Virtual Hard Disk Images Containing Malware Are Ignored by Windows and Antivirus Engines

Oct 11, 2019 7:19:53 AM By Stu Sjouwerman

This disturbing find by a CERT researcher demonstrates how attackers can encode malicious files within a Virtual Hard Disk (VHD) image that acts in the same way as a ZIP archive.

Scam Of The Week: See Jeffrey Epstein Last Words On Video

Aug 12, 2019 8:47:51 AM By Stu Sjouwerman

This weekend, news broke that Jeffrey Epstein was found dead in his cell, apparently a suicide. This is a celebrity death that the bad guys are going to be exploiting in a variety of ...

Here Are Some Interesting Headlines I Found During Black Hat

Aug 10, 2019 10:45:01 AM By Stu Sjouwerman

Black Hat 2019 - The Craziest, Most Terrifying Things We Saw: I ran into Neil Rubenking when I went to the Qualys party which was in the Foundation Room all the way on top of the ...

Iranian Hacker Group APT34 Use New ‘Tonedeaf’ Malware over LinkedIn in Latest Phishing Campaign

Jul 29, 2019 2:49:46 PM By Stu Sjouwerman

Targeting several key industries, this new campaign likely seeks to aid the Iranian government with information that could be of use to further Iran’s economic and security goals.

U.S. Coast Guard Warns of Phishing Attacks Designed for Data Theft and Malware Infection

Jul 19, 2019 3:15:52 PM By Stu Sjouwerman

A new Marine Safety Information Bulletin from the U.S. Coast Guard demonstrates that cybercriminals aren’t just after land-based businesses.

Microsoft Discovers New Excel-Based Attack to Deliver the FlawedArmmyRAT Malware

Jul 16, 2019 3:27:14 PM By Stu Sjouwerman

A new set of tweets from Microsoft Security Intelligence walks through an attack that uses a number of built-in Windows toolsets to infect machines with the notorious malware.

Dridex Credential Stealer Returns With New Antivirus Evasion - Including Application Whitelisting

Jul 1, 2019 4:41:32 PM By Stu Sjouwerman

SCMag reported that a new strain of the notorious Dridex malware has been spotted using polymorphism antivirus evasion techniques in phishing emails. The Dridex credential-stealer that ...

New Malware Pretends to Be You by Matching Your Keystroke Characteristics

Jul 1, 2019 8:32:33 AM By Stu Sjouwerman

Cybersecurity researchers have developed a new keystroke impersonation attack that avoids being detected by keystroke-based biometric security solutions.

Get Ready for the First Wave of AI Malware

Apr 10, 2019 10:41:43 AM By Stu Sjouwerman

This is an excerpt from an article in SecurityWeek by Gunter Ollmann, who is currently the CSO of Microsoft’s Cloud and AI Security division. He is a seasoned information security leader.

A Powerful Malware That Tried To Blow Up A Saudi Plant Strikes Again

Apr 10, 2019 6:39:02 AM By Stu Sjouwerman

A highly capable malware reportedly used in a failed plot to blow up a Saudi petrochemical plant has now been linked to a second compromised facility.

Rietspoof Malware Attack Uses Messaging Apps to Distribute Ransomware

Mar 8, 2019 7:16:33 AM By Stu Sjouwerman

Researchers at antivirus vendor Avast have identified a new malware attack that leverages Skype, Facebook Messenger, and other messaging applications.

Malware Blindness in the Enterprise

Mar 7, 2019 9:56:50 AM By Stu Sjouwerman

A growing percentage of cyberattacks are using encryption to avoid detection, according to a new report by Zscaler’s ThreatLabZ researchers. Their report, summarized by Help Net Security, ...

[Heads-up] 40 Percent Of Malicious URLs Found On Good Domains. YIKES!

Mar 2, 2019 11:28:15 AM By Stu Sjouwerman

Webroot revealed the results of their 2019 Threat Report, showing that tried-and-true attack methods are still going strong, but new threats emerge daily, and cybercrime is highly ...

