Cybercrime, the new TrickBot dropper analyzed in depth
Yoroi-Cybaze ZLab cyber security experts discover that is composed by several thousand highly obfuscated Lines of Code and abusing the so-called ADS (Alternate Data Stream).
Cybercrime, GootKit is evolving: Now it can bypass Windows Defender
JamesWT and Vitali Kremez cyber security experts: The malware, a banking trojan, can be excluded from being scanned thanks to a UAC bypass and WMIC commands.
One of the worst enemies for Cybercrime are the automatic translators
Cyber security experts: to maximize the spread of phishing and malspam campaigns, messages are translated without checking in multiple languages. Victims have a weapon to detect fraud.
Cybercrime: LooCipher, the probable heir of GandCrab, has been beaten
Yoroi-Cybaze ZLab cyber security experts develop a free decryptor for the ransomware. The tool, however, requires the malware process to be active.
Cybercrime spreads malware using less-known archive types as initial dropper
Yoroi-Cybaze ZLab cyber security experts: ISO images in particular are exploited. Analyzing a cyber attack against an Italian firm, it emerged the XpertRAT and a Delphi wrapper.
TA505 cybercrime gang launched new campaigns with Gelup-FlowerPippi malware
Trend Micro cyber security experts: The first malicious code abuses user account control (UAC) bypass and works as a loader for other threats. The second is a dangerous backdoor.
Cybercrime, wave of spam in the EU with RTF documents armed with malware
Microsoft cyber security experts: the goal is to spread a backdoor Trojan, exploiting an old vulnerability. Probably there will be new malspam campaigns with same characteristics.
Ursnif, the malware that has been targeting Italy since 2018, is evolving
Yoroi-Cybaze ZLab cyber security experts: Threat Actors implement country-checks and over 10 levels of code obfuscation, in addition to a new steganography technique for Windows 10.
URLhaus over the last ten months took down nearly 100,000 malware sites
The cyber security experts global network of Swiss Abuse.ch discovers that vast majority of sites hosted payloads for Emotet and Gozi trojans, and the GandCrab ransomware.