Trickbot module descriptions
Trickbot (aka TrickLoader or Trickster), is a successor of the Dyre banking Trojan that was active from 2014 to 2016 and performed man-in-the-browser attacks in order to steal banking credentials. Trickbot was first discovered in October 2016. Just like Dyre, its main functionality was initially the theft of online banking data. However, over time, its […] more…Lazarus targets defense industry with ThreatNeedle
Lazarus targets defense industry with ThreatNeedle (PDF) We named Lazarus the most active group of 2020. We’ve observed numerous activities by this notorious APT group targeting various industries. The group has changed target depending on the primary objective. Google TAG has recently published a post about a campaign by Lazarus targeting security researchers. After taking […] more…AZORult spreads as a fake ProtonVPN installer
AZORult has its history. However, a few days ago, we discovered what appears to be one of its most unusual campaigns: abusing the ProtonVPN service and dropping malware via fake ProtonVPN installers for Windows. Screenshot of a fake ProtonVPN website The campaign started at the end of November 2019 when the threat actor behind it […] more…DarkUniverse – the mysterious APT framework #27
In April 2017, ShadowBrokers published their well-known ‘Lost in Translation’ leak, which, among other things, contained an interesting script that checked for traces of other APTs in the compromised system. In 2018, we found an APT described as the 27th function of this script, which we call ‘DarkUniverse’. This APT was active for at least […] more…Norwegian teenagers arrested over denial-of-service attacks
Two teenagers have been arrested in Norway in connection with a series of distributed denial-of-service (DDoS) attacks against websites in the country, and elsewhere around the world. more…More information
- Warning: Here are three emails you don’t want to see in your inbox
- HACTIVISM – BE ALERT BUT NOT ALARMED
- iPhone upgraders leave nearly $13.5B in old hardware to collect dust
- Nigerian Threat Actor Targeting Aviation Industry Since 2018
- New Protocol Authenticates USB Type-C Chargers, Devices
- Google adds Android and Apache to open source security rewards programme
- VMware Patches Vulnerabilities in Tools, Workstation
- 9 common security awareness mistakes (and how to fix them)
- Trend Micro Patches Another Apex One Vulnerability Exploited in Attacks
- Security Sessions: How to transition from tech professional to a business leader