BatLoader Malware is Now Distributed in Drive-By Attacks

May 24, 2023 8:52:37 AM By Stu Sjouwerman

Malign persuasion can take many forms. We tend to hear the most about phishing (malicious emails) or smishing (malicious texts). Other threats are also worth some attention, like the risk ...

[Finger on the Trigger] How the FBI Nuked Russian FSB's Snake Data Theft Malware

May 9, 2023 4:43:09 PM By Stu Sjouwerman

The Five Eyes member nations' cybersecurity and intelligence agencies dismantled the infrastructure of the Snake cyber-espionage malware that was operated by Russia's Federal Security ...

Malware Downloads Facilitated by Social Engineering

May 4, 2023 8:28:47 AM By Stu Sjouwerman

The most common route for malware infections remains social engineering in its various forms: phishing, vishing, etc. Such approaches take advantage of users’ deliberately cultivated ...

Stay Ahead of the Game: Protect Yourself From Trojanized Chat Apps Targeting WhatsApp and Telegram Users

Mar 27, 2023 8:00:00 AM By Javvad Malik

It seems that once again bad actors have found a new way to infect our devices with malware. This time, they are using a devious little trick to spread trojanized versions of popular chat ...

Use of Malware Decreases in Cyber Attacks as Exploit Usage Skyrockets

Mar 10, 2023 9:46:12 AM By Stu Sjouwerman

New data on cyberattacks from last quarter provides a lens of what kinds of attack techniques to expect to see from cyber attackers this year.

Microsoft OneNote Attachments Become the Latest Method to Spread Malware

Jan 31, 2023 3:04:16 PM By Stu Sjouwerman

With Microsoft disabling macros by default on Office documents, cybercriminals are left needing another means to launch malware that’s victim-supported by default.

[Security Masterminds] Breaking It Down to Bits & Bytes: Analyzing Malware To Understand the Cybercriminal

Jan 25, 2023 10:50:54 AM By James McQuiggan

In our latest episode of Security Masterminds, we have the pleasure of interviewing Roger Grimes, Data-Driven Defense Evangelist for KnowBe4, who has held various roles throughout his ...

QBot Malware Attacks Use SVG files to Perform HTML Smuggling

Dec 27, 2022 9:20:16 AM By Stu Sjouwerman

QBot malware phishing campaigns have adopted a new distribution method using SVG files to perform HTML smuggling that locally creates a malicious installer for Windows.

Microsoft Warns of Signed Drivers Being Used to Terminate AV and EDR Processes

Dec 22, 2022 4:17:28 PM By Stu Sjouwerman

The malicious abuse of several developer program accounts in Microsoft’s Windows Hardware Developer Program allowed threat actors to have malware evade detection.

New Polymorphic Wiper Malware Leaves Attacked Environments “Unrecoverable”

Dec 22, 2022 9:44:21 AM By Stu Sjouwerman

As an apparent method of political commentary on the war in Ukraine, the new Azov wiper uses a mix of intermittent overwriting and trojanizing Windows binaries to annihilate its’ victims.

XLL Files Used to Deliver Malware

Dec 21, 2022 8:59:29 AM By Stu Sjouwerman

Attackers are using XLL files to embed malicious code in Office documents, according to researchers at Cisco Talos. Microsoft is phasing out the ability to execute VBA macros in Office ...

Interest in Infostealer Malware Within Cyberattacks Spikes as MFA Fatigue Attacks Increase

Dec 14, 2022 2:02:41 PM By Stu Sjouwerman

New analysis of dark web forums shows an increase in discussions around the use of infostealer malware as part of both the first attack within a campaign or as part of an initial access ...

Archives Overtake Office Documents as the Most Popular File Type to Deliver Malware

Dec 7, 2022 10:44:32 AM By Stu Sjouwerman

Taking the lead over the use of Word, Excel, PDF, and other office-type documents in attacks, new data shows that files like ZIP and RAR have grown in popularity by 11% last quarter.

