Security News

Purple Fox EK Adds Microsoft Exploits to Arsenal
2020-07-06 15:21

The Purple Fox exploit kit has added two new exploits targeting critical- and high-severity Microsoft vulnerabilities to its bag of tricks - and researchers say they expect more attacks to be added in the future. The Purple Fox EK was previously analyzed in September, when researchers said that it appears to have been built to replace the Rig EK in the distribution chain of Purple Fox malware, which is a trojan/rootkit.

TrickBot Adds BazarBackdoor to Malware Arsenal
2020-06-03 16:55

A new module for the infamous trojan known as TrickBot has been deployed: A stealthy backdoor that researchers call "BazarBackdoor." Panda Security describes BazarBackdoor as "Enterprise-grade malware," and they linked it back to TrickBot because both pieces of malware share parts of the same code, along with delivery and operation methods.

TrickBot Trojan Adds RDP Brute-Forcing to Its Arsenal
2020-03-18 17:22

The TrickBot malware has added a new feature: A module called rdpScanDll, built for brute-forcing remote desktop protocol accounts. TrickBot is a malware strain that has been around since 2016, starting life as a banking trojan.

Russia-Linked Turla Cyberspies Add More Malware to Arsenal
2020-03-12 18:40

The Russia-linked threat group known as Turla was observed using two new pieces of malware in attacks launched over a period of roughly two months in the fall of 2019, ESET reports. Also known as Waterbug, KRYPTON, Snake, and Venomous Bear, and active for more than a decade, Turla is known for the targeting of various diplomatic and military organizations, with a focus on NATO and Commonwealth of Independent States nations.

New Campaign Leverages BitBucket to Deliver Arsenal of Malware
2020-02-06 16:26

Cybereason's Nocturnus researchers have discovered an ongoing campaign that takes this approach to the next level - multiple malwares stored on BitBucket and downloaded as a form of layered malware able to maximize each successful compromise. Part of the success is down to the lengths the attackers go to ensure the malware isn't discovered and removed from BitBucket.

TrickBot Adds Custom, Stealthy Backdoor to its Arsenal
2020-01-09 11:00

The Russian-speaking cybercriminals behind the TrickBot malware have developed a stealthy backdoor dubbed "PowerTrick," in order to infiltrate high-value targets. The malware operators send the first command, which is to download the main PowerTrick backdoor.

Whoa, bot wars: As cybercrooks add more AI to their arsenal, the goodies will have to too
2019-09-13 18:40

The future is automated, says Trend Micro bod Infosec techies should prepare to both fend off AI attacks and welcome the technology into their armoury of tools, reckons Trend Micro's director of...

PsiXBot Adds PornModule, Google DNS Service to Its Arsenal
2019-09-09 19:02

Porn-recording feature will likely be used for extortion.

DanaBot Adds Ransomware to its Arsenal
2019-06-20 17:05

Malware adds ransomware to its malicious bag of tricks.

Chinese Spy Group Mixes Up Its Malware Arsenal with Brand-New Loaders
2019-05-27 14:11

New campaigns also show modified versions of known payloads.