Security News

Threat actors are actively incorporating public cloud services from Amazon and Microsoft into their malicious campaigns to deliver commodity remote access trojans such as Nanocore, Netwire, and AsyncRAT to siphon sensitive information from compromised systems. "From the use of cloud infrastructure to host malware to the abuse of dynamic DNS for command-and-control activities. Additionally, the layers of obfuscation point to the current state of criminal cyber activities, where it takes lots of analysis to get down to the final payload and intentions of the attack."

That's according to researchers at Trustwave, who found that the campaign is effectively hiding a malicious executable by giving it a.ZIPX file extension, which is used to denote that a.ZIP archive format is compressed using the WinZip archiver. In reality, the appended file is an Icon image file wrapped inside a.RAR package.

A new malicious campaign is spreading LokiBot and NanoCore trojans under the guise of an ISO file claiming to be an invoice.

LokiBot info-stealing malware is again being distributed in a malspam campaign using attached ISO image file attachments. Similar was reported in August 2018, but it remains an unusual method of...

Arkansas Man Admits Developing, Selling Software Intended for Malicious UseArkansas developer Taylor Huddleston has been sentenced to serve more than two years in prison for developing, marketing...

A Hot Springs, Arkansas man who last year admitted in court to creating the NanoCore RAT (Remote Access Trojan) was sentenced to 33 months in prison. read more

A Hot Springs, Arkansas man this week pleaded guilty to creating two malicious programs, including the NanoCore RAT (Remote Access Trojan). read more

A programmer who was arrested in March this year—not because he hacked someone, but because he created and distributed a remote access software that helped cyber criminals—has finally pleaded...

26-year-old Taylor Huddleston, of Hot Springs, Arkansas, pleaded guilty today to charges of aiding and abetting computer intrusions. According to the statement of facts filed with the plea...

NanoCore, a lesser-known remote access Trojan (RAT), has recently been spotted being delivered to employees of energy companies in Asia and the Middle East via spear-phishing emails impersonating a le...