Vietnam-Based Cyber Groups Using Fake Job Postings to Deliver Malware

Oct 24, 2023 4:36:29 PM By Stu Sjouwerman

Several cybercriminal groups based in Vietnam are using fake job postings to trick users into installing malware, according to researchers at WithSecure. The researchers are tracking ...

Phishing Attacks Surge By 173% In Q3, 2023; Malware Threats Soar By 110%

Oct 18, 2023 2:30:05 PM By Stu Sjouwerman

A new report from Vade Secure has found that phishing attacks rose by 173% in the third quarter of 2023, while malware threats have increased by 110%.

Ukrainian Military Targeted in Sophisticated Phishing Attack Using Drone Manuals

Sep 27, 2023 8:00:00 AM By Stu Sjouwerman

Securonix is tracking a phishing campaign that’s targeting the Ukrainian military with malware-laden attachments posing as drone instruction manuals. The threat actor is using Microsoft ...

The International Joint Commission Falls Victim to Ransomware Attack; 80GB Of Data Stolen

Sep 18, 2023 12:04:34 PM By Stu Sjouwerman

The International Joint Commission (ICJ), an organization that handles water issues along the Canada–United States border, was hit by a ransomware attack, the Register reports.

Microsoft Teams Phishing Campaign Distributes DarkGate Malware

Sep 11, 2023 8:55:42 AM By Stu Sjouwerman

Researchers at Truesec are tracking a phishing campaign that’s distributing the DarkGate Loader malware via external Microsoft Teams messages.

Gootloader Malware Uses Social Engineering to Target Law Firms (or their Clients)

Aug 14, 2023 10:56:30 AM By Stu Sjouwerman

Law firms are being targeted by a large number of social engineering attacks involving the Gootloader malware delivery tool, according to researchers at Trustwave.

Bad Actor Uses Fake Android Chat to Install Malware

Aug 2, 2023 8:52:08 AM By Stu Sjouwerman

Researchers at CYFIRMA warn that the Bahamut threat actor is using a malicious Android app to deliver malware.

Phishing Email Attack Numbers “Decline” While Malware Volumes Increase 15%

Jul 27, 2023 2:26:27 PM By Stu Sjouwerman

New data focused on the first half of the year shows some anomalies. Phishing attacks are slowing down… that is, until you dive into the details.

Banking Detail Malvertising Attack Disguises Itself as a Foolproof USPS Google Ad

Jul 14, 2023 8:14:27 AM By Stu Sjouwerman

A new scam aimed at stealing your credit card and banking information has reared its’ ugly head as a completely legitimate ad that is likely to be clicked based on the corresponding ...

BatLoader Malware is Now Distributed in Drive-By Attacks

May 24, 2023 8:52:37 AM By Stu Sjouwerman

Malign persuasion can take many forms. We tend to hear the most about phishing (malicious emails) or smishing (malicious texts). Other threats are also worth some attention, like the risk ...

[Finger on the Trigger] How the FBI Nuked Russian FSB's Snake Data Theft Malware

May 9, 2023 4:43:09 PM By Stu Sjouwerman

The Five Eyes member nations' cybersecurity and intelligence agencies dismantled the infrastructure of the Snake cyber-espionage malware that was operated by Russia's Federal Security ...

Malware Downloads Facilitated by Social Engineering

May 4, 2023 8:28:47 AM By Stu Sjouwerman

The most common route for malware infections remains social engineering in its various forms: phishing, vishing, etc. Such approaches take advantage of users’ deliberately cultivated ...

Stay Ahead of the Game: Protect Yourself From Trojanized Chat Apps Targeting WhatsApp and Telegram Users

Mar 27, 2023 8:00:00 AM By Javvad Malik

It seems that once again bad actors have found a new way to infect our devices with malware. This time, they are using a devious little trick to spread trojanized versions of popular chat ...

