Threat Intelligence October 25, 2017 Threat Intelligence: A Tear-Free Solution to Help SOC Analysts Prepare for the Next WannaCry 2 min read - An effective threat intelligence solution enables analysts to address, track and investigate advanced attacks such as WannaCry ransomware.
October 24, 2017 Locky Ransomware Attacks Exploit Microsoft DDE to Increase Effectiveness 2 min read - The cybercriminals behind Locky ransomware have adopted a new DDE hijacking technique to infect as many victims as possible while evading detection.
October 24, 2017 Reaping the Benefit? New Botnet Exploits IoT Security Flaws 2 min read - The new IoT_Reaper botnet has already compromised more than 2 million devices by exploiting existing IoT security flaws.
October 23, 2017 Banking Trojan Uses Malware Macros to Evade Sandbox Detection 2 min read - Security researchers observed a spam campaign that leverages PowerShell's AutoClose feature to deliver a banking Trojan while eluding sandbox detection.
October 19, 2017 Necurs Downloader Takes Screen Grabs to Improve Ransomware Attacks 2 min read - The cybercriminals behind the Necurs botnet are now taking screenshots of victims' machines to improve the performance of ransomware attacks.
October 16, 2017 No Macros? No Problem for New Malware Attack 2 min read - Security researchers discovered a new malware attack that exploits Dynamic Data Exchange, an outdated Office feature, to infect corporate devices.
Malware October 16, 2017 Diving Into Zberp’s Unconventional Process Injection Technique 8 min read - IBM X-Force Research discovered a new variant of Zberp that evades API threat detection tools using a code injection technique it borrowed from Carberp.
October 12, 2017 Cybercrime Group FIN7 Takes Phishing Attacks to the Next Level 2 min read - A cybergang known as FIN7 has been using OLE command files to spread its malware and identify potential victims for additional phishing attacks.
Malware October 11, 2017 TrickBot Takes to Latin America, Continues to Expand Its Global Reach 4 min read - The cybergang operating the TrickBot banking Trojan were unusually active over the summer, launching new campaigns in Latin America and updating its code.
October 10, 2017 What the Shell? New Security Breach Uses CHM Files to Cover Banking Trojans 2 min read - A new banking Trojan is using old PowerShell tricks to hide its activity from detection tools by continually launching malicious CHM files.