab and Ursnif. Continue reading ThreatList: Top 8 Threat Actors Targeting Canada in 2019→

GozNym Banking Malware: Gang Busted, But Is That The End?

Posted on May 20, 2019 by SentinelOne

The GozNym CyberCrime Network has been broken up by Europol, but is this the end for the venerable Gozi family banking malware? It seems unlikely. We explain why.
The post GozNym Banking Malware: Gang Busted, But Is That The End? appeared first on Secu… Continue reading GozNym Banking Malware: Gang Busted, But Is That The End?→

Ursnif – A Polymorphic Delivery Mechanism Explained

Posted on April 3, 2019 by Nick Fox

How can malware rapidly change itself within seconds from one download to another? Read on to discover how Ursnif delivers custom malicious payloads.
The post Ursnif – A Polymorphic Delivery Mechanism Explained appeared first on Security Boulevard.
Continue reading Ursnif – A Polymorphic Delivery Mechanism Explained→

Tricks and COMfoolery: How Ursnif Evades Detection

Posted on March 7, 2019 by Alex Holland

Ursnif is one of the main threats that is effectively evading detection right now (at publication) The dropper uses a COM technique to hide its process parentage WMI is used to bypass a Windows Defender attack surface reduction rule Fast evolution of d… Continue reading Tricks and COMfoolery: How Ursnif Evades Detection→

Fake Court summonses, Judgements, Subpoenas delivering malware

Posted on February 20, 2019 by Myonlinesecurity

Starting Yesterday evening and continuing steadily all day so far today, we saw what was supposed to be a malspam campaign with a lure of court summonses. None of the links I followed actually delivered any malware but did instead lead to a zip file t… Continue reading Fake Court summonses, Judgements, Subpoenas delivering malware→

Phishing Campaign Delivers Nasty Ransomware, Credential-Theft Two-Punch

Posted on January 25, 2019 by Lindsey O'Donnell

A spate of phishing emails with Word attachments deliver both the Gandcrab ransomware and Ursnif executable. Continue reading Phishing Campaign Delivers Nasty Ransomware, Credential-Theft Two-Punch→

Fake Xmas Bonus Payslip delivers Ursnif – Gozi

Posted on December 17, 2018 by Myonlinesecurity

We are still seeing a fairly large Ursnif /Gozi /ISFB campaign hitting the UK again this week. Today we are seeing an Xmas Payslip theme The subjects vary slightly but include Wages December, Salary Payslip, Christmas Payslip, Chrithmas Payslip or si… Continue reading Fake Xmas Bonus Payslip delivers Ursnif – Gozi→