Use of Malware Decreases in Cyber Attacks as Exploit Usage Skyrockets

Mar 10, 2023 9:46:12 AM By Stu Sjouwerman

New data on cyberattacks from last quarter provides a lens of what kinds of attack techniques to expect to see from cyber attackers this year.

Microsoft OneNote Attachments Become the Latest Method to Spread Malware

Jan 31, 2023 3:04:16 PM By Stu Sjouwerman

With Microsoft disabling macros by default on Office documents, cybercriminals are left needing another means to launch malware that’s victim-supported by default.

[Security Masterminds] Breaking It Down to Bits & Bytes: Analyzing Malware To Understand the Cybercriminal

Jan 25, 2023 10:50:54 AM By James McQuiggan

In our latest episode of Security Masterminds, we have the pleasure of interviewing Roger Grimes, Data-Driven Defense Evangelist for KnowBe4, who has held various roles throughout his ...

QBot Malware Attacks Use SVG files to Perform HTML Smuggling

Dec 27, 2022 9:20:16 AM By Stu Sjouwerman

QBot malware phishing campaigns have adopted a new distribution method using SVG files to perform HTML smuggling that locally creates a malicious installer for Windows.

Microsoft Warns of Signed Drivers Being Used to Terminate AV and EDR Processes

Dec 22, 2022 4:17:28 PM By Stu Sjouwerman

The malicious abuse of several developer program accounts in Microsoft’s Windows Hardware Developer Program allowed threat actors to have malware evade detection.

New Polymorphic Wiper Malware Leaves Attacked Environments “Unrecoverable”

Dec 22, 2022 9:44:21 AM By Stu Sjouwerman

As an apparent method of political commentary on the war in Ukraine, the new Azov wiper uses a mix of intermittent overwriting and trojanizing Windows binaries to annihilate its’ victims.

XLL Files Used to Deliver Malware

Dec 21, 2022 8:59:29 AM By Stu Sjouwerman

Attackers are using XLL files to embed malicious code in Office documents, according to researchers at Cisco Talos. Microsoft is phasing out the ability to execute VBA macros in Office ...

Security Awareness Training Blog

Malware Blog

View Topics

Vietnam-Based Cyber Groups Using Fake Job Postings to Deliver Malware

Phishing Attacks Surge By 173% In Q3, 2023; Malware Threats Soar By 110%

Ukrainian Military Targeted in Sophisticated Phishing Attack Using Drone Manuals

The International Joint Commission Falls Victim to Ransomware Attack; 80GB Of Data Stolen

Microsoft Teams Phishing Campaign Distributes DarkGate Malware

Gootloader Malware Uses Social Engineering to Target Law Firms (or their Clients)

Bad Actor Uses Fake Android Chat to Install Malware

Phishing Email Attack Numbers “Decline” While Malware Volumes Increase 15%

Banking Detail Malvertising Attack Disguises Itself as a Foolproof USPS Google Ad

BatLoader Malware is Now Distributed in Drive-By Attacks

[Finger on the Trigger] How the FBI Nuked Russian FSB's Snake Data Theft Malware

Malware Downloads Facilitated by Social Engineering

Stay Ahead of the Game: Protect Yourself From Trojanized Chat Apps Targeting WhatsApp and Telegram Users

Use of Malware Decreases in Cyber Attacks as Exploit Usage Skyrockets

Microsoft OneNote Attachments Become the Latest Method to Spread Malware

[Security Masterminds] Breaking It Down to Bits & Bytes: Analyzing Malware To Understand the Cybercriminal

QBot Malware Attacks Use SVG files to Perform HTML Smuggling

Microsoft Warns of Signed Drivers Being Used to Terminate AV and EDR Processes

New Polymorphic Wiper Malware Leaves Attacked Environments “Unrecoverable”

XLL Files Used to Deliver Malware

Search Our Blog

Subscribe To Our Blog

Posts By Topic

Get the latest about social engineering

Subscribe to CyberheistNews

Get the latest about social engineering

Subscribe to CyberheistNews

Products & Services

About Us

Free Tools

Contact Us

Contact Support

Search