Proofpoint cyber security experts: The malware has been distributed in 2 different campaigns Covid-19 themed. One targeted many organisations in EU. The other, against Tibetan dissidents.
CertPa cyber security experts: A malware campaign is underway with spear phishing attacks on the occasion of Christmas. Proofpoint: They also target .edu domains.
Proofpoint cyber security experts: There threat actor, probably a state-sponsored APT, is distributing an updated version of the malware, a RAT. To date at least 17 firms were hit.
Proofpoint cyber security experts: The new feature allows attackers to capture audio-video on the infected machine if a window match pornography-related keywords. It’s used for sextortion.
Trend Micro cyber security experts: The first malicious code abuses user account control (UAC) bypass and works as a loader for other threats. The second is a dangerous backdoor.
The malware chain of infection starts with a weaponized email in Korean. The cyber security experts: It’s seems the work of TA505 APT, focused on financial institutions-retail companies.
Proofpoint cyber security experts: The group use malware variants that exploit third-party payloads such as Qbot, The Trick, IcedID, and Gootkit. Emotet use will grow.
Proofpoint cyber security experts: cybercrime updated key features of the Trojan and employ new distribution mechanisms, including fake apps and switching to Smoke Loader.