Threat Summary Malicious actor TA505 known for these notorious campaigns namely info stealer malware Dridex, the Locky ransomware, and more. Another attack carried out by the same group on multiple continents, including North America, Asia, Africa, and South America. Primarily focusing on large financial organizations, this group at the same time perform well-planned, advanced attacks...Continue Reading
Cyber-security experts have just discovered a new modular downloader that has the capability to download other modules and payloads. It’s embedded itself in large phishing campaigns and primarily hitting major financial institutions, planting their seeds for possible future attacks. Named Marap by security researchers, after its command and control (C&C) phone home parameter “param” spelled...Continue Reading
A group of attackers are actively exploiting a critical vulnerability in Atlassian’s Confluence collaboration software to infect servers with the GandCrab ransomware. Confluence is a Java-based web application that provides a shared wiki-type workspace for enterprise employees and is used by tens of thousands of companies worldwide. The vulnerability, tracked as CVE-2019-3396, is in...Continue Reading
Deceptive phishing has been proliferating recently with campaigns appearing to come from the “Office 365 Team”. Phishing emails are warning recipients that there has been an unusual amount of file deletions occurring on their account. The phishing campaign pretends to be a warning from the Office 365 service that states a medium-severity alert has been...Continue Reading
We recently reported on Iranian hackers attacks a US Government website, shortly after the killing of Qassem Suleimani in Baghdad, Iraq, in supposed retaliation. More information can be found here. The hacker, H4ck3D, behind this US government website attack also has claimed to deface the Sierra Leone Commercial Bank, one the main financial institutions in...Continue Reading
We routinely monitor the dark web for threats and suspicious activities. Joker Stash is a Dark Web store that sells compromised bank credit cards. On the 28th (US Time) of October the Joker Stash dark web store announced its new release of cards for sale through their news bulletin. Something more suspicious than...Continue Reading
The Yuzo Related Posts plugin, which is installed on over 60,000 websites, was removed from the WordPress.org plugin directory on March 30, 2019 after an unpatched vulnerability was publicly, and irresponsibly, disclosed by a security researcher that same day. The vulnerability, which allows stored cross-site scripting (XSS), is now being exploited in the wild....Continue Reading
A recently discovered phishing campaign has been targeting financial sector employees in the U.S. and UK with remote access trojan payloads stored on a Google Cloud Storage domain. Researchers that the campaign seeks to infect PCs and other endpoints by tricking victims into clicking on malicious links that lead to .zip or .gz archive...Continue Reading
A North Korean-connected hacking group progressively is efforting banking-inspired assaults, proposing that digital heists are presently one of its primary exercises in the internet, as per another cyber security report. The worldwide digital firm said in Thursday that the Lazarus Group is a threat to the banking industry area after it completed a progression...Continue Reading
Last December we discussed a written article about a hacker getting hacked by a banking Trojan. The banking malware was identified as the Lokibot which was exploited by being used by different cybercriminals. The details are in the previous article https://www.izoologic.com/2018/12/27/hacker-just-got-hacked/ Can you fathom how critical it is when a hacker itself gets hacked? Now...Continue Reading
This website stores cookies on your computer. These cookies are used to collect information about how you interact with our website and allow us to remember you. We use this information in order to improve and customize your browsing experience and for analytics and metrics about our visitors both on this website and other media.
If you decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference not to be tracked.