Cybercrime, new Android ransomware: AndroidOS/MalLocker.B
Microsoft cybersecurity experts: The malware doesn’t encrypt the files. It blocks access to device by displaying a screen with the ransom note that appears over every other window.
Cyber Espionage, MontysThree targets industries with a new toolset
Kaspersky cybersecurity experts: To evade detection, it host its communications with the C2 on public cloud services and hides the main malware with steganography.
Cybercrime, WHS Rat is spread with SlimPDF reader
The lure is a fake CV attached in a mail. If the victim opens it, it asks to install the reader. Meanwhile Meanwhile, a JS activates the malware infection chain.
Cybercrime, Emotet is one of the most prevalent ongoing cyber threats
CISA-MS-ISAC cyber security experts: Roughly 16,000 alerts related to the malware and significant increase in state-local governments targeted by the malware with phishing.
Cybercrime, MassLogger hits with campaigns on compressed files
New emails carry malware in two different ways. One through one executable within a .7z file and the other with a CHM in an attachment .R15 or .R04.
Cybercrime, Dridex is back with courier-themed campaigns
New emails with .xlsm attachment, which simulate a DHL and UPS invoice. The attachment downloads a DLL that starts the malware infection chain.
Cyber Espionage, XDSpy hits Eastern Europe and Balkans since 2011
ESET cybersecurity experts: The targets are primarily government entities. The APT, until now undetected, exploits the XDDown malware and spear phishing.
Cybercrime, the MassLogger campaign now leverages CHM files
The email contains a compressed attachment with an HTML Help File hidden inside. This, if performed, downloads a fake image that activates the malware infection.
Cybercrime, Loda RAT is back with new versions
Cisco Talos cybersecurity experts: The 1.1.1 malware added a Powershell keylogger and a VB script. The 1.1.7 update removed them, focusing on stealing passwords and cookies from browsers.
Cybercrime, Dridex exploits the UPS lure for spreading wordldwide
The .xlms attachment in the mail contacts a link, that download a DLL. This one infects the pc with the malware.