Iranian Hacker Group APT34 Use New ‘Tonedeaf’ Malware over LinkedIn in Latest Phishing Campaign

Jul 29, 2019 2:49:46 PM By Stu Sjouwerman

Targeting several key industries, this new campaign likely seeks to aid the Iranian government with information that could be of use to further Iran’s economic and security goals.

U.S. Coast Guard Warns of Phishing Attacks Designed for Data Theft and Malware Infection

Jul 19, 2019 3:15:52 PM By Stu Sjouwerman

A new Marine Safety Information Bulletin from the U.S. Coast Guard demonstrates that cybercriminals aren’t just after land-based businesses.

Microsoft Discovers New Excel-Based Attack to Deliver the FlawedArmmyRAT Malware

Jul 16, 2019 3:27:14 PM By Stu Sjouwerman

A new set of tweets from Microsoft Security Intelligence walks through an attack that uses a number of built-in Windows toolsets to infect machines with the notorious malware.

Dridex Credential Stealer Returns With New Antivirus Evasion - Including Application Whitelisting

Jul 1, 2019 4:41:32 PM By Stu Sjouwerman

SCMag reported that a new strain of the notorious Dridex malware has been spotted using polymorphism antivirus evasion techniques in phishing emails. The Dridex credential-stealer that ...

New Malware Pretends to Be You by Matching Your Keystroke Characteristics

Jul 1, 2019 8:32:33 AM By Stu Sjouwerman

Cybersecurity researchers have developed a new keystroke impersonation attack that avoids being detected by keystroke-based biometric security solutions.

Get Ready for the First Wave of AI Malware

Apr 10, 2019 10:41:43 AM By Stu Sjouwerman

This is an excerpt from an article in SecurityWeek by Gunter Ollmann, who is currently the CSO of Microsoft’s Cloud and AI Security division. He is a seasoned information security leader.

A Powerful Malware That Tried To Blow Up A Saudi Plant Strikes Again

Apr 10, 2019 6:39:02 AM By Stu Sjouwerman

A highly capable malware reportedly used in a failed plot to blow up a Saudi petrochemical plant has now been linked to a second compromised facility.

Rietspoof Malware Attack Uses Messaging Apps to Distribute Ransomware

Mar 8, 2019 7:16:33 AM By Stu Sjouwerman

Researchers at antivirus vendor Avast have identified a new malware attack that leverages Skype, Facebook Messenger, and other messaging applications.

Malware Blindness in the Enterprise

Mar 7, 2019 9:56:50 AM By Stu Sjouwerman

A growing percentage of cyberattacks are using encryption to avoid detection, according to a new report by Zscaler’s ThreatLabZ researchers. Their report, summarized by Help Net Security, ...

[Heads-up] 40 Percent Of Malicious URLs Found On Good Domains. YIKES!

Mar 2, 2019 11:28:15 AM By Stu Sjouwerman

Webroot revealed the results of their 2019 Threat Report, showing that tried-and-true attack methods are still going strong, but new threats emerge daily, and cybercrime is highly ...

Remote Access Credentials Are the Latest Malware Attack Target

Feb 18, 2019 2:38:44 PM By Stu Sjouwerman

The latest iteration of notable banking trojan, Trickbot, now includes a password grabbing module designed to provide cybercriminals with remote access to internal systems.

Online Job Offer Turns Would-Be Applicant into Unwitting Conspirator in Malware Attack

Jan 25, 2019 7:17:51 AM By Stu Sjouwerman

The context of contacting the victim via a credible website may be all that was needed to trick one job seeker into installing malware on the network of a bank.

Malicious Memes Trigger Malware Functions

Dec 17, 2018 10:39:59 AM By Stu Sjouwerman

Cybercriminals are using steganography to deliver commands to malware via malicious memes, according to researchers at Trend Micro. Steganography is the art of hiding messages inside ...

DNSpionage Malware Targets Domains in Lebanon and United Arab Emirates

Nov 28, 2018 5:25:02 PM By Stu Sjouwerman

A new threat actor is targeting Lebanon and United Arab Emirates (UAE) government domains, as well as a Lebanese airline company, according to Warren Mercer and Paul Rascagneres at Cisco ...

[Heads-up] Now In The Wild: New Super Evil Rootkit Survives Even "Nuke From Orbit" And HD Swap

Sep 30, 2018 7:56:38 AM By Stu Sjouwerman

This thing is a nightmare that escaped into daylight. The Russian GRU—aka Fancy Bear—probably was riveted reading the Wikileaks CIA Vault 7 UEFI Rootkit docs (PDF) and built one of these ...

Microsoft Office Macros Remain Top Choice for Malware Delivery

Sep 20, 2018 11:58:07 AM By Stu Sjouwerman

Microsoft Office documents containing malicious macros accounted for 45 percent of malware loaders in August 2018, according to a blog post by Cofense. These macros were used to deliver a ...

Bad guys use Google's Golang to cross-compile multi-platform malware

Jul 14, 2018 4:34:36 PM By Stu Sjouwerman

Here is the bad news: The use of Google's Golang (also called Go) programming language allows attackers to cross-compile malware for use on multiple platforms, making potential attacks on ...

North Korea Brings Light to a “Cool” Way to Spread Malware

Jul 12, 2018 11:02:27 AM By Stu Sjouwerman

In the midst of all the political talk about the recent summit between the United States and North Korea, one particular gift caught the eye of security experts.

They’re Trying to Run Malicious Code (And You’re Letting Them!)

Jul 2, 2018 10:23:00 AM By Stu Sjouwerman

According to a new threat report from security vendor eSentire, 91% of endpoint incidents involve files that won’t be defeated/blocked/removed by anti-malware solutions.

Ad Network Uses Advanced Malware Technique To Conceal Cryptojacking Ads

Feb 28, 2018 4:46:51 PM By Stu Sjouwerman

I blogged a few days ago about a method to embed a crypto-mining script in a Word doc. Turns out an ad network has done an even better job! Arstechnica wrote: "Domain-name algorithms are ...

Security Awareness Training Blog

Malware Blog

View Topics