Agent Tesla Spyware Used in Phishing Campaign

Agent Tesla initially detected in late 2014, is a known spyware aimed at collecting sensitive data from a victim’s device, such as stored application credentials and keyboard inputs (keylogger). Agent…

Next-Gen Maldocs & How to Solve the Human Vulnerability

Malicious email attachments with macros are one of the most common ways hackers get in through the door. Huntress security researcher John Hammond discusses how threat hunters can fight back.…

This decade-old malware has picked up some nasty new tricks

Qakbot, a top trojan for stealing bank credentials, has in the past year started delivering ransomware and this new business model is making it harder for network defenders to detect…

Stealthy ‘WIRTE’ Gang Targets Middle Eastern Governments

Kaspersky researchers suspect that the cyberattackers may be a subgroup of the politically motivated, Palestine-focused Gaza Cybergang. A threat actor tracked as WIRTE has been assaulting Middle East governments since…

Toss a Coin to your Helper (Part 2 of 2)

Avast –  Avast –  In the first posting of this series, we looked at a clipboard stealer belonging to the MyKings botnet. In this second part of the blog series,…

This stealthy malware delivers a 'silent threat' that wants to steal your passwords

Cyber criminals are using a new JavaScript downloader to distribute eight different kinds of remote access Trojan (RAT) malware and information-stealing malware in order to gain backdoor control of infected Windows systems, as well…

JavaScript Loader RATDispenser Infects Windows PCs with RATs

RATDispenser, a novel secretive JavaScript loader, is being employed in phishing campaigns to infect devices with a range of Remote Access Trojans (RATs). The new loader quickly formed distribution agreements…

Malicious JavaScript Loader is a Multi-RAT Dispenser

Malicious JavaScript Loader is a Multi-RAT Dispenser Researchers are warning of a new JavaScript loader being used to distribute eight Remote Access Trojans (RATs) in information-stealing campaigns. A team at…

Ransomware Phishing Emails Sneak Through SEGs

The MICROP ransomware spreads via Google Drive and locally stored passwords. Secure email gateway (SEG) protections aren’t necessarily enough to stop phishing emails from delivering ransomware to employees, especially if…

Red Team: C2 frameworks for pentesting

Infosec Institute –  Infosec Institute –  C2 frameworks — the abbreviation to the Command and Control (C&C) infrastructure — are how red teamers and pentesters can control compromised machines during…