SEC News

What's new arround internet

Last one

Src	Date (GMT)	Titre	Description	Tags	Stories	Notes
	2022-08-04 08:00:13	Attackers leveraging Dark Utilities "C2aaS" platform in malware campaigns (lien direct)	By Edmund Brumaghin, Azim Khodjibaev and Matt Thaxton, with contributions from Arnaud Zobec.Executive SummaryDark Utilities, released in early 2022, is a platform that provides full-featured C2 capabilities to adversaries.It is marketed as a means to enable remote access, command execution, distributed denial-of-service (DDoS) attacks and cryptocurrency mining operations on infected systems.Payloads provided by the platform support Windows, Linux and Python-based implementations and are hosted within the Interplanetary File System (IPFS), making them resilient to content moderation or law enforcement intervention.Since its initial release, we've observed malware samples in the wild leveraging it to facilitate remote access and cryptocurrency mining.What is "Dark Utilities?"In early 2022, a new C2 platform called "Dark Utilities" was established, offering a variety of services such as remote system access, DDoS capabilities and cryptocurrency mining. The operators of the service also established Discord and Telegram communities where they provide technical support and assistance for customers on the platform.Dark Utilities provides payloads consisting of code that is executed on victim systems, allowing them to be registered with the service and establish a command and control (C2) communications channel. The platform currently supports Windows, Linux and Python-based payloads, allowing adversaries to target multiple architectures without requiring significant development resources. During our analysis, we observed efforts underway to expand OS and system architecture support as the platform continues to see ongoing develo	Spam Malware Hack Tool Threat Guideline	APT 19
	2022-07-26 10:11:15	Quarterly Report: Incident Response Trends in Q2 2022 (lien direct)	Commodity malware usage surpasses ransomware by narrow margin By Caitlin Huey.For the first time in more than a year, ransomware was not the top threat Cisco Talos Incident Response (CTIR) responded to this quarter, as commodity malware surpassed ransomware by a narrow margin. This is likely due to several factors, including the closure of several ransomware groups, whether it be of their own volition or the actions of global law enforcement agencies and governments. Commodity malware was the top observed threat this quarter, a notable development given the general decrease in observations of attacks leveraging commodity trojans in CTIR engagements since 2020. These developments coincide with a general resurgence of certain email-based trojans in recent months, as law enforcement and technology companies have continued to attempt to disrupt and affect email-based malware threats like Emotet and Trickbot. This quarter featured malware such as the Remcos remote access trojan (RAT), Vidar infostealer, Redline Stealer and Qakbot (Qbot), a well-known banking trojan that in recent weeks, has been observed in new clusters of activity delivering a variety of payloads. TargetingThe top-targeted vertical continues to be telecommunications, following a trend where it was among the top targeted verticals in Q4 2021 and Q1 2022, closely followed by organizations in the education and health care sectors. Commodity malwareThis quarter saw a notable increase in commodity malware threats compared to previous quarters. Commodity	Ransomware Spam Malware Threat
	2022-04-14 11:00:00	Threat Source newsletter (April 14, 2022) - It\'s Tax Day, and you know what that means (lien direct)	By Jon Munshaw. Welcome to this week's edition of the Threat Source newsletter. The deadline to file taxes in the United States is Monday. That means a few things: everyone should probably make sure their liquor cabinet is fully stocked, your spam filters are all turned on in your email... [[ This is only the beginning! Please visit the blog for the complete entry ]]	Spam Threat
	2021-12-03 07:46:29	Talos Takes Ep. #79: Emotet\'s back with the worst type of holiday present (lien direct)	By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. Emotet is back, and it brought the worst possible holiday present (just in time for peak spam season, too!). We... [[ This is only the beginning! Please visit the blog for the complete entry ]]	Spam
	2021-11-22 05:01:13	Back from the dead: Emotet re-emerges, begins rebuilding to wrap up 2021 (lien direct)	Executive summary Emotet has been one of the most widely distributed threats over the past several years. It has typically been observed being distributed via malicious spam email campaigns, and often leads to additional malware infections as it provides threat actors with an initial foothold in an... [[ This is only the beginning! Please visit the blog for the complete entry ]]	Spam Malware Threat Guideline
	2021-10-28 11:00:00	Threat Source newsletter (Oct. 28, 2021) (lien direct)	Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. Most people know about chicken and waffles. But what about squirrel and waffles? They may not be the most appetizing brunch, but they are teaming up for one heck of a spam campaign. We have new research out... [[ This is only the beginning! Please visit the blog for the complete entry ]]	Spam
	2021-10-26 05:01:17	SQUIRRELWAFFLE Leverages malspam to deliver Qakbot, Cobalt Strike (lien direct)	By Edmund Brumaghin, Mariano Graziano and Nick Mavis. Executive summary Recently, a new threat, referred to as "SQUIRRELWAFFLE" is being spread more widely via spam campaigns, infecting systems with a new malware loader. This is a malware family that's been spread with increasing regularity and... [[ This is only the beginning! Please visit the blog for the complete entry ]]	Spam Malware
	2021-10-15 08:07:16	Talos Takes Ep. #73 (NCSAM edition): Fight the phish from land, sea and air (lien direct)	By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. Most people may think of spam as being the classic email promising that you've won the lottery or some great prize,... [[ This is only the beginning! Please visit the blog for the complete entry ]]	Spam
	2021-09-16 11:00:00	Threat Source newsletter (Sept. 16, 2021) (lien direct)	Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. It's a bird, it's a plane, it's a rat! We've been tracking a series of trojans targeting the aviation industry, and trying to lure victims in by sending them spam related to flight itineraries and other transportation... [[ This is only the beginning! Please visit the blog for the complete entry ]]	Spam
	2021-07-01 10:56:01	(Déjà vu) Threat Source newsletter (July 1, 2021) (lien direct)	Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. Even though spam emails asking for gift cards may seem like the oldest trick in the book, they're still effective in 2021. The FBI estimates that business email compromise cost victims around $1.8 billion in 2020,... [[ This is only the beginning! Please visit the blog for the complete entry ]]	Spam
	2021-06-24 11:00:00	Threat Source newsletter (June 24, 2021) (lien direct)	Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. Even though spam emails asking for gift cards may seem like the oldest trick in the book, they're still effective in 2021. The FBI estimates that business email compromise cost victims around $1.8 billion in 2020,... [[ This is only the beginning! Please visit the blog for the complete entry ]]	Spam
	2021-04-08 11:00:00	Threat Source Newsletter (April 8, 2021) (lien direct)	Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We've all heard about spam coming through your email or those robocalls we all hate. But during the COVID-19 pandemic, attackers are now turning to chat rooms and gaming servers to spread spam. Talos researchers this... [[ This is only the beginning! Please visit the blog for the complete entry ]]	Spam
	2020-07-30 11:00:05	Threat Source newsletter for July 30, 2020 (lien direct)	Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. Adversaries love to use headlines as part of their spam campaigns. From COVID-19, to Black Lives Matter and even Black Friday every year, the bad guys are wanting to capitalize on current events. Why is this the case, and when do they decide to jump on headlines? In our latest blog post, we look at this technique and examine the advantages and disadvantages of trying to leverage the biggest news. Cyber... [[ This is only the beginning! Please visit the blog for the complete entry ]]	Spam Threat

Last update at: 2024-06-02 20:08:08
See our sources.

To see everything: Our RSS (filtrered)