••• All important news related to new attacks and see the solutions we can offer you •••
Fake COVID-19 survey hides ransomware in Canadian university attack
Phishing attacks against universities worldwide attributed to the Silent Librarian APT group.
New phishing document targeting staff at the University of British Columbia (UBC) with a fake COVID-19 survey.
However, this attack and motives are different than the ones previously documented.
The survey is a malicious Word document whose purpose is to download ransomware and extort victims to recover their encrypted files.
RansomEXX attacks on Windows and LinuxLees de originele artikel hier
New file-encrypting Trojan built as an ELF executable and intended to encrypt data on machines controlled by Linux-based operating systems.
Similarities in the code of the Trojan were found, the text of the ransom notes and the general approach to extortion, which suggested that this is in fact a Linux build of the previously known ransomware family RansomEXX.
This malware is notorious for attacking large organizations and was most active earlier this year.
New Kimsuky Module Makes North Korean Spyware More PowerfulLees de originele artikel hier
A week after the US government issued an advisory about a "global intelligence gathering mission" operated by North Korean state-sponsored hackers, new findings have emerged about the threat group's spyware capabilities.
The APT - dubbed "Kimsuky" (aka Black Banshee or Thallium) and believed to be active as early as 2012 - has been now linked to as many as three hitherto undocumented malware, including an information stealer, a tool equipped with malware anti-analysis features, and a new server infrastructure with significant overlaps to its older espionage framework