TA505 Delivers New Gelup Malware Tool, FlowerPippi Backdoor Via Spam Campaign
Researchers observed the TA505 threat group using spam campaigns to deliver two new payloads: the Gelup malware tool and the FlowerPippi backdoor.
How to Fight Back Against Macro Malware
Per X-Force IRIS, at least 22 percent of reported campaigns in April 2019 delivered macro malware. What methods can defenders leverage to help detect malicious macro activity?
Aggah Campaign Using Bit.ly, BlogSpot and Pastebin to Distribute RevengeRAT
Researchers spotted the operators of the Aggah campaign exploiting Bit.ly, BlogSpot and Pastebin to spread variants of the RevengeRAT malware in the Middle East, Asia, Europe and the U.S.
New Macro Downloaders Use PUB Files to Compromise Food and Retail Companies
New macro downloaders are sandwiching spam and .PUB files to compromise businesses in the food and retail sector.
TA505 Threat Group Distributes Previously Undocumented tRat Remote Access Trojan
Researchers observed the TA505 threat group spreading a previously undocumented remote access Trojan (RAT) called tRaT.
New Cobalt Gang PDF Attack Avoids Traditional Static Analysis Tools
A PDF attack campaign conducted by the Cobalt Gang used a specially crafted document to evade dection by static analysis tools.
NARWHAL SPIDER Uses Steganography to Deliver URLZone Malware in Cutwail Spam Campaign
A new Cutwail spam campaign is leveraging steganography — hiding data within images — to compromise devices and download URLZone.
Latest Version of TrickBot Malware Uses Macro-Enabled Word Documents to Deliver New Stealth Code Injection
The latest version of TrickBot malware leverages malicious macros to deliver stealthy code injection, fool users and compromise computers.
AppleJeus Trojan Targets Both Windows and MacOS in Attack Against Cryptocurrency Exchange
A recent attack against a cryptocurrency exchange planted a Trojan that spread across both Windows and MacOS machines to steal information and digital coins, according to security researchers.
Spammers Target Financial Institutions With IQY Files That Conceal New Downloader Malware
Spammers are targeting financial institutions using Excel Web Query (IQY) files that conceal a new downloader malware, according to security researchers.