Remote Access Credentials Are the Latest Malware Attack Target

Feb 18, 2019 2:38:44 PM By Stu Sjouwerman

The latest iteration of notable banking trojan, Trickbot, now includes a password grabbing module designed to provide cybercriminals with remote access to internal systems.

Online Job Offer Turns Would-Be Applicant into Unwitting Conspirator in Malware Attack

Jan 25, 2019 7:17:51 AM By Stu Sjouwerman

The context of contacting the victim via a credible website may be all that was needed to trick one job seeker into installing malware on the network of a bank.

Malicious Memes Trigger Malware Functions

Dec 17, 2018 10:39:59 AM By Stu Sjouwerman

Cybercriminals are using steganography to deliver commands to malware via malicious memes, according to researchers at Trend Micro. Steganography is the art of hiding messages inside ...

DNSpionage Malware Targets Domains in Lebanon and United Arab Emirates

Nov 28, 2018 5:25:02 PM By Stu Sjouwerman

A new threat actor is targeting Lebanon and United Arab Emirates (UAE) government domains, as well as a Lebanese airline company, according to Warren Mercer and Paul Rascagneres at Cisco ...

Malware Targets 67 Online Brands Ahead of Black Friday

Nov 16, 2018 11:54:22 AM By Stu Sjouwerman

14 malware families have been discovered as part of an elaborate scam aimed at users shoppers of major e-commerce sites looking for pre-Black Friday deals. We’re all gearing up for some ...

[Heads-up] Now In The Wild: New Super Evil Rootkit Survives Even "Nuke From Orbit" And HD Swap

Sep 30, 2018 7:56:38 AM By Stu Sjouwerman

This thing is a nightmare that escaped into daylight. The Russian GRU—aka Fancy Bear—probably was riveted reading the Wikileaks CIA Vault 7 UEFI Rootkit docs (PDF) and built one of these ...

Microsoft Office Macros Remain Top Choice for Malware Delivery

Sep 20, 2018 11:58:07 AM By Stu Sjouwerman

Microsoft Office documents containing malicious macros accounted for 45 percent of malware loaders in August 2018, according to a blog post by Cofense. These macros were used to deliver a ...

Security Awareness Training Blog

Malware Blog

View Topics

Virtual Hard Disk Images Containing Malware Are Ignored by Windows and Antivirus Engines

Scam Of The Week: See Jeffrey Epstein Last Words On Video

Here Are Some Interesting Headlines I Found During Black Hat

Iranian Hacker Group APT34 Use New ‘Tonedeaf’ Malware over LinkedIn in Latest Phishing Campaign

U.S. Coast Guard Warns of Phishing Attacks Designed for Data Theft and Malware Infection

Microsoft Discovers New Excel-Based Attack to Deliver the FlawedArmmyRAT Malware

Dridex Credential Stealer Returns With New Antivirus Evasion - Including Application Whitelisting

New Malware Pretends to Be You by Matching Your Keystroke Characteristics

Get Ready for the First Wave of AI Malware

A Powerful Malware That Tried To Blow Up A Saudi Plant Strikes Again

Rietspoof Malware Attack Uses Messaging Apps to Distribute Ransomware

Malware Blindness in the Enterprise

[Heads-up] 40 Percent Of Malicious URLs Found On Good Domains. YIKES!

Remote Access Credentials Are the Latest Malware Attack Target

Online Job Offer Turns Would-Be Applicant into Unwitting Conspirator in Malware Attack

Malicious Memes Trigger Malware Functions

DNSpionage Malware Targets Domains in Lebanon and United Arab Emirates

Malware Targets 67 Online Brands Ahead of Black Friday

[Heads-up] Now In The Wild: New Super Evil Rootkit Survives Even "Nuke From Orbit" And HD Swap

Microsoft Office Macros Remain Top Choice for Malware Delivery

Search Our Blog

Subscribe To Our Blog

Posts By Topic

Get the latest about social engineering

Subscribe to CyberheistNews

Products & Services

About Us

Free Tools

Contact Us

Contact Support

Search

Search