New LNK attack tied to Higaisa APT discovered

We describe a new spearphishing campaign tied to the potential North Korean Higaisa APT group.

Read more

New Mac variant of Lazarus Dacls RAT distributed via Trojanized 2FA app

The Lazarus group improves their toolset with a new RAT specifically designed for the Mac.

Read more

Fake “Corona Antivirus” distributes BlackNET remote administration tool

Beware of fraudulent antivirus products taking advantage of the COVID-19 crisis.

Read more

APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT

We look at a spear phishing attack from APT36, an Advanced Persistent Threat group posing as the government of India and offering guidance on coronavirus. Instead, users are infected with a Crimson RAT that steals data.

Read more

A week in security (January 20 – 26)

A roundup of the previous week’s most notable security stories and events, including tech support scams, deepfakes, and the latest ransomware attack in Florida.

Read more

New social engineering toolkit draws inspiration from previous web campaigns

We discovered a web social engineering toolkit that allows crooks to create fake update notification campaigns on both desktop and mobile in up to 30 different languages.

Read more

Fortnite gamers targeted by data theft malware

If you’ve ever been tempted to cheat at Fortnite, think again—with the release of season six of the popular video game, we found a data theft malware masquerading as a cheat tool, ready to steal your browser sessions, cookies, and even your Bitcoin.

Read more

Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT

A threat actor implements a newer vulnerability exploited in Internet Explorer to serve up the Quasar RAT and diversify the portfolio of attacks.

Read more

Trojans: What’s the real deal?

We take a fresh look at Trojans: the history of the term, the most popular threats over the years, the different types of Trojans, and their relationship with social engineering.

Read more

A week in security (June 18 – June 24)

A roundup of security news from June 18 – 24 that includes the SamSam ransomware, DNS rebinding, a World Cup phishing campaign, and lots and lots of Android malware.

Read more

Select your language