Dec 7, 2022 | Cybersecurity News, Malware, Ransomware
Over the past two weeks, we selected the cybersecurity highlights such as “Tractors vs. threat actors: How to hack a farm”, “ChatGPT shows promise of using AI to write malware” and more.For more articles, check out our #onpatrol4malware blog....
Nov 23, 2022 | Malware Patrol Services, Press Release
Sharing is Caring To our industry’s credit, there are many good OSINT feeds and data sharing platforms. Even better, they are relatively easy to find. A simple Google search for open source intelligence (OSINT) threat feeds or open source cybersecurity tools...
Nov 22, 2022 | Cybersecurity News, Malware, Phishing
Over the past two weeks, we saw the ultimate Trojan horses “Containers”, the ultimate Trojan horses meant to be immutable. Also, TA542, an actor that distributes Emotet malware, has once again returned from an extensive break from delivering malicious...
Nov 10, 2022 | Cybersecurity News, Malware, Phishing
Over the past two weeks, we saw Emotet botnet starts blasting malware again after 4 month break. The Emotet malware operation is again spamming malicious emails after almost a four-month “vacation†that saw little activity from the notorious cybercrime operation....
Oct 25, 2022 | Cybersecurity News, Malware, Phishing, Ransomware
Over the last two weeks we saw the new Prestige ransomware that impacts organizations in Ukraine and Poland. Also, Cisco Talos discovered a new attack framework including a command and control (C2) tool called Alchimist and a new malware Insekt with remote...
Oct 13, 2022 | Cybersecurity News, Malware, Phishing, Ransomware
Over the last two weeks, we saw the news article from Cisco Talos, they discovered a new remote access trojan (RAT) called MagicRAT, developed and operated by the Lazarus APT group. Also read more about the Shikitega, a new stealthy malware targeting Linux.For more...
Sep 29, 2022 | Cybersecurity News, Malware, Phishing, Ransomware
Over the last two weeks, we saw that while monitoring the Emotet botnet current activity, security researchers found that the Quantum and BlackCat ransomware gangs are now using the malware to deploy their payloads. This and other news you find here.For more articles,...
Sep 12, 2022 | Cybersecurity News, Malware
Over the last two weeks, we saw the new BianLian ransomware gang, used subtle techniques to exploit, enumerate, and move laterally in victim networks to remain undetected and aggressively worked to counter Endpoint Detection & Response (EDR) protections during the...
Sep 5, 2022 | Malware
An Introduction to Malware Hashes and Hash Functions Malware hashes are found everywhere in our industry. And for a good reason. They very efficiently help identify malware samples and standardize the exchange of information among researchers, to name a couple of use...
Aug 31, 2022 | Cybersecurity News, Malware, Phishing, Ransomware
Over the last few weeks the news of hackers build phishing pages using AWS apps. Also find here the threat alert – cloud network bandwidth now stolen through cryptojacking.For more articles, check out our #onpatrol4malware blog. 87% of the ransomware found on...
Aug 16, 2022 | Cybersecurity News, Malware
Over the last two weeks, SC Media shared the top three email-based threats, what they have in common and how you can protect your organization. Also, more details about the Maui ransomware that has been used against US healthcare operations has been linked to...
Aug 1, 2022 | Cybersecurity News, Malware
Over the last two weeks, we saw the DUCKTAIL, infostealer Malware that is targeting Facebook Business Accounts. Also, Palo Alto release the new Incident Response Report 2022.For more articles, check out our #onpatrol4malware blog. The evolution of botnets and DDoS...
Jul 19, 2022 | Cybersecurity News, Malware, Phishing, Ransomware
Over the past two weeks, we saw the news about the infected WordPress site that revealed a malicious C&C script. Also, a new Android malware family on the Google Play Store secretly subscribes users to premium services downloaded over 3,000,000 times. Read this...
Jul 5, 2022 | Cybersecurity News, Malware, Ransomware
Over the last two weeks, we saw that relevant article “Dark Web Price Index 2022” – “As the global health crisis ground on for a second year, many of the trends in Dark Web information product prices and availability continued, too”....
Jun 24, 2022 | Malware, Malware Patrol Services, Phishing, Ransomware
The MISP project is a free open source threat intelligence platform (TIP) that stores, analyzes, and shares information about malware.It is co-financed by the European Union and a wide variety of organizations, including law enforcement agencies, private companies,...
Jun 20, 2022 | Cybersecurity News, Malware, Phishing, Ransomware
Over the last two weeks, we saw that a few months back, researchers discovered a new, undetected malware that acts in this parasitic nature affecting Linux® operating systems. We have aptly named this malware Symbiote. In addition, back from the dead, Emotet returns...
Jun 6, 2022 | Cybersecurity News, Malware, Phishing, Ransomware
Over the last two weeks, we saw the Clipminer malware gang stole $1.7M by hijacking crypto payments. According to researchers from Symantec, a Broadcom company, Clipminer is based on the KryptoCibule malware. In addition, get the latest insights into ransomware...
