Trickbot module descriptions
Trickbot (aka TrickLoader or Trickster), is a successor of the Dyre banking Trojan that was active from 2014 to 2016 and performed man-in-the-browser attacks in order to steal banking credentials. Trickbot was first discovered in October 2016. Just like Dyre, its main functionality was initially the theft of online banking data. However, over time, its […] more…Lazarus targets defense industry with ThreatNeedle
Lazarus targets defense industry with ThreatNeedle (PDF) We named Lazarus the most active group of 2020. We’ve observed numerous activities by this notorious APT group targeting various industries. The group has changed target depending on the primary objective. Google TAG has recently published a post about a campaign by Lazarus targeting security researchers. After taking […] more…AZORult spreads as a fake ProtonVPN installer
AZORult has its history. However, a few days ago, we discovered what appears to be one of its most unusual campaigns: abusing the ProtonVPN service and dropping malware via fake ProtonVPN installers for Windows. Screenshot of a fake ProtonVPN website The campaign started at the end of November 2019 when the threat actor behind it […] more…DarkUniverse – the mysterious APT framework #27
In April 2017, ShadowBrokers published their well-known ‘Lost in Translation’ leak, which, among other things, contained an interesting script that checked for traces of other APTs in the compromised system. In 2018, we found an APT described as the 27th function of this script, which we call ‘DarkUniverse’. This APT was active for at least […] more…Norwegian teenagers arrested over denial-of-service attacks
Two teenagers have been arrested in Norway in connection with a series of distributed denial-of-service (DDoS) attacks against websites in the country, and elsewhere around the world. more…More information
- 2022’s top Google Assistant advice for Android
- Fortinet FortiExtender CVE-2019-15710 OS Command Injection Vulnerability
- How quantum computers will destroy and (maybe) save cryptography
- New Smoke Loader Attack Targets Multiple Credentials
- Cisco issues advisories for security flaws in appliances and mobility mobility tools
- Securing Smart Cities from the Ground Up
- IBM acquires payment fraud fighter IRIS Analytics
- Attackers Made 9,000 Unauthorized Database Queries in Equifax Hack: Report
- The hacker ‘skills gap’ may be more of a strategy gap
- Snapstreaks: Why Kids Keep them Going and What Parents Need to Know