April 29, 2019

Latest Emotet Variant Wielding Connected Devices as First-Layer C&C Servers

2 min read - A new variant of the Emotet banking malware is using compromised connected devices as first-layer command-and-control (C&C) servers.

April 29, 2019

New TA505 Phishing Campaign Using LOLBins to Distribute Backdoor Malware

2 min read - A threat actor known as TA505 recently launched a phishing campaign that uses living-of-the-land binaries (LOLBins) to distribute a new backdoor malware.

April 2, 2019

New Gustuff Android Trojan Capable of Targeting More Than 100 Banking Apps

2 min read - Researchers detected a new Android Trojan called Gustuff that is capable of targeting more than 100 mobile banking apps.

March 13, 2019

Threat Actor Targets Japanese Users With New Ursnif Variant

2 min read - Security researchers discovered an attack campaign targeting Japanese users with a new variant of Ursnif banking malware.

March 6, 2019

Fileless Malware Targeting Brazilian and Thai Bank Customers With Multiple Threats

2 min read - Security researchers discovered a new fileless malware strain targeting bank customers in Brazil and Thailand with a hack tool and at least two infostealers.

March 4, 2019

Attack Campaign Targets Organizations Worldwide With New Qbot Banking Malware Variant

2 min read - Security researchers spotted a new attack campaign that's targeting organizations in several countries with a new variant of Qbot banking malware.

February 27, 2019

New Golang Brute-Forcer Targeting E-Commerce Sites to Steal Personal and Payment Data

2 min read - Researchers discovered new Trojan malware written in Golang that's targeting e-commerce websites with brute-force attacks.

February 13, 2019

Malicious Windows EXE Files Infect macOS Users With Infostealers and Adware

2 min read - Security researchers discovered several Microsoft Windows EXE files using malicious payloads to infect macOS users with infostealers and adware.

Malware February 6, 2019

IcedID Operators Using ATSEngine Injection Panel to Hit E-Commerce Sites

8 min read - The X-Force research team investigated the IcedID Trojan's two-step injection attack that enables it to steal access credentials and payment card data from e-commerce customers in North America.

February 5, 2019

Attack Campaign Targets Linux Servers to Install New SpeakUp Trojan

2 min read - Security researchers observed an attack campaign that is targeting Linux servers to install samples of the new SpeakUp Trojan.