Our lives are increasingly digital. We shop, socialize, communicate, watch TV and play games — all from the comfort of our desktop, laptop, or mobile device. But to access most of these services we need to hand over some of our personal data. Whether it’s just our name and email address or more sensitive information… Continue reading Hackers Are After Your Personal Data – Here’s How to Stop Them
Month: June 2019
This Week in Security News: Spam Campaigns and Cryptocurrency Miners
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about advanced targeted attack tools being used to distribute cryptocurrency miners as well as a spam campaign targeting European users. Read on: Advanced Targeted Attack Tools… Continue reading This Week in Security News: Spam Campaigns and Cryptocurrency Miners
AESDDoS Botnet Malware Infiltrates Containers via Exposed Docker APIs
By David Fiser, Jakub Urbanec and Jaromir Horejsi Misconfiguration is not novel. However, cybercriminals still find that it is an effective way to get their hands on organizations’ computing resources to use for malicious purposes and it remains a top security concern. In this blog post, we will detail an attack type where an API… Continue reading AESDDoS Botnet Malware Infiltrates Containers via Exposed Docker APIs
Advanced Targeted Attack Tools Found Being Used to Distribute Cryptocurrency Miners
by Cedric Pernet, Vladimir Kropotov, and Fyodor Yarochkin Regular cybercriminals appear to be taking a page from targeted attack actors’ playbooks — or rather, toolkits — to maximize their profits from illicit activities like cryptojacking. One of the differences between regular cybercrime and targeted attacks is intent: The former will almost always have immediate financial… Continue reading Advanced Targeted Attack Tools Found Being Used to Distribute Cryptocurrency Miners
Shifting Tactics: Breaking Down TA505 Group’s Use of HTML, RATs and Other Techniques in Latest Campaigns
by Hara Hiroaki and Loseway Lu (Threats Analysts) TA505 is a prolific cybercriminal group known for its attacks against multiple financial institutions and retail companies using malicious spam campaigns and different malware. We have been following TA505 closely and detected various related activities for the past two months. In the group’s latest campaign, they started… Continue reading Shifting Tactics: Breaking Down TA505 Group’s Use of HTML, RATs and Other Techniques in Latest Campaigns
MuddyWater Resurfaces, Uses Multi-Stage Backdoor POWERSTATS V3 and New Post-Exploitation Tools
By Daniel Lunghi and Jaromir Horejsi We found new campaigns that appear to wear the badge of MuddyWater. Analysis of these campaigns revealed the use of new tools and payloads, which indicates that the well-known threat actor group is continuously developing their schemes. We also unearthed and detailed our other findings on MuddyWater, such as… Continue reading MuddyWater Resurfaces, Uses Multi-Stage Backdoor POWERSTATS V3 and New Post-Exploitation Tools
This Week in Security News: Gray Alerts and Wormable Malware
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the new wormable malware that’s dropping a Monero miner in web servers, networks and removable drivers. Also, read about the best ways for businesses to… Continue reading This Week in Security News: Gray Alerts and Wormable Malware
WiFi Protection in Public Places
WiFi Internet has added much convenience to our daily lives, with its easy accessibility in public places such as restaurants, hotels, and cafes; malls, parks, and even in airplanes, where we can connect online for faster transactions and communication. Like any online technology, however, it’s vulnerable to hacker abuse, posing potential threats to you and… Continue reading WiFi Protection in Public Places
Monero-Mining Malware PCASTLE Zeroes Back In on China, Now Uses Multilayered Fileless Arrival Techniques
Abusing PowerShell to deliver malware isn’t new; it’s actually a prevalent technique that many fileless threats use. We regularly encounter these kinds of threats, and Trend Micro behavior monitoring technology proactively detects and blocks them. We have smart patterns, for instance, that actively detect scheduled tasks created by malicious PowerShell scripts. We also have network… Continue reading Monero-Mining Malware PCASTLE Zeroes Back In on China, Now Uses Multilayered Fileless Arrival Techniques
BlackSquid Slithers Into Servers and Drives With 8 Notorious Exploits to Drop XMRig Miner
By Johnlery Triunfante An unpatched security flaw that gets successfully exploited is one thing. But eight exploits that can stealthily and simultaneously get through your businesses’ assets and data and your customers’ information are quite another. We found a new malware family that targets web servers, network drives, and removable drives using multiple web server… Continue reading BlackSquid Slithers Into Servers and Drives With 8 Notorious Exploits to Drop XMRig Miner