+1.813.321.0987

InfoSec Articles (05/10/21- 05/24/21)

May 24, 2021 | Archive

In the past two weeks of May, we noticed that the whole world is susceptible to cyber-attacks and even banks. Bizarro is another family of banking Trojans originating in Brazil that is now found in other regions of the world. In addition, fake Android and iOS apps...

InfoSec Articles (04/26/21 – 05/10/21)

May 10, 2021 | Archive

At the end of April and the first week of March, we realized that cyberattacks do not rest, recently the Cybereason Nocturnus team responded to several incident response (IR) cases involving Prometei Botnet infections against companies in North AmericaFor more...

InfoSec Articles (04/12/21 – 04/26/21)

Apr 26, 2021 | Archive

In the second half of April, we noticed a growing wave of cyber attacks Microsoft threat analysts have been tracking activity where contact forms published on websites are abused to deliver malicious links. For more articles, check out our #onpatrol4malware blog....

InfoSec Articles (03/29/21 – 04/12/21)

Apr 13, 2021 | Archive

In this first half of April, we noticed that cyber threats are spreading all over the world and involve major investigations. This new threat, which we’ve named Janeleiro, attempts to deceive its victims with pop-up windows designed to look like the websites of some...

InfoSec Articles (03/15/21 – 03/29/21)

Mar 29, 2021 | Archive

In this second half of March, we observed an interesting email campaign by a threat actor we track as TA800. They distributed a new malware we are calling NimzaLoader. Also, another ransomware gang has started to target vulnerable Exchange servers with another...

InfoSec Articles (03/01/21 – 03/15/21)

Mar 15, 2021 | Archive

In the first half of March, we recently observed a new series of Microsoft-themed phishing attacks. Also, with ransomware becoming the most significant cybersecurity threat faced by organizations, we found a distinct shift in the cyber threat landscape.   ...

InfoSec Articles (02/15/21 – 03/01/21)

Mar 1, 2021 | Archive

In the last two weeks’ worth of infosec articles, we saw a lot of writing about APT activities and even a phishing attack method that uses Morse code to disguise malicious URLs. The Lookout article about the Confucious APT’s Android Spyware includes an...

InfoSec Articles (01/31/21 – 02/14/21)

Feb 14, 2021 | Archive

Onto the 2nd month of 2021, and we have seen supply-chain attacks, phishing campaigns, botnets, and ransomware such as the HelloKitty ransomware. CD Project disclosed that they were the target of HelloKitty ransomware attack that encrypted devices on their network and...

InfoSec Articles (01/16/21 – 01/30/21)

Jan 30, 2021 | Archive

On to the end of January and we’re seeing banking malware such as Vadokrist and many others. Vadokrist is written in Delphi and has an unusually large amount of unused code in the binaries. It is believed that this is an attempt to evade detection and dissuade...

InfoSec Articles (01/01/21 – 01/15/21)

Jan 15, 2021 | Archive

On to a new year, but it’s still good to review some malware such as APT37 to help us understand more about cybercrimes. APT37 is associated with an attack that embeds macro that uses a VBA self decoding technique to decode itself within the memory spaces of MS...

InfoSec Articles (12/17/20 – 12/31/20)

Dec 31, 2020 | Archive

On to the last day of the controversial year, cybercrime is still rife, as the attack activities of the Quasar Family. Quasar is an open-source RAT with a variety of functions. This is easy to use and therefore exploited by several APT actors. Learn more in this batch...

InfoSec Articles (12/02/20 – 12/16/20)

Dec 16, 2020 | Archive

A week before Christmas, cryptocurrency mining botnet PGMiner is showing smarter ways to hack into a victim’s machine. At its core, PGMiner attempts to connect to the mining pool for Monero mining. Learn more on this and other malware in this batch of InfoSec...

InfoSec Articles (11/17/20 – 12/01/20)

Dec 1, 2020 | Archive

On to the start of the last month of the year and just around Thanksgiving, cyber crimes are still rampant. Even GoDaddy was also a victim of a scam using voice phishing or vishing. The scam shows how vishing can be more deceptive than email schemes. Learn more about...

InfoSec Articles (11/02/20 – 11/16/20)

Nov 16, 2020 | Archive

Several cases were observed where DLL side-loading was used to execute the malicious code. Side-loading is the use of a malicious DLL spoofing a legitimate one, relying on legitimate Windows executables. Learn more on this and other news in this batch of InfoSec...

InfoSec Articles (10/18/20 – 11/01/20)

Nov 1, 2020 | Archive

Upon entering the second to the last month of the year, there are a lot of botnets, banking malware, and malware making the news. But one that stands out is Kimsuky. Kimsuky uses various spearphishing and social engineering methods to obtain Initial Access to victim...

InfoSec Articles (10/03/20 – 10/17/20)

Oct 17, 2020 | Archive

There has been a lot of RATs as well as botnets lately, such as HEH. HEH Botnet is spreading through brute force of the Telnet service on ports 23/2323. The bot does not really care of what the end devices are, as long as it can enter the device, it will try its luck...

InfoSec Articles (09/18/20 – 10/02/20)

Oct 2, 2020 | Archive

One of the common malware being reported nowadays is the Remote Access Trojan or RAT, such as the LodaRAT. Written in Autolt, LodaRAT not only have abandoned their usual obfuscation techniques, but several functions have also been rewritten and new functionality has...

