Spam and phishing in Q1 2017
Spam: quarterly highlights Spam from the Necurs botnet We wrote earlier about a sharp increase in the amount of spam with malicious attachments, mainly Trojan encryptors. Most of that spam was coming from the Necurs botnet, which is currently considered the world’s largest spam botnet. However, in late December 2016, the network’s activity almost ceased […] more…Lurk Banker Trojan: Exclusively for Russia
One piece of advice that often appears in closed message boards used by Russian cybercriminals is “Don’t work with RU”. This is a kind of instruction given by more experienced Russian criminals to the younger generation. It can be interpreted as: “don’t steal money from people in Russia, don’t infect their machines, don’t use compatriots […] more…Adwind: FAQ
Download full report PDF We have become aware of unusual malware that was found in some banks in Singapore. This malware has many names – it is known as Adwind RAT (Remote Access Tool), AlienSpy, Frutas, Unrecom, Sockrat, JSocket, and jRat. It is a backdoor available for purchase, and is written entirely in Java which […] more…The Chronicles of the Hellsing APT: the Empire Strikes Back
Introduction One of the most active APT groups in Asia, and especially around the South China Sea area is “Naikon”. Naikon plays a key part in our story, but the focus of this report is on another threat actor entirely; one who came to our attention when they hit back at a Naikon attack. Naikon […] more…More information
- Anatomy of an exploit – inside the CVE-2013-3893 Internet Explorer zero-day – Part 1
- Hacked Bluetooth hair straighteners are too hot to handle
- LastPass’s new cloud backup option – sunny skies or a brewing storm?
- New HomeKit gadget tracks how much electricity you’re wasting
- Apple’s T2 Mac security chip may be vulnerable, researcher claims
- Adobe releases emergency Flash fixes for two zero-day bugs
- Cisco Prime Infrastructure CVE-2019-12713 Cross Site Scripting Vulnerability
- Are You Susceptible to Phishing? Learn How to Stay Safe
- Most Android threats would be blocked if phones ran latest Android version, report says
- Malware Isolation Firm Menlo Security Raises $75 Million