Emotet Botnet Resumed Activity after Five Months of Inactivity

The Emotet botnet resumed activity and began sending out malicious spam again after a five-month break, during which the malware practically “lay low.” So far, Emotet is not delivering additional payloads to the infected devices of victims, so it is not yet possible to say exactly what this malicious campaign will lead to. Let me… Continue reading Emotet Botnet Resumed Activity after Five Months of Inactivity

TrickBot Hack Group Systematically Attacks Ukraine

IBM Security X-Force experts noticed that from the very beginning of the full-scale Russian invasion, the TrickBot hack group “systematically attacks” Ukraine, which has not been observed before. It is believed that from mid-April to June 2022, hackers have already organized at least six such phishing campaigns. Let me remind you that the TrickBot hack… Continue reading TrickBot Hack Group Systematically Attacks Ukraine

TrickBot causes crashes on the machines when cybersecurity experts studying it

TrickBot malware has received new features that make it more difficult to investigate and detect — for example, TrickBot has learned to crash the browser when suspicious manipulations are detected. TrickBot is one of the most famous and “successful” malware to date. The malware was first noticed back in 2015, shortly after a series of… Continue reading TrickBot causes crashes on the machines when cybersecurity experts studying it

Microsoft patches Windows AppX Installer vulnerability that spreads Emotet malware

The latest of this year, December’s patch Tuesday brought fixes for six 0-day vulnerabilities in Microsoft products, including a bug in the Windows AppX Installer that uses Emotet malware to spread. Microsoft patched 67 vulnerabilities in its products this month, seven of which are classified as critical and 60 are classified as important. Separately, Microsoft… Continue reading Microsoft patches Windows AppX Installer vulnerability that spreads Emotet malware

Emotet now installs Cobalt Strike beacons

The researchers warn that Emotet now directly installs Cobalt Strike beacons on infected systems, providing immediate access to the network for attackers. Those can use it for lateral movement, which will greatly facilitate extortion attacks. Let me remind you that usually Emotet installs TrickBot or Qbot malware on the victim’s machines, and that one already… Continue reading Emotet now installs Cobalt Strike beacons

Microsoft recommends Exchange administrators to disable SMBv1

Microsoft strongly recommends administrators disable the SMBv1 protocol on Exchange servers to protect against threats that exploit its vulnerabilities. Let me remind you that Microsoft has been implementing a systematic refusal to use the outdated SMBv1 for a long time. So, since 2016, the company has advised administrators to withdraw from SMBv1 support since this… Continue reading Microsoft recommends Exchange administrators to disable SMBv1

Greta Thunberg became the most popular character in phishing campaigns

Check Point analysts prepared a traditional monthly report on the most active threats, the Global Threat Index. Greta Thunberg and Christmas became the most popular topics in spamming and phishing campaigns. For already three months, the Emotet Trojan has occupied one of the leading positions among malware: in December, Emotet affected 13% of organizations worldwide,… Continue reading Greta Thunberg became the most popular character in phishing campaigns

Check Point named the most dangerous malware of November 2019

Check Point Research Team, Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a global cybersecurity solutions provider, published the Global Threat Index report, listing the most dangerous malware of November 2019. Experts said that for the first time in three years, a mobile Trojan entered the general list of malware, and it has become the most… Continue reading Check Point named the most dangerous malware of November 2019