Written By David Bisson

Sednit Threat Group Adds Delphi Dropper and Mail Downloader to Zebrocy Toolset

Security researchers observed the Sednit threat group distributing Zebrocy malware using a Delphi dropper and mail downloader.

Threat Actors Use Malspam Campaign to Target Italian Users With sLoad Downloader

Security researchers identified a malspam campaign targeting Italian users with a variant of the sLoad downloader.

Thanksgiving Spam Campaign Use Obfuscation to Deliver Emotet Banking Trojan

Bad actors recently launched a Thanksgiving-themed spam campaign that used obfuscation to deliver the Emotet banking Trojan.

Sofacy Group Targets Government Organizations With New Cannon Trojan

The Sofacy group recently targeted several government organizations around the world with the new Cannon Trojan.

Two Attack Campaigns Infect Brazilian Financial Institution Customers With Banking Trojans

Security researchers recently identified two malware distribution campaigns that infect customers of Brazilian financial institutions with banking Trojans.

TA505 Threat Group Distributes Previously Undocumented tRat Remote Access Trojan

Researchers observed the TA505 threat group spreading a previously undocumented remote access Trojan (RAT) called tRaT.

Outlaw Threat Group Using Perl Shellbot to Target Enterprise IoT Devices

A group of threat actors known as Outlaw is using a Perl Shellbot to breach enterprise IoT devices.

New Ransomware Strain Evades Detection by All but One Antivirus Engine

A new strain of Dharma ransomware is able to evade detection by nearly all of the antivirus solutions on the market.

New Cobalt Gang PDF Attack Avoids Traditional Static Analysis Tools

A PDF attack campaign conducted by the Cobalt Gang used a specially crafted document to evade dection by static analysis tools.

Enterprises Using IaaS or PaaS Have 14 Misconfigured Instances on Average, Cloud Adoption Study Finds

A cloud adoption report found that companies that deploy infrastructure-as-a-service (IaaS) or platform-as-a-service (PaaS) have an average of 14 misconfigured instances running at a given time.