KnowBe4

Security Awareness Training Blog

Malware Blog

Covering the latest malware threats affecting software, hardware, cloud networks, etc. Keeping you informed so you can keep your users safe.

DNSpionage Malware Targets Domains in Lebanon and United Arab Emirates

A new threat actor is targeting Lebanon and United Arab Emirates (UAE) government domains, as well as a Lebanese airline company, according to Warren Mercer and Paul Rascagneres at Cisco ...
Continue Reading

Malware Targets 67 Online Brands Ahead of Black Friday

14 malware families have been discovered as part of an elaborate scam aimed at users shoppers of major e-commerce sites looking for pre-Black Friday deals. We’re all gearing up for some ...
Continue Reading

[Heads-up] Now In The Wild: New Super Evil Rootkit Survives Even "Nuke From Orbit" And HD Swap

This thing is a nightmare that escaped into daylight. The Russian GRU—aka Fancy Bear—probably was riveted reading the Wikileaks CIA Vault 7 UEFI Rootkit docs (PDF) and built one of these ...
Continue Reading

Microsoft Office Macros Remain Top Choice for Malware Delivery

Microsoft Office documents containing malicious macros accounted for 45 percent of malware loaders in August 2018, according to a blog post by Cofense. These macros were used to deliver a ...
Continue Reading

Bad guys use Google's Golang to cross-compile multi-platform malware

Here is the bad news: The use of Google's Golang (also called Go) programming language allows attackers to cross-compile malware for use on multiple platforms, making potential attacks on ...
Continue Reading

North Korea Brings Light to a “Cool” Way to Spread Malware

In the midst of all the political talk about the recent summit between the United States and North Korea, one particular gift caught the eye of security experts.
Continue Reading

They’re Trying to Run Malicious Code (And You’re Letting Them!)

According to a new threat report from security vendor eSentire, 91% of endpoint incidents involve files that won’t be defeated/blocked/removed by anti-malware solutions.
Continue Reading

Ad Network Uses Advanced Malware Technique To Conceal Cryptojacking Ads

I blogged a few days ago about a method to embed a crypto-mining script in a Word doc. Turns out an ad network has done an even better job! Arstechnica wrote: "Domain-name algorithms are ...
Continue Reading

KillDisk Fake Ransomware Hits Financial Firms in Latin America

  A new version of the KillDisk disk-wiping malware has hit companies in the financial sector in Latin America, Trend Micro reported yesterday. Just like previous versions, KillDisk ...
Continue Reading

Skeleton in the closet: 17-year old MS office flaw allows malware install when user opens file

Here is a new pain in the neck! Fix this one ASAP. While the world is still dealing with the threat of 'unpatched' Microsoft Office's built-in DDE feature, researchers have uncovered a ...
Continue Reading

Scary new malware hides in memory, uses DNS to communicate, and spreads through phishing

Cisco has a separate threat research group called Talos. They just published a report on a scary new form of malware that’s hard to detect. They called it DNSMessenger, and the malicous ...
Continue Reading

[Heads-Up] First-Ever Russian Malicious Mac Macro Discovered

Appleinsider reported Feb 9, 2017: "Mac malware discovered in Microsoft Word document with auto-running macro", which was the second example of malware targeting macOS users this week.   ...
Continue Reading

Bad News: Your Antivirus Detection Rates Have Dramatically Declined In 12 Months

We all had the nagging suspicion that antivirus is not cutting it anymore, but the following numbers confirm your intuition. I have not seen more powerful ammo for IT security budget to ...
Continue Reading

Scam Of The Week: Pokémon Malware, Muggings And Other Mayhem

In case you just came back from vacation, there literally is a new craze going on with an augmented-reality smartphone app called Pokémon Go. It's a geocaching game, meaning it's tied to ...
Continue Reading

July 2016 Ransomware Roundup: New Strains And New Nasty Features

The ransomware market is rapidly maturing, we start seeing upgraded strains and rebranded versions sold cheaply in the Dark Web. And mainstream media have finally glommed on after years ...
Continue Reading

We just received the ultimate in weird nested malware

Last night a customer sent us a phish via the KnowBe4 Phish Alert Button ( free download here) that must win some kind of award for the longest chain of required user interactions -- all ...
Continue Reading

Tampa is 842% above the national average in malware infections

A new study by Enigma Software revealed the hardest hit cities in the country when it comes to computer viruses. Tampa was ranked #2 for malware infections per person. That's 842% above ...
Continue Reading

Websense: Malware-as-a-Service Makes Cybercrime Easier

Websense released their annual Threat Report, which is interesting if you want to know what’s really happening in the criminal cyber landscape. Here are a few highlights, with a link to ...
Continue Reading

10 Hacking Facts / How They Impact You [Infographic]

Cybersecurity is one of the most pressing concerns for business and consumers, especially when it comes to social media. So much personal identifiable information (PII) exists across the ...
Continue Reading

Kaspersky: NSA has pwned all hard drives firmware

Reuters just broke news that's pretty astounding.  I\m copying just a few paragraphs and I recommend you read the release yourself.  
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews