Malware October 26, 2017 Ursnif Campaign Waves Breaking on Japanese Shores 5 min read - The Ursnif banking Trojan began targeting financial institutions in Japan during Q3 2017 and continues to operate in the region as we enter Q4.
October 23, 2017 Banking Trojan Uses Malware Macros to Evade Sandbox Detection 2 min read - Security researchers observed a spam campaign that leverages PowerShell's AutoClose feature to deliver a banking Trojan while eluding sandbox detection.
October 19, 2017 Necurs Downloader Takes Screen Grabs to Improve Ransomware Attacks 2 min read - The cybercriminals behind the Necurs botnet are now taking screenshots of victims' machines to improve the performance of ransomware attacks.
Malware October 16, 2017 Diving Into Zberp’s Unconventional Process Injection Technique 8 min read - IBM X-Force Research discovered a new variant of Zberp that evades API threat detection tools using a code injection technique it borrowed from Carberp.
Malware October 11, 2017 TrickBot Takes to Latin America, Continues to Expand Its Global Reach 4 min read - The cybergang operating the TrickBot banking Trojan were unusually active over the summer, launching new campaigns in Latin America and updating its code.
October 10, 2017 What the Shell? New Security Breach Uses CHM Files to Cover Banking Trojans 2 min read - A new banking Trojan is using old PowerShell tricks to hide its activity from detection tools by continually launching malicious CHM files.
October 3, 2017 Cybercriminals Use Legitimate VMware Binary to Create New Malware Threat 2 min read - Cisco Talos discovered a new banking Trojan that exploits an authentic VMware binary to hide its malicious activities from security researchers.
September 20, 2017 New Banking Malware Poses Fresh Risk to Android Users 2 min read - A new banking malware called Red Alert 2.0 poses a significant threat to Android users. The Trojan leverages third-party apps to steal data.
Malware September 12, 2017 Brazilian Malware Client Maximus: Maximizing the Mayhem 5 min read - A new, upgraded version of remote access malware Client Maximus points to the growing sophistication of cybercriminals in Brazil.
September 12, 2017 Facebook’s CDN Enables Security Breaches Targeting Brazilian Users 2 min read - A malware group is using Facebook's CDN servers to store malicious files that it later uses as a vehicle for security breaches targeting Brazilian users.