Avast Finds Backdoor on US Government Commission Network

Avast –  Avast –  We have found a new targeted attack against a small, lesser-known U.S. federal government commission associated with international rights. Despite repeated attempts through multiple channels over…

Malware analysis arsenal: Top 15 tools

We live in an era where digital transformation is part of our lives. With this, malware has become a critical and huge threat to organizations and people around the globe…

Collecting In the Dark: Tropic Trooper Targets Transportation and Government

Trend Micro – Trend Micro – While analyzing samples, we found that the C&C server was already inactive. Without knowing the traffic between SmileSvr and C&C server, we could not…

SolarWinds Attackers Spotted Using New Tactics, Malware

One year after the disruptive supply-chain attacks, researchers have observed two new clusters of activity from the Russia-based actors that signal a significant threat may be brewing. One year after…

New Ceeloader Malware Used By Russian-backed Advanced Persistent Threat (APT) Organization Nobelium

Nobelium is a Russian-backed advanced persistent threat (APT) organization that achieved attention towards the end of 2020 after breaching SolarWinds’ software development supply chain to obtain access to espionage targets,…

Excel XLL Add-ins Are Pushing a Password-stealing Malware

Malicious hackers are distributing Excel XLL files that download and install the RedLine password and information-stealing malware via website contact forms and discussion forums. What Are XLL Files? XLL files…

Fake Adobe Windows App Installer Packages Are Distributing the Emotet Malware

Emotet is a malware known as a banking Trojan. Malspam, which are spam emails that contain malware, is the primary means by which it spreads. To persuade consumers, these communications…

Toss a Coin to your Helper (Part 2 of 2)

Avast –  Avast –  In the first posting of this series, we looked at a clipboard stealer belonging to the MyKings botnet. In this second part of the blog series,…

Unpatched Windows Zero-Day Allows Privileged File Access

A temporary fix has been issued for CVE-2021-24084, which can be exploited using the LPE exploitation approach for the HiveNightmare/SeriousSAM bug. An unpatched Windows security vulnerability could allow information disclosure…

Shape-Shifting ‘Tardigrade’ Malware Hits Vaccine Makers

Some security researchers say it’s actually Cobalt Strike and not a SmokeLoader variant, but BioBright says in-depth testing shows it’s for real a scary morphic malware that changes its parts…