STOP (Djvu) Ransomware: Ransom For Your Shady Habits!

Credit to Author: Jayesh kulkarni| Date: Wed, 15 Jan 2020 14:13:09 +0000

With almost 200 extensions, STOP (djvu) ransomware can be said to be 2019’s most active and widespread ransomware. Although this ransomware was active a year before, it started its campaign aggressively in early 2019. To evade detection, it has been continuously changing its extensions and payloads. For earlier infections, data…

Read more

7 tipos de virus: un breve glosario de ciberamenazas actuales

Credit to Author: Naked Security| Date: Tue, 07 Jan 2020 15:33:04 +0000

Técnicamente, este artículo trata sobre malware en general, no sobre un virus en particular. Estrictamente hablando, un virus se refiere a un tipo de malware que se propaga por sí mismo, por lo que una vez que está en tu sistema, puede infectar cientos o incluso miles de archivos en cada ordenador de tu red, [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/dGTDYl_HeKc” height=”1″ width=”1″ alt=””/>

Read more

A week in security (December 30 – January 5)

Credit to Author: Malwarebytes Labs| Date: Mon, 06 Jan 2020 17:20:25 +0000

A roundup of the previous week’s most notable security stories and events, including new web skimmer techniques, an explanation of edge computing, and more.

Categories:

Tags:

(Read more…)

The post A week in security (December 30 – January 5) appeared first on Malwarebytes Labs.

Read more

Gozi V3: tracked by their own stealth

Credit to Author: sophoslabsbehavioural| Date: Tue, 24 Dec 2019 09:00:32 +0000

Gozi, also known as Ursnif or ISFB, is a banking trojan which has been around for a long time and currently multiple variations of the trojan are circulating after its source code got leaked. Every variant that is distributed has interesting aspects, with Gozi version 3 the most eye-catching in the field of detection evasion. [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/LaetYrage7Q” height=”1″ width=”1″ alt=””/>

Read more

The usual suspects

Credit to Author: Sharky| Date: Fri, 13 Dec 2019 03:00:00 -0800

One morning Wilma, the print shop manager at a beer distributor, discovers that her computer has a virus. It’s no big deal — sometimes bad things happen to good computers — so she cleans up the system and gets on with her day.

But a few days later the system is infected again.

Considerably more annoyed this time, she contacts Betty (the company’s sole IT person) to get some assistance and make sure the system is 100% clean. After disinfecting the system, Betty checks the browser history and finds that someone has been making late-night visits to X-rated websites.

The question then becomes, Who is using company resources to watch porn? At most companies, suspicion would immediately fall on the nighttime cleaning crew. But the print shop is located in the warehouse, to which the cleaning crew doesn’t have access.

To read this article in full, please click here

Read more

New version of IcedID Trojan uses steganographic payloads

Credit to Author: Threat Intelligence Team| Date: Tue, 03 Dec 2019 18:06:13 +0000

We take a deep dive into the IcedID Trojan, describing the new payloads of this advanced malware.

Categories:

Tags:

(Read more…)

The post New version of IcedID Trojan uses steganographic payloads appeared first on Malwarebytes Labs.

Read more