Tag: Malware

Hacker, Threats & Malware, Vulnerabilities

New Threat Actor Fraudulently Buys Digital Certificates to Spread Malware

September 16, 2019

Via: Threat Post

Researchers have identified a new threat actor that is using impersonation fraud to purchase digital certificates that are then used for the spread of malware. Security firm ReversingLabs identified a bad actor that deceives certificate authorities into selling them legitimate […]

Network security

Attackers are exploiting vulnerable WP plugins to backdoor sites

September 3, 2019

Via: Help Net Security

A group of attackers that has been injecting WordPress-based sites with a script redirecting visitors to malicious and fraudulent pages has now also started backdooring the vulnerable installations, Wordfence’s Mikey Veenstra warns. The attacks The attackers are exploiting vulnerabilities in […]


Fileless attacks designed to disguise malicious activity up 265%

August 30, 2019

Via: Help Net Security

Trend Micro published its roundup report for the first half of 2019, revealing a surge in fileless attacks designed to disguise malicious activity. Detections of this threat alone were up 265% compared to the first half of 2018. “Sophistication and […]

Email security, Malware, Phishing

Employers Beware: Microsoft Word ‘Resume’ Phish Delivers Quasar RAT

August 28, 2019

Via: Threat Post

Employers who receive an email from someone purporting to be a job applicant, with an attached resume, could fall victim to a difficult-to-detect phishing campaign peddling a remote-access tool used often for espionage. Researchers with Cofense said they have recently […]

Email security, Malware, Security

IRS Impersonation Attacks Spread Malware Nationwide

August 27, 2019

Via: Threat Post

The Internal Revenue Service (IRS) is warning taxpayers about a snowballing email attack that uses messages pretending to be legitimate IRS communications. The end game for the effort is malware being installed on unsuspecting users’ machines; imposters may gain control […]


Asruex Malware Exploits Old vulnerabilities to Infect PDF, Word Docs

August 26, 2019

Via: Security Week

A recently observed variant of the Asruex backdoor acts as an infector by targeting old vulnerabilities in Microsoft Office and Adobe Reader and Acrobat 9.x, Trend Micro reports. Asruex was initially discovered in 2015 and was previously associated with the […]

Malware, Phishing

Should you block newly registered domains? Researchers say yes

August 23, 2019

Via: Help Net Security

7 out of 10 newly registered domains (NDRs) are either malicious, suspicious or not safe for work, say Palo Alto Networks researchers, and advise organizations to block access to them with URL filtering. “While this may be deemed a bit […]

Network security

Identifying evasive threats hiding inside the network

August 22, 2019

Via: Help Net Security

There is no greater security risk to an organization than a threat actor that knows how to operate under the radar. Malicious insiders and external cybercriminals are getting savvier. They are better at blending in without tripping any alerts. They […]

Virus & Malware, Vulnerabilities

Vulnerabilities in Device Drivers From 20 Vendors Expose PCs to Persistent Malware

August 12, 2019

Via: Security Week

Researchers at firmware security company Eclypsium have analyzed device drivers from major vendors and identified over 40 drivers from 20 firms containing serious vulnerabilities that can be exploited to deploy persistent malware. Device drivers provide access to the BIOS/UEFI or […]

Cyber-crime, Malware

AT&T workers bribed to install malware on company network and unlock iPhones

August 8, 2019

Via: Hot for Security

The US government has extradited 34-year-old Muhammad Fahd from Hong Kong and charged him for his part in a criminal scheme that is said to have cost AT&T millions of dollars. Fahd, a citizen of Pakistan, is alleged to have […]