Campaign News, Articles and Updates

CNI needs shoring up after US, UK blame Russia for attacks

The US is prepared to take aggressive action against Russia for a recent, extended campaign of cyber-attacks on infrastructure assets around the world by compromising devices such as routers and firewalls.

Electroneum-mining operation now targeting Struts systems on Windows

The well-known Apache Struts 2 Jakarta Multipart Parser remote code execution cryptocurrency campaign, is now being used by cyber-criminals to mine Electroneum coin by targeting systems running Windows operating systems.

New Sanny info-stealer campaign features targets US government agencies

Researchers this month discovered a new spear phishing campaign targeting US government agencies with an evolved version of Sanny malware, a 5-year-old information-stealer that now features a multi-stage infection process.

Top Trump campaign officials urged Papadopoulos to meet with Russians

A senior Trump campaign advisor allegedly encouraged former foreign policy advisor George Papadopoulos, who's already pleaded guilty to lying to FBI agents, to meet with members of a Russian news agency.

US counter-terrorism operation exposed Slingshot APT campaign

A recently published Kaspersky Lab report that exposed a sophisticated, six-year cyber-espionage campaign targeting the Middle East and Africa disrupted an active counter-terrorism operation.

Recently patched Flash vulnerability spotted in massive malspam campaign

A recently patched Flash Player flaw was exploited in a widespread attack spam campaign primarily targeting South Koreans.

RIG exploit kit strikes again, cryptocurrencies malvertising campaign

A malvertising campaign uses decoy websites pushing cryptocurrencies and then redirects users to the RIG exploit kit, Malwarebytes Labs said.

New email scam targeting accounts personnel at Fortune 500 companies

Criminals impersonate legitimate email accounts to initiate wire transfer fraud. Security researchers have uncovered an active Business Email Compromise (BEC) campaign targeting Accounts Payable personnel at Fortune 500.

New Word malware attacks infect systems without using macros

Security researchers have discovered a new email spam campaign that tries to get users to open up Word document attachments that downloads a password stealer as its final payload.

Edward Snowden returns to US! Oops, nope, it's a phishing scam

A strange spam campaign that targets Apple customers has been found distributing phishing emails containing an Apple receipt that bills US$ 9.99 (£7) to an Edward Snowden residing at a US address.

Windows Installer service hacked to infect victims' systems with malware

Cyber-criminals are using a malware spam campaign to exploit a remote code execution vulnerability in Microsoft Office to download and execute malicious scripts on victims' systems.

Government websites, including ICO, hit by cryptocurrency mining campaign

More than 5,000 sites, including sites belonging to the NHS, ICO, local councils and the Student Loans Company were hit by a cryptocurrency mining campaign that exploited a popular plug-in to infect sites with a malicious script.

Flash Player zero-day attacks attributed to advancing North Korean APT

Researchers are reporting that an increasingly sophisticated North Korean hacking group is responsible for an attack campaign exploiting CVE-2018-4878, a critical use-after-free flaw in Flash Player that has not yet been patched.

Two-year-old malware campaign plagues Ukrainians with Vermin, Quasar RATs

Researchers have uncovered a two-year-old cyber-espionage campaign that's been infecting Ukrainians with either a newly discovered remote access tool called Vermin or the more established Quasar RAT.

Google's DoubleClick network exploited to serve cryptominers

A malvertising campaign was observed exploiting Google's DoubleClick network to deliver silent cryptominers on high-traffic sites.

Millions of machines download cryptominer after users click on devious link

A newly discovered malicious URL redirection campaign that infects users with the XMRig Monero cryptocurrency miner has already victimised users between 15 and 30 million times, researchers have reported.

Dridex campaign carries scent of Necurs with a hint of FTP

Forcepoint researchers spotted a malware laden spam campaign, similar to Necurs, using compromised FTP sites instead of the usual HTTP link as download locations for malicious documents.

Cryptominer malwares in RIG EK spread via malvertising

Malwarebytes researcher Jerome Segura analysed a RIG exploit campaign distributing malware coin miners delivered via drive-by download attacks from malvertising.

Ursnif banking Trojan targets Australia with new evasive macros

On 19 September, the TA530 group sent personalised emails utilising company names, personal names, titles and more to deliver malicious Word documents.

Global malvertising campaign shuts down

The Shadowgate malware campaign has been halted by security firm Talos and hosting company GoDaddy