Category

Industry
phishing campaigns financial industry threat advisory finance institution

Organized phishing campaigns eye finance industry

Cyber-security experts have just discovered a new modular downloader that has the capability to download other modules and payloads. It’s embedded itself in large phishing campaigns and primarily hitting major financial institutions, planting their seeds for possible future attacks. Named Marap by security researchers, after its command and control (C&C) phone home parameter “param” spelled...
Continue Reading
atlassian gandcrab ransomware malware antimalware antiransomware

Hackers exploit atlassian confluence servers to spread malware

A group of attackers are actively exploiting a critical vulnerability in Atlassian’s Confluence collaboration software to infect servers with the GandCrab ransomware. Confluence is a Java-based web application that provides a shared wiki-type workspace for enterprise employees and is used by tens of thousands of companies worldwide.   The vulnerability, tracked as CVE-2019-3396, is in...
Continue Reading

Phishing Emails pretend to be Office 365 ‘File Deletion’ alerts

Deceptive phishing has been proliferating recently with campaigns appearing to come from the  “Office 365 Team”. Phishing emails are warning recipients that there has been an unusual amount of file deletions occurring on their account. The phishing campaign pretends to be a warning from the Office 365 service that states a medium-severity alert has been...
Continue Reading

Sierra Leone Commercial Bank suffers a cyberattack – web defacement.

We recently reported on Iranian hackers attacks a US Government website, shortly after the killing of Qassem Suleimani in Baghdad, Iraq, in supposed retaliation. More information can be found here. The hacker, H4ck3D, behind this US government website attack also has claimed to deface the Sierra Leone Commercial Bank, one the main financial institutions in...
Continue Reading
joker stash dark web

Joker Stash – One of the Biggest Card Dumps

We routinely monitor the dark web for threats and suspicious activities. Joker Stash is a Dark Web store that sells compromised bank credit cards.   On the 28th (US Time) of October the Joker Stash dark web store announced its new release of cards for sale through their news bulletin.   Something more suspicious than...
Continue Reading
WordPress Yuzo Plugin Becomes Scamming Tool

WordPress Yuzo Plugin Becomes Scamming Tool

The Yuzo Related Posts plugin, which is installed on over 60,000 websites, was removed from the WordPress.org plugin directory on March 30, 2019 after an unpatched vulnerability was publicly, and irresponsibly, disclosed by a security researcher that same day.   The vulnerability, which allows stored cross-site scripting (XSS), is now being exploited in the wild....
Continue Reading
Phishing Attack

Unorthodox Phishing Attack Aimed at Financial Employees in US and UK

A recently discovered phishing campaign has been targeting financial sector employees in the U.S. and UK with remote access trojan payloads stored on a Google Cloud Storage domain.   Researchers that the campaign seeks to infect PCs and other endpoints by tricking victims into clicking on malicious links that lead to .zip or .gz archive...
Continue Reading
NoKor Hacking Group – Serious Threat to the Banking Sector

NoKor Hacking Group – Serious Threat to the Banking Sector

A North Korean-connected hacking group progressively is efforting banking-inspired assaults, proposing that digital heists are presently one of its primary exercises in the internet, as per another cyber security report.   The worldwide digital firm said in Thursday that the Lazarus Group is a threat to the banking industry area after it completed a progression...
Continue Reading
Banking malware detection

Lokibot: The Banking Trojan that hacked a hacker, now comes with the list of targeted banks

Last December we discussed a written article about a hacker getting hacked by a banking Trojan. The banking malware was identified as the Lokibot which was exploited by being used by different cybercriminals. The details are in the previous article https://www.izoologic.com/2018/12/27/hacker-just-got-hacked/ Can you fathom how critical it is when a hacker itself gets hacked? Now...
Continue Reading
SMiShing Campaign

SMiShing Campaign Targeting Android Users using Fake Banking App

Another SMiShing effort has been seen in the wild, focusing on Spanish-talking clients and utilizing a phony Android Banking application. The phony application, called Movil Secure has just piled on several downloads in a time of only six days.   As indicated by security firm specialists, who found the new battle, the phony Movil Security...
Continue Reading
1 2