A week in security (Dec 20 – 26)
The most important and interesting security stories from the last seven days.
Dridex affiliate dresses up as Scrooge
Threat actors are hoping to catch a few more victims before they leave work for the Christmas holidays. The recent malicious spam campaigns (malspam) we and others have observed appear to have been created by someone who wants to play Scrooge and add onto people’s already heightened state of anxiety. The lures are particularly mean…
Malspam banks on Kaseya ransomware attack
The Malwarebytes Threat Intelligence Team recently found a malspam campaign banking on the ransomware attack that hit Kaseya VSA.
Extortion, precision malware, and ruthless scams. Read the State of Malware 2021 report
Through the chaos and devastation of 2020, one form of business seems to have thrived—the creation and operation of malicious software.
The forgotten domain: Exploring a link between Magecart Group 5 and the Carbanak APT
Bread crumbs left behind open up a possible connection between Magecart Group 5 and Carbanak.
Report: Cybercrime climate shifts dramatically in first quarter
The first quarter of 2017 brought with it some significant changes to the threat landscape and we aren’t talking about heavy ransomware distribution either. Threats which were previously believed to be serious contenders this year have nearly vanished entirely, while new threats and infection techniques have forced the security community to reconsider collection and analysis efforts.
Beware of DOC! A look at malicious macros
In this post we will reveal the true mission of a DOC file delivered in a spam.