TrickBot Continues Resurgence with Port-Scanning Module
The infamous malware has incorporated the legitimate Masscan tool, which looks for open TCP/IP ports with lightning-fast results.
The TrickBot trojan is continuing its bounce-back from an autumn takedown, recently...
Emotet Takedown Disrupts Vast Criminal Infrastructure; NetWalker Site Offline
Hundreds of servers and 1 million Emotet infections have been dismantled globally, while authorities have taken NetWalker’s Dark Web leaks site offline and charged a suspect.
UPDATE
The virulent malware known...
Emotet’s Takedown: Have We Seen the Last of the Malware?
A week after law enforcement agencies said they took down Emotet, there has been no sign of the prolific malware.
Sherrod DiGrippo, senior director of threat research and detection with...
Tiny Kobalos Malware Bedevils Supercomputers to Steal Logins
The sophisticated backdoor steals SSH credentials for servers in academic and scientific high-performance computing clusters.
A tiny-sized malware that packs a big punch has been targeting supercomputers, especially those used...
Lazarus Affiliate ‘ZINC’ Blamed for Campaign Against Security Researcher
New details emerge of how North Korean-linked APT won trust of experts and exploited Visual Studio to infect systems with ‘Comebacker’ malware.
Microsoft has attributed a recently discovered campaign...
Hezbollah-Linked Lebanese Cedar APT Infiltrates Hundreds of Servers
Enhanced Explosive RAT and Caterpillar tools are at the forefront of a global espionage campaign.
Advanced persistent threat (APT) group Lebanese Cedar has compromised at least 250 public-facing servers since...
Rocke Group’s Malware Now Has Worm Capabilities
The Pro-Ocean cryptojacking malware now comes with the ability to spread like a worm, as well as harboring new detection-evasion tactics.
Researchers have identified an updated malware variant used by...
Cleaning up after Emotet: the law enforcement file
Following global law enforcement action to take over the Emotet botnet, a special update is being sent to clean up infected machines.
This blog post was authored by Hasherezade...
Mimecast Confirms SolarWinds Hack as List of Security Vendor Victims Snowball
A growing number of cybersecurity vendors like CrowdStrike, Fidelis, FireEye, Malwarebytes, Palo Alto Networks and Qualys are confirming being targeted in the espionage attack.
The Mimecast certificate compromise reported earlier...
Cryptojacking malware targeting cloud apps gets new upgrades, worming capability
By:
Derek B. Johnson
A piece of cryptojacking malware with a penchant for targeting the cloud has gotten...
