Collaborate Disseminate
What’s in the Name: Call it IcedID or TrickBot? Tell that to a security researcher (Arsh Arora in this case) and watch them RANT
(Gar-note: today’s blog post is a guest blog from malware analyst, Arsh Arora…)
Today’s post starts w… Continue reading TrickBot: New Injects, New Host
The last several days have seen a surge in internet traffic mimicking the IP addresses of big U.S. banks in a possible effort to disrupt the cybersecurity personnel and products that help protect them, according to GreyNoise Intelligence, a company that maps internet traffic. Bank of America, JPMorgan Chase, and SunTrust are among the banks whose IP addresses are being spoofed to seem like they are conducting broad scans of the internet, GreyNoise said. That large-scale scanning is duping people into thinking that the IP addresses are malicious, GreyNoise founder Andrew Morris told CyberScoop. “There are a lot of people around the internet who are definitely convinced that these are bad IPs,” he said. Threat intelligence teams in the U.S. financial sector are looking into the issue, sources told CyberScoop. Morris said the volume of traffic is too low to be a distributed denial-of-service attack. Instead, he suggested, a bad […]
The post Someone is spoofing big bank IP addresses – possibly to embarrass security vendors appeared first on CyberScoop.
Continue reading Someone is spoofing big bank IP addresses – possibly to embarrass security vendors
This example is today’s latest spoof or imitation of a well-known company, bank or public authority delivering Trickbot banking Trojan. The email with the subject of “FW: Updated Account Transactions ” pretends to come from somebody named … Continue reading Trickbot via fake Bank of America Merrill Lync “FW: Updated Account Transactions “
A bit of a change with the Trickbot delivery system with this example. Instead of directly attaching a malicious macro enabled word doc or other Microsoft Office file to the email, it instead has a html attachment and a link in the email body that whe… Continue reading Trickbot via Fake Bank Of America Secure Message
An email with the subject of Secure email message pretending to come from Bank of America but actually coming from a look-a-like domain Bank of America <message@bofamsg.com> or Bank of America <message@bofa-msg.com> with a malicious word doc attachment is today’s latest spoof of a well known company, bank or public … Continue reading → Continue reading Fake Bank of America Secure Message delivers Trickbot banking Trojan
An email with the subject of The wire request is unsuccessful! pretending to come from Billing Support using random senders & email addresses with a malicious word doc attachment delivers Chthonic banking trojan They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. … Continue reading → Continue reading Fake Bank of America The wire request is unsuccessful! malspam delivers Chthonic banking Trojan
An email with the subject of The wire request is unsuccessful! pretending to come from Billing Support using random senders & email addresses with a malicious word doc attachment delivers Chthonic banking trojan They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. … Continue reading → Continue reading Fake Bank of America The wire request is unsuccessful! malspam delivers Chthonic banking Trojan
Security experts, vendors, business and the NSA are developing a standardized language that rather than autonomously understands threats, acts on them. Continue reading NSA-Backed OpenC2.org Aims to Defend Systems at Machine Speed
The process of buying or selling a home can be extremely stressful and complex, but imagine the stress that would boil up if — at settlement — your money was wired to scammers in another country instead of to the settlement firm or escrow company. Here’s the story about a phishing email that cost a couple their home and left them scrambling for months to recover hundreds of thousands in cash that went missing.
It was late November 2016, and Jon and Dorthy Little were all set to close on a $200,000 home in Hendersonville, North Carolina. Just prior to the closing date on Dec. 2 their realtor sent an email to the Little’s and to the law firm handling the closing, asking the settlement firm for instructions on wiring the money to an escrow account. Continue reading Blind Trust in Email Could Cost You Your Home
It always pays to train a wary eye on your text messages, as conniving phishers don’t always stick to the tried and tested route of email scams. We take a look at a pair of SMS phishes sent directly to a mobile device – if you bank with Wells Fargo or … Continue reading Avoid: BofA, Wells Fargo SMS Phishing