A new cybercrime tool called “AuKill” has emerged, which attackers use to disable endpoint detection and response (EDR) defenses used by enterprises before deploying ransomware. AuKill malware uses malicious device drivers to infiltrate systems. Recently, researchers from Sophos discovered an attacker using AuKill before deploying Medusa Locker ransomware and another attacker using it on an… Continue reading Ransomware Attacks Increasingly Using AuKill Malware to Disable EDR
Tag: Malware
Can PDFs Have Virus? Exploring the Risks of Downloading PDF Files
Among numerous other files, PDFs are considered one of the most convenient to use for read-only documents. They prevent editing the content, yet retain the ability to carry interactive content. But is it totally safe? Can a PDF have a virus? Let’s find out. Background of PDF Virus First things first, so let’s see the… Continue reading Can PDFs Have Virus? Exploring the Risks of Downloading PDF Files
Microsoft Told How to Detect the Installation of the BlackLotus UEFI Bootkit
Microsoft has shared a guide to help organizations detect the installation of the BlackLotus UEFI bootkit that exploits the CVE-2022-21894 vulnerability. The company also explained how best to restore an infected system. Let me remind you that we also wrote that Experts discovered ESPecter UEFI bootkit used for espionage. Let me remind you that BlackLotus… Continue reading Microsoft Told How to Detect the Installation of the BlackLotus UEFI Bootkit
Hackers Infect eFile Tax Filing Service with Malware
The eFile service, used by many Americans to file their tax returns and authorized by the US Internal Revenue Service (IRS), has been distributing malware for several weeks. Let me remind you that we also reported that Russian-Speaking Hack Group Winter Vivern Attacks Governments in Europe and Asia, and also that Google Report Companies Creating… Continue reading Hackers Infect eFile Tax Filing Service with Malware
Rilide Malware Steals Data from Chromium Browsers
Trustwave SpiderLabs specialists spoke about the new Rilide malware, which steals confidential data and cryptocurrency, targeting Chromium browsers. Basically, Rilide masks as a legitimate Google Drive extension. Let me remind you that we also wrote that has Specialists Discovered a New Version of Malware from Russian Hackers LOLI Stealer. Moreover, the malware can display fake… Continue reading Rilide Malware Steals Data from Chromium Browsers
Rorschach Ransomware Analysis
Recent research from the CheckPoint Research team revealed a new ransomware sample that can potentially beat all samples currently present on the market. They coined it Rorschach, and already say that its unique properties can make it dominant ransomware pretty quickly. We told about this malware in a recent news post, and now it’s time… Continue reading Rorschach Ransomware Analysis
BlackGuard Receives Update, Targets More Cryptowallets
BlackGuard, a prolific infostealer malware, received an update at the edge of 2023. The new update introduced advanced data-stealing capabilities and secure connectivity features. The new version also includes a row of new anti-detection and anti-analysis capabilities. Let’s have a more detailed look into this malware and see the difference from all aspects. BlackGuard Stealer… Continue reading BlackGuard Receives Update, Targets More Cryptowallets
Attackers target .NET Developers with Malicious NuGet Packages
JFrog experts warned that attackers are targeting .NET developers through malicious packages from the NuGet repository and infecting their systems with malware that steals cryptocurrency. Let me remind you that we also said that Researchers discovered four npm packages that were collecting user data, and also that Log4j vulnerability threatens 35,000 Java packages. Also, information… Continue reading Attackers target .NET Developers with Malicious NuGet Packages
Emotet Has Resumed Activity after a Three-Month Break
Experts noticed that this week Emotet resumed its activity and after a three-month “rest” began to send malicious spam again. So far, information security specialists have not found any additional payloads. It looks like the malware is just collecting data for future spam campaigns. Let me remind you that we also wrote that Emotet Malware… Continue reading Emotet Has Resumed Activity after a Three-Month Break
Fake BSOD Scams Target Users Visiting Fake Adult Sites
The blue screen of death is probably the most unpleasant thing Windows users may ever see. In most cases, it is an alarming sign that something is wrong with your computer’s hardware or software. Some errors can mean that one or more components will soon be replaced. However, the Blue Screen of Death is not… Continue reading Fake BSOD Scams Target Users Visiting Fake Adult Sites