Agent Tesla Spyware Used in Phishing Campaign

Agent Tesla initially detected in late 2014, is a known spyware aimed at collecting sensitive data from a victim’s device, such as stored application credentials and keyboard inputs (keylogger). Agent…

Squid Game Used as Lure for Malware Campaigns, Phishing Attacks

Security Intelligence – Security Intelligence – Squid Game Used as Lure for Malware Campaigns, Phishing Attacks Digital attackers are using Netflix’s popular series “Squid Game” as a lure for their…

Next-Gen Maldocs & How to Solve the Human Vulnerability

Malicious email attachments with macros are one of the most common ways hackers get in through the door. Huntress security researcher John Hammond discusses how threat hunters can fight back.…

This decade-old malware has picked up some nasty new tricks

Qakbot, a top trojan for stealing bank credentials, has in the past year started delivering ransomware and this new business model is making it harder for network defenders to detect…

Emotet Is Dropping Cobalt Strike

Emotet is a virus infection that is propagated by spam email attachments that contain malicious Word or Excel documents. These documents utilize macros to download and install the Emotet Trojan…

Israeli govt pledges greater oversight of cyber exports after NSO tools used to spy on US officials

The Israeli government’s Defense Exports Control Agency sent out a notice late on Monday indicating it would be enforcing stricter rules governing the export of offensive cyber tools. The announcement…

Excel XLL Add-ins Are Pushing a Password-stealing Malware

Malicious hackers are distributing Excel XLL files that download and install the RedLine password and information-stealing malware via website contact forms and discussion forums. What Are XLL Files? XLL files…

Enter the Heimdal™ Social Media Giveaway for a Chance to Win Holiday Goodies

Happy holidays from us to you! As the gift-giving season draws near, we are very excited to announce our first time ever social media giveaway! Make sure you follow us…

Stealthy ‘WIRTE’ Gang Targets Middle Eastern Governments

Kaspersky researchers suspect that the cyberattackers may be a subgroup of the politically motivated, Palestine-focused Gaza Cybergang. A threat actor tracked as WIRTE has been assaulting Middle East governments since…

ScarCruft APT Mounts Desktop/Mobile Double-Pronged Spy Attacks

The North Korea-linked group is deploying the Chinotto spyware backdoor against dissidents, journalists and other politically relevant individuals in South Korea. The North Korea-linked ScarCruft advanced persistent threat (APT) group…