InfoSec Articles (09/03/20 – 09/17/20)

Sep 17, 2020 | Archive

With almost everything being done online, cybercriminals were able to develop Baka skimmer to perform their goals. Baka skimmer has a sophisticated design intended to circumvent detection by security tools. Read more about it and the latest cybersecurity news in this...

InfoSec Articles (08/19/20 – 09/02/20)

Sep 2, 2020 | Archive

This batch of the most recent infosec articles from around the web, includes an evolution analysis of Transparent Tribe. In the last four years, Transparent Tribe has never taken time off. They continue to hit their targets, which typically are Indian military and...

InfoSec Articles (08/04/20 – 08/18/20)

Aug 18, 2020 | Archive

Lots of malware have been creating cybercrime, but the old Agent Tesla uses new tricks to be able to stay on top. The Agent Tesla RAT has become one of the most prevalent malware families, being seen in more attacks than even TrickBot or Emotet and only slightly fewer...

InfoSec Articles (07/20/20 – 08/03/20)

Aug 3, 2020 | Archive

We have now come into a new month, and this set of InfoSec articles discusses how some specific malware operates. One of these is the Evilnum malware which was previously seen in attacks against financial technology companies. Read on and learn more in this batch of...

InfoSec Articles (07/05/20 – 07/19/20)

Jul 19, 2020 | Archive

Onto the second half of 2020, and a lot of trojans are actively upping their game to spread banking malware. One of these is Trojan Cerberus which disguised itself as a genuine app in order to access the banking details of unsuspecting users. Protect yourself by...

InfoSec Articles (06/20/20 – 07/04/20)

Jul 4, 2020 | Archive

The latter half of the year has already begun, and cybercrimes show no signs of stopping. Just like how they’re using Cobalt Strike to deploy Anchor backdoor and RYUK ransomware. Be vigilant and learn more about these digital attacks in this batch of InfoSec...

InfoSec Articles (06/05/20 – 06/19/20)

Jun 19, 2020 | Archive

Ransomware and malware, such as GuLoader, have been very active in campaigns against security. GuLoader is used to deliver malware with the help of cloud services such as Google Drive. The delivery of malware through cloud drives is one of the fastest-growing trends...

InfoSec Articles (05/21/20 – 06/04/20)

Jun 4, 2020 | Archive

Half of 2020 is here and malware such as Mylobot, ComRAT, and the likes have also upgraded their game. Mylobot has the ability to download and execute any type of payload after it infects a host. Learn more in this batch of InfoSec articles. For more articles, check...

InfoSec Articles (05/06/20 – 05/20/20)

May 20, 2020 | Archive

Ransomware has topped this InfoSec articles. One of which is the Netwalker ransomware. This involves malware that is not compiled but written in PowerShell and executed directly in memory and without storing the actual ransomware binary into the disk. Read more on...

InfoSec Articles (04/21/20 – 05/05/20)

May 5, 2020 | Archive

Among the cybercrime known to us, EventBot seems to be a real threat among many users. EventBot is targeting financial applications and steal SMS messages to allow malware to bypass two-factor authentication. Keep reading to find out more security news. For more...

DoH! Not so great to the Enterprise

Apr 28, 2020 | Malware Patrol Services

DoH, or DNS over HTTPS (RFC 8484), is a relatively new protocol that provides increased privacy and security. It does this by encrypting DNS queries and responses, which prevents eavesdropping and man-in-the-middle attacks. Instead of using a regular DNS resolver,...

InfoSec Articles (04/06/20 – 04/20/20)

Apr 20, 2020 | Archive

xHelper, together with other malware and threat attacks, have added to the concerns of Android users. Read about this threat and more in the latest security industry news below. For more articles, check out our #onpatrol4malware blog. AZORult brings friends to the...

InfoSec Articles (03/22/20 – 04/05/20)

Apr 6, 2020 | Archive

Cyber attacks, phishing, stalkerware, and malware such as Emissary Panda, have been rampant. They’re taking advantage of the vulnerabilities in organizations and even governments. Keep reading to find out more security news. For more articles, check out our...

InfoSec Articles (03/07/20 – 03/21/20)

Mar 22, 2020 | Archive

A lot of info stealer, malware campaigns, and scams have taken advantage of the COVID-19 pandemic. Coronavirus has posts threat not only in the physical world, but also in the digital world. For more articles, check out our #onpatrol4malware blog. Multiple...

Newly Registered Domains Related to COVID-19

Mar 12, 2020 | Malware, Phishing

The current outbreak of the COVID-19 created a perfect scenario for all sorts of scammers to monetize through fear, false promises and fraud. Since the beginning of March, tens of thousands of new domains have been registered using the terms “corona”,...

InfoSec Articles (02/21/20 – 03/06/20)

Mar 7, 2020 | Archive

Infodemic is happening now to our world. The leverage of the current physical threat, the CoronaVirus, is being used as a social engineering trick to infect the cyber world. Be informed and read on these interesting and useful articles we have gathered. For more...

InfoSec Articles (02/06/20 – 02/20/20)

Feb 21, 2020 | Archive

The industry saw lot of phishing and smishing in the second month of 2020. Most of this was related to the coronavirus epidemic. Read some of the most interesting and useful infosec articles from early February. For more articles, check out our #onpatrol4malware blog....

InfoSec Articles (01/22/20 – 02/05/20)

Feb 7, 2020 | Archive

Entering into the second month of the year, there’s more information about the various groups that are using the Golden Chicken Malware-as-a-Service. In addition, there’s a lot of malware now in action to get a hold of confidential details related to the...