0

Sage 2.0 ransomware delivered by Pandex spambot, mimics Cerber routines

Feb 13, 2017 / in Uncategorized

New variants of Sage ransomware sport Cerber-like behavior, although no definitive link was found between the two families. Twitter Card Style:  summary Symantec Security Response has recently discovered the Sage 2.0 ransomware (Ransom.Cry) being delivered by the Trojan.Pandex spambot, which we have previously seen sending JS downloaders with spambots, banki Click to Tweet:  Sage 2.0…

Read More
0

Attackers target dozens of global banks with new malware

Feb 12, 2017 / in Uncategorized

Watering hole attacks attempt to infect more than 100 organizations in 31 different countries. Blog Feature Image:  virtual_abstraction.jpg Twitter Card Style:  summary Organizations in 31 countries have been targeted in a new wave of attacks which has been underway since at least October 2016. The attackers used compromised websites or “watering holes” to infect pre-selected…

Read More
0

Latest Intelligence for January 2017

Feb 10, 2017 / in Uncategorized

The email malware rate drops due to Necurs botnet inactivity and two new Android malware families appeared. Blog Feature Image:  intelligence.jpg Twitter Card Style:  summary Some of the key takeaways from January’s Latest Intelligence, and the threat landscape in general, include a lull in activity from the Necurs botnet affecting the email malware rate, new…

Read More
0

Latest Intelligence for January 2017

Feb 10, 2017 / in Uncategorized

The email malware rate drops due to Necurs botnet inactivity and the Angler exploit kit makes a surprise comeback. Twitter Card Style:  summary Some of the key takeaways from January’s Latest Intelligence, and the threat landscape in general, include a lull in activity from the Necurs botnet affecting the email malware rate, the return of…

Read More
0

Android ransomware repurposes old dropper techniques

Feb 6, 2017 / in Uncategorized

Android ransomware is now using dropper techniques to drop malware on rooted devices as well as an inefficient 2D barcode ransom demand. Twitter Card Style:  summary Android.Lockdroid.E has been seen using a dropper technique to drop a version of itself on rooted Android devices. While this is not an uncommon technique, this is the first…

Read More
0

Android ransomware repurposes old dropper techniques

Feb 6, 2017 / in Uncategorized

Android ransomware is now using dropper techniques to drop malware on rooted devices as well as an inefficient 2D barcode ransom demand. Blog Feature Image:  phone-alert.jpg Twitter Card Style:  summary Android.Lockdroid.E has been seen using a dropper technique to drop a version of itself on rooted Android devices. While this is not an uncommon technique,…

Read More
0

Android ad malware on Google Play combines three deception techniques

Feb 3, 2017 / in Uncategorized

Three apps on Google Play use delayed attacks, self-naming tricks, and an attack list dictated by a command and control server to click on ads in the background without the user's knowledge. Twitter Card Style:  summary Contributor: Martin Zhang Summary: Three apps on Google Play use delayed attacks, self-naming tricks, and an attack list dictated…

Read More
0

Android ad malware on Google Play combines three deception techniques

Feb 3, 2017 / in Uncategorized

Three apps on Google Play use delayed attacks, self-naming tricks, and an attack list dictated by a command and control server to click on ads in the background without the user's knowledge. Blog Feature Image:  EB-generic-tablet.jpeg Twitter Card Style:  summary Contributor: Martin Zhang Summary: Three apps on Google Play use delayed attacks, self-naming tricks, and…

Read More
0

Greenbug cyberespionage group targeting Middle East, possible links to Shamoon

Jan 23, 2017 / in Uncategorized

Greenbug may answer the question of how Shamoon obtains the stolen credentials needed to carry out its disk-wiping attacks. Twitter Card Style:  summary Symantec is currently investigating reports of yet another new attack in the Middle East involving the destructive disk-wiping malware used by the Shamoon group (W32.Disttrack, W32.Disttrack.B). Click to Tweet:  Is there a…

Read More
0

Greenbug cyberespionage group targeting Middle East, possible links to Shamoon

Jan 23, 2017 / in Uncategorized

Greenbug may answer the question of how Shamoon obtains the stolen credentials needed to carry out its disk-wiping attacks. Twitter Card Style:  summary Symantec is currently investigating reports of yet another new attack in the Middle East involving the destructive disk-wiping malware used by the Shamoon group (W32.Disttrack, W32.Disttrack.B). Click to Tweet:  Is there a…

Read More