Security Awareness Training Blog

Malware Blog

Covering the latest malware threats affecting software, hardware, cloud networks, etc. Keeping you informed so you can keep your users safe.

Unprecedented Rise of Malvertising as a Precursor to Ransomware

Cybercriminals increasingly used malvertising to gain initial access to victims’ networks in 2023, according to Malwarebytes’s latest State of Malware report.
Continue Reading

Malvertising Targets Chinese-Speaking Users

Researchers at Malwarebytes warn that a malvertising campaign is targeting Chinese-speaking users with phony ads for encrypted messaging apps. The ads impersonate apps that are restricted ...
Continue Reading

Vietnam-Based Cyber Groups Using Fake Job Postings to Deliver Malware

Several cybercriminal groups based in Vietnam are using fake job postings to trick users into installing malware, according to researchers at WithSecure. The researchers are tracking ...
Continue Reading

Phishing Attacks Surge By 173% In Q3, 2023; Malware Threats Soar By 110%

A new report from Vade Secure has found that phishing attacks rose by 173% in the third quarter of 2023, while malware threats have increased by 110%.
Continue Reading

Ukrainian Military Targeted in Sophisticated Phishing Attack Using Drone Manuals

Securonix is tracking a phishing campaign that’s targeting the Ukrainian military with malware-laden attachments posing as drone instruction manuals. The threat actor is using Microsoft ...
Continue Reading

The International Joint Commission Falls Victim to Ransomware Attack; 80GB Of Data Stolen

The International Joint Commission (ICJ), an organization that handles water issues along the Canada–United States border, was hit by a ransomware attack, the Register reports.
Continue Reading

Microsoft Teams Phishing Campaign Distributes DarkGate Malware

Researchers at Truesec are tracking a phishing campaign that’s distributing the DarkGate Loader malware via external Microsoft Teams messages.
Continue Reading

Gootloader Malware Uses Social Engineering to Target Law Firms (or their Clients)

Law firms are being targeted by a large number of social engineering attacks involving the Gootloader malware delivery tool, according to researchers at Trustwave.
Continue Reading

Bad Actor Uses Fake Android Chat to Install Malware

Researchers at CYFIRMA warn that the Bahamut threat actor is using a malicious Android app to deliver malware.
Continue Reading

Phishing Email Attack Numbers “Decline” While Malware Volumes Increase 15%

New data focused on the first half of the year shows some anomalies. Phishing attacks are slowing down… that is, until you dive into the details.
Continue Reading

Banking Detail Malvertising Attack Disguises Itself as a Foolproof USPS Google Ad

A new scam aimed at stealing your credit card and banking information has reared its’ ugly head as a completely legitimate ad that is likely to be clicked based on the corresponding ...
Continue Reading

BatLoader Malware is Now Distributed in Drive-By Attacks

Malign persuasion can take many forms. We tend to hear the most about phishing (malicious emails) or smishing (malicious texts). Other threats are also worth some attention, like the risk ...
Continue Reading

[Finger on the Trigger] How the FBI Nuked Russian FSB's Snake Data Theft Malware

The Five Eyes member nations' cybersecurity and intelligence agencies dismantled the infrastructure of the Snake cyber-espionage malware that was operated by Russia's Federal Security ...
Continue Reading

Malware Downloads Facilitated by Social Engineering

The most common route for malware infections remains social engineering in its various forms: phishing, vishing, etc. Such approaches take advantage of users’ deliberately cultivated ...
Continue Reading

Stay Ahead of the Game: Protect Yourself From Trojanized Chat Apps Targeting WhatsApp and Telegram Users

It seems that once again bad actors have found a new way to infect our devices with malware. This time, they are using a devious little trick to spread trojanized versions of popular chat ...
Continue Reading

Use of Malware Decreases in Cyber Attacks as Exploit Usage Skyrockets

New data on cyberattacks from last quarter provides a lens of what kinds of attack techniques to expect to see from cyber attackers this year.
Continue Reading

Microsoft OneNote Attachments Become the Latest Method to Spread Malware

With Microsoft disabling macros by default on Office documents, cybercriminals are left needing another means to launch malware that’s victim-supported by default.
Continue Reading

[Security Masterminds] Breaking It Down to Bits & Bytes: Analyzing Malware To Understand the Cybercriminal

In our latest episode of Security Masterminds, we have the pleasure of interviewing Roger Grimes, Data-Driven Defense Evangelist for KnowBe4, who has held various roles throughout his ...
Continue Reading

QBot Malware Attacks Use SVG files to Perform HTML Smuggling

QBot malware phishing campaigns have adopted a new distribution method using SVG files to perform HTML smuggling that locally creates a malicious installer for Windows.
Continue Reading

Microsoft Warns of Signed Drivers Being Used to Terminate AV and EDR Processes

The malicious abuse of several developer program accounts in Microsoft’s Windows Hardware Developer Program allowed threat actors to have malware evade detection.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews