News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Emotet, DarkGate, and LokiBot Infection Tactics
B2B Cyber ​​Security ShortNews

Analysis by Kaspersky reveals intricate infection tactics used by malware strains. According to this, the famous Emotet botnet is reporting back using a new infection route via OneNote files and is attacking companies; In addition, the loader DarkGate has been equipped with numerous new features and LokiBot targets cargo ship companies in phishing emails with Excel attachments. Kaspersky's latest report reveals the current sophisticated infection tactics used by DarkGate, Emotet, and LokiBot malware. DarkGate's unique encryption and Emotet's robust comeback and LokiBot's ongoing exploits underscore the need for an ever-evolving cybersecurity landscape. Emotet uses OneNote file…

Read more

Dangerous Sleeper: Emotet explores new attack vectors
B2B Cyber ​​Security ShortNews

In 2021, the network around Emotet was broken up. But that doesn't mean that Emotet has completely disappeared from the web. On the contrary: there are always signs that the group around Emotet is looking for new avenues of attack. Since its return, Emotet has appeared in several spam campaigns. Mealybug, the hacker group behind the botnet, has developed numerous new modules and revised existing ones. The masterminds behind Emotet learned a lot from the takedown two years ago and invested a lot of time in preventing their botnet from being discovered. Emotet's infrastructure is dead - the...

Read more

Top malware in March
Top malware in March

Last month, security researchers uncovered a new malware campaign from the notorious Emotet Trojan. As reported earlier this year, since Microsoft announced it would block macros in Office files, Emotet attackers have been looking for alternative ways to proliferate malicious files. In the most recent campaign, the attackers have chosen a new strategy: they send spam emails that contain a malicious OneNote file. Once opened, a fake message appears, tricking the victim into clicking on the document, thereby downloading the Emotet infection. Once installed, the malware can steal email user credentials such as login credentials…

Read more

Top malware in Q1-2023: Qbot, Formbook, Emotet
Top malware in Q1-2023: Qbot, Formbook, Emotet

Check Point's Spring 2023 Global Threat Index shows Qbot, Formbook, and Emotet malware as the most threatening, HTTP Headers Remote Code Execution vulnerability on the rise, and retail as an industry most under attack. Check Point has published its Global Threat Index for January 2023. Qbot, a sophisticated Trojan that steals banking information and keystrokes, remains at the top. Emotet slips to third place in Germany. With regard to sectors and areas, retail was attacked in Germany in particular. Maya Horowitz, VP Research at...

Read more

Emotet on the move in a new dangerous variant
Emotet on the move in a new dangerous variant

After months of deceptive silence, a new dangerous variant of the Emotet Trojan has now been discovered. Hornetsecurity's Security Lab discovered it and warns against it. The new variant relies on large files that have been extremely packed to avoid fast scans. The dangerous Emotet malware is back. After almost three months of silence, the Security Lab, Hornetsecurity's in-house security laboratory, has discovered a new variant of the Trojan. The latest version of Emotet uses very large files to bypass security scans and infiltrate IT systems. Security software often only scans the…

Read more

EDR: Old service is a door opener for Emotet, REvil & Co
B2B Cyber ​​Security ShortNews

Check Point Research has discovered a software service that has been helping hackers bypass EDR (Endpoint Detection & Response) protection for over six years. The software service serves as a door opener for Emotet, REvil, Maze and other malware. Beneficiaries of the TrickGate service include well-known malware such as Cerber, Trickbot, Maze, Emotet, REvil, Cobalt Strike, AZORult, Formbook, AgentTesla - a colorful parade of top malware Check Point releases monthly. Old service levers out EDR TrickGate is transformative and changes regularly, which helped keep it…

Read more

Emotet campaign picks up steam again
B2B Cyber ​​Security ShortNews

TA542, a cybercriminal group that distributes Emotet malware, has ended its summer break and is launching more and more new campaigns. However, also with modified Emotet variants. Group TA542 was absent for almost four months and was last seen in action in the summer of July 13, 2022. Since November 2, Proofpoint's security specialists have been monitoring new activities by TA542 - especially in Germany. Key learnings about the Emotet campaigns TA542 uses customized Emotet variants in the new campaigns. The changes (see below) affect the payloads and lures used as well as changes to...

Read more

Malware: Emotet and FormBook at the top
Checkpoint News

Check Point Research (CPR), the research arm of Check Point Software Technologies Ltd., a global leader in cyber security solutions, has released its latest Global Threat Index for August 2022. CPR reports that FormBook is now the most prevalent malware, replacing Emotet, which has held that position since its January resurgence. FormBook is an infostealer that targets Windows operating systems. Once installed, it can intercept credentials, collect screenshots, monitor and log keystrokes, and download and execute (C&C) files according to its commands. Since its initial discovery in...

Read more

Report: GandCrab is the most active ransomware in DA-CH
Report: GandCrab is the most active ransomware in DA-CH

With the Threat Report, ESET regularly publishes results from its own detection systems and special incidents from the European IT security manufacