Attackers bypass Microsoft security patch to drop Formbook malware

The patch was issued for CVE-2021-40444 to prevent the execution of code that downloaded the Microsoft Cabinet (CAB) archive containing a malicious executable. Sophos Labs researchers have shared their findings…

StrongPity Malware Spread Using Malicious Notepad++ Installers

The Advanced Persistent Threat (APT) known as StrongPity is distributing malware-laced Notepad++ installers to infect their victims. #APT #StrongPity NotePad++ installer(npp.8.1.7.Installer.x64.exe)78556a2fc01c40f64f11c76ef26ec3ffhttp[:]//advancedtoenableplatform.com pic.twitter.com/eEXZWIObnH — blackorbird (@blackorbird) November 30, 2021 The method…

Toss a Coin to your Helper (Part 2 of 2)

Avast –  Avast –  In the first posting of this series, we looked at a clipboard stealer belonging to the MyKings botnet. In this second part of the blog series,…

Files Within Password-Protected WinRAR Archives Locked by New Memento Ransomware Group

Memento ransomware group makes its way on the threat landscape scene. Their approach seems to be quite uncommon, as the threat actor group locks files in WinRAR archives protected by…

Zebra2104 Initial Access Broker Supports Rival Malware Gangs, APTs

Researchers have uncovered a large, tangled web of infrastructure being used to enable a wide variety of cyberattacks. Three separate threat groups are all using a common initial access broker…

WinRAR vulnerability allowed attackers to remotely hijack systems

The vulnerability in WinRAR trialware could be abused by a remote attacker for executing arbitrary code on any system thus, getting an opportunity to launch a range of attacks. According…