Gaming-Related Phishing Trends

Sep 12, 2022 9:37:39 AM By Stu Sjouwerman

Researchers at Kaspersky have found that the vast majority of gaming-related malware lures are targeted at Minecraft players. Roblox came in at a distant second, and the researchers note ...

Lost in Translation? New Cryptomining Malware Attacks Based in Turkey Cause Suspicion

Aug 31, 2022 9:30:07 AM By Stu Sjouwerman

Researchers at Check Point warn that attackers based in Turkey are distributing cryptomining malware via free software distribution websites, including Softpedia and uptodown. The ...

Malvertising With Google Ads

Jul 26, 2022 11:39:56 AM By Stu Sjouwerman

Researchers at Malwarebytes warn that a large malvertising campaign is exploiting Google ads to redirect users to phishing sites.

[Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk

Feb 25, 2022 7:12:46 AM By Stu Sjouwerman

The war in Ukraine increases the risk of wiper malware to spill over. I'm sure you remember NotPetya, which caused billions of dollars of downtime damage. The WSJ reports that Symantec ...

8 New Malware Payloads Spotted As Part of Attacks Against Ukrainian Targets

Feb 1, 2022 2:40:07 PM By Stu Sjouwerman

Security Threat Researchers at Symantec have published details about malware being put out by the “Gamaredon” threat group (who have been tied to Russian Federal Security Service), ...

Dark Web Service Sells Access to Compromised Accounts and Browser Sessions

Jan 27, 2022 9:13:53 AM By Stu Sjouwerman

When we hear about compromised credentials, there’s always the question of “How are they used post-compromise?” In one case, they are fully on display for sale to the highest bidder.

Malicious Office Documents Jump to 37% of All Malware Downloads at the End of 2021

Jan 27, 2022 9:13:49 AM By Stu Sjouwerman

With the ubiquitous use of Microsoft Office today, it should come as no surprise that malicious macro-laden documents continue to reign, with PPT files delivering AgentTesla taking the ...

Security Awareness Training Blog

Malware Blog

View Topics

BatLoader Malware is Now Distributed in Drive-By Attacks

[Finger on the Trigger] How the FBI Nuked Russian FSB's Snake Data Theft Malware

Malware Downloads Facilitated by Social Engineering

Stay Ahead of the Game: Protect Yourself From Trojanized Chat Apps Targeting WhatsApp and Telegram Users

Use of Malware Decreases in Cyber Attacks as Exploit Usage Skyrockets

Microsoft OneNote Attachments Become the Latest Method to Spread Malware

[Security Masterminds] Breaking It Down to Bits & Bytes: Analyzing Malware To Understand the Cybercriminal

QBot Malware Attacks Use SVG files to Perform HTML Smuggling

Microsoft Warns of Signed Drivers Being Used to Terminate AV and EDR Processes

New Polymorphic Wiper Malware Leaves Attacked Environments “Unrecoverable”

XLL Files Used to Deliver Malware

Interest in Infostealer Malware Within Cyberattacks Spikes as MFA Fatigue Attacks Increase

Archives Overtake Office Documents as the Most Popular File Type to Deliver Malware

Gaming-Related Phishing Trends

Lost in Translation? New Cryptomining Malware Attacks Based in Turkey Cause Suspicion

Malvertising With Google Ads

[Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk

8 New Malware Payloads Spotted As Part of Attacks Against Ukrainian Targets

Dark Web Service Sells Access to Compromised Accounts and Browser Sessions

Malicious Office Documents Jump to 37% of All Malware Downloads at the End of 2021

Search Our Blog

Subscribe To Our Blog

Posts By Topic

Get the latest about social engineering

Subscribe to CyberheistNews

Get the latest about social engineering

Subscribe to CyberheistNews

Products & Services

About Us

Free Tools

Contact Us

Contact Support

Search