Over the past two weeks, we saw Emotet botnet starts blasting malware again after 4 month break. The Emotet malware operation is again spamming malicious emails after almost a four-month “vacation†that saw little activity from the notorious cybercrime operation. Also, check out the CISA report “Understanding and Responding to Distributed Denial-of-Service Attacks”.
For more articles, check out our #onpatrol4malware blog.
Understanding and Responding to Distributed Denial-of-Service Attacks
Source: CISA
These attacks can cost an organization time and money and may impose reputational costs while resources and services are inaccessible. this joint guide to provide organizations proactive steps to reduce the likelihood and impact of DDoS attacks. Read more.
Fodcha DDoS Botnet Resurfaces with New Capabilities
Source: The Hackers News
The threat actor behind the Fodcha distributed denial-of-service (DDoS) botnet has resurfaced with new capabilities, researchers reveal. Qihoo 360’s Network Security Research Lab said in a report published last week. Read more.
Emotet botnet starts blasting malware again after 4 month break
Source: Bleeping Computer
The Emotet malware operation is again spamming malicious emails after almost a four-month “vacation” that saw little activity from the notorious cybercrime operation. Read more.
Threat Actor “OPERA1ER” Steals Millions from Banks and Telcos
Source: InfoSecurity Magazine
Security experts have uncovered a long-running APT campaign by a French-speaking threat group that has stolen at least $11m from banks and telcos over a four-year period. Read more.
Inside the V1 Raccoon Stealer’s Den
Source: Team Cymru
Team Cymru’s S2 Research Team has blogged previously on the initial Raccoon stealer command and control methodology (Raccoon Stealer – An Insight into Victim “Gatesâ€), which utilized “gate†IP addresses to proxy victim traffic / data to static threat actor-controlled infrastructure. Read more.
LockBit 3.0 Being Distributed via Amadey Bot
Source: ASEC
The ASEC analysis team has confirmed that attackers are using Amadey Bot to install LockBit. Amadey Bot, a malware that was first discovered in 2018, is capable of stealing information and installing additional malware by receiving commands from the attacker. Read more.