Spam and phishing in Q1 2017
Spam: quarterly highlights Spam from the Necurs botnet We wrote earlier about a sharp increase in the amount of spam with malicious attachments, mainly Trojan encryptors. Most of that spam was coming from the Necurs botnet, which is currently considered the world’s largest spam botnet. However, in late December 2016, the network’s activity almost ceased […] more…Lurk Banker Trojan: Exclusively for Russia
One piece of advice that often appears in closed message boards used by Russian cybercriminals is “Don’t work with RU”. This is a kind of instruction given by more experienced Russian criminals to the younger generation. It can be interpreted as: “don’t steal money from people in Russia, don’t infect their machines, don’t use compatriots […] more…Adwind: FAQ
Download full report PDF We have become aware of unusual malware that was found in some banks in Singapore. This malware has many names – it is known as Adwind RAT (Remote Access Tool), AlienSpy, Frutas, Unrecom, Sockrat, JSocket, and jRat. It is a backdoor available for purchase, and is written entirely in Java which […] more…The Chronicles of the Hellsing APT: the Empire Strikes Back
Introduction One of the most active APT groups in Asia, and especially around the South China Sea area is “Naikon”. Naikon plays a key part in our story, but the focus of this report is on another threat actor entirely; one who came to our attention when they hit back at a Naikon attack. Naikon […] more…More information
- ‘We Have Not Provided Source Code to China’: Apple
- Microsoft PowerPoint CVE-2019-1462 Remote Code Execution Vulnerability
- ‘Vultur’ Android Malware Gets Extensive Device Interaction Capabilities
- Firefox 21 now available, launches officially tomorrow
- Kicking off 2019 with Recognition Across the McAfee Portfolio
- UScellular Breach Allowed Hackers to Port Customer Phone Numbers
- Was Russia Today hacked – or did it just forget to renew it’s domain?
- Webinar Today: Learn to Detect and Prevent Insider Threats
- Hidden websites fall offline following arrest in Ireland
- How to Intelligently Share Cyber Threat Intelligence