Spam and phishing in Q1 2017
Spam: quarterly highlights Spam from the Necurs botnet We wrote earlier about a sharp increase in the amount of spam with malicious attachments, mainly Trojan encryptors. Most of that spam was coming from the Necurs botnet, which is currently considered the world’s largest spam botnet. However, in late December 2016, the network’s activity almost ceased […] more…Lurk Banker Trojan: Exclusively for Russia
One piece of advice that often appears in closed message boards used by Russian cybercriminals is “Don’t work with RU”. This is a kind of instruction given by more experienced Russian criminals to the younger generation. It can be interpreted as: “don’t steal money from people in Russia, don’t infect their machines, don’t use compatriots […] more…Adwind: FAQ
Download full report PDF We have become aware of unusual malware that was found in some banks in Singapore. This malware has many names – it is known as Adwind RAT (Remote Access Tool), AlienSpy, Frutas, Unrecom, Sockrat, JSocket, and jRat. It is a backdoor available for purchase, and is written entirely in Java which […] more…The Chronicles of the Hellsing APT: the Empire Strikes Back
Introduction One of the most active APT groups in Asia, and especially around the South China Sea area is “Naikon”. Naikon plays a key part in our story, but the focus of this report is on another threat actor entirely; one who came to our attention when they hit back at a Naikon attack. Naikon […] more…More information
- DHS Orders Federal Agencies to Use DMARC, HTTPS
- Chinese Researchers Remotely Hack Tesla Model S
- Planned power disruption: Penn State Fayette
- Tips for Choosing the Right Moving Company
- Student charged by FBI for hacking his grades more than 90 times
- Did Russia hack the US election? Democrats want an investigation
- Apple’s Swift Playgrounds can help you learn to code, but it’s no HyperCard
- Drupal: Attacks Started Within Hours Of Patch Release
- IBM Opens New Labs for Cracking ATMs, IoT Devices
- Microsoft Internet Explorer CHTML Use-After-Free Remote Code Execution Vulnerability