May 23, 2022 | Cybersecurity News, DDoS, Malware, Malware Patrol Services, Ransomware
Over the past two weeks, we saw The CrowdStrike Falcon OverWatch threat hunting team has uncovered a new and highly sophisticated Internet Information Services (IIS) post-exploitation framework that CrowdStrike refers to as IceApple. Also, 254% increase in activity...
May 9, 2022 | Cybersecurity News, Malware, Ransomware
Over the last two weeks, we saw new LinkedIn scams, where cybercriminals attack when we may be at our most vulnerable – here’s what to look out for and how to avoid falling victim to fraud when using the platform. Also, check out “The Strange Link...
Apr 26, 2022 | Cybersecurity News, Malware, Ransomware
Over the past two weeks, we saw that In February 2022, CISA, FBI, the U.S. CCNMF, the United Kingdom’s NCSC-UK, and NSA released a joint statement regarding their observation of Iranian government-sponsored APT MuddyWater and their malicious cyber activity....
Apr 11, 2022 | Archive
Over the last two weeks, we saw that “from the beginning of 2022, we have dealt with six different strains of wiper malware targeting Ukraine: WhisperKill, WhisperGate, HermeticWiper, IsaacWiper, CaddyWiper, and DoubleZero. These attacks are notable on their...
Mar 31, 2022 | Archive
Over the last two weeks, we saw that KELA published a report on ransomware operators’ overall trends and movements over 2021. The cybersecurity firm says that the number of major organizations tracked as ransomware victims increased from 1460 to 2860. In addition,...
Mar 15, 2022 | Archive
Over the last couple of weeks we saw On February 24, 2022, Anonymous — a global collective of hackers — announced it was launching a cyber operation against Russian President Vladimir Putin and the Russian state for invading Ukraine. At 2:50 PM EST on February 24,...
Mar 4, 2022 | Cybersecurity News, Malware, Malware Patrol Services, Ransomware
In information security, the ability to predict and adapt to the behaviors of criminals can help organizations improve defense strategies against cyber threats.We can do this through the use of threat intelligence where data comprised of past and current indicators of...
Feb 28, 2022 | Archive
Over the past two weeks, we saw that Cyclops Blink appears to be a replacement framework for the VPNFilter malware exposed in 2018, which exploited network devices, primarily small office/home office (SOHO) routers, and network-attached storage (NAS) devices. In...
Feb 26, 2022 | Configuration Guide, Malware Patrol Services
Malware Patrol + FortiSIEMMalware Patrol offers (5) Enterprise* feeds formatted for integration into FortiSIEM. This allows users to combine the quality of Fortinet’s SIEM security platform with the protection from our threat intelligence. Customers can choose...
Feb 20, 2022 | Configuration Guide, Malware Patrol Services
pfSense The pfSense project is a free network firewall distribution, based on the FreeBSD operating system with a custom kernel and it also includes third-party free software packages for additional functionality. pfSense software, with the help of the package system,...
Feb 14, 2022 | Archive
Over the past two weeks, we saw “FritzFrog”, a peer-to-peer (P2P) botnet, which means its command and control server is not limited to a single, centralized machine, but rather can be done from every machine in its distributed network. And also, Qualys...
Feb 11, 2022 | Cybersecurity News
Bots don’t sleep, ransomware finds new ways to infiltrate systems and yesterday’s defenses may be ineffective tomorrow. Cybersecurity requires vigilance. But vigilance alone won’t suffice. That’s why threat researchers and enterprise security...
Jan 31, 2022 | Archive
Over the last two weeks, Varonis Threat Labs has observed one such RaaS provider, ALPHV (aka BlackCat ransomware), gaining traction since late 2021, actively recruiting new affiliates and targeting organizations across multiple sectors worldwide. In addition, we...
Jan 17, 2022 | Archive
Over the past two weeks, we saw the operators of the SFile ransomware (aka Escal) have developed a Linux version of their malware to expand their operations. SFile ransomware (aka Escal), has been active since 2020, it was observed targeting only Windows systems....
Jan 4, 2022 | Archive
Over the past two weeks, we saw that AvosLocker is a relatively new ransomware-as-a-service. The Sophos Rapid Response team has so far seen AvosLocker attacks in the Americas, Middle East, and Asia-Pacific, targeting Windows and Linux systems. In addition, we also saw...
Dec 20, 2021 | Archive
Over the last two weeks, we saw the ten families of malicious samples are spreading using the Log4j2 vulnerability Now. NetLab published a blog disclosing Mirai and Muhstik botnet samples propagating through Log4j2 RCE vulnerability. You will also find here the...
Dec 6, 2021 | Archive
Over the last 2 weeks we saw A new parasitic malware targets the popular Nginx web server, Sansec discovered. This novel code injects itself into a host Nginx application and is nearly invisible. Sansec also discovered a sophisticated threat that is packed with...
Nov 22, 2021 | Archive
Over the past 2 weeks, we observed a QAKBOT operators resumed email spam operations towards the end of September after an almost three-month hiatus. The Federal Bureau of Investigation (FBI) email servers were hacked to distribute spam email impersonating FBI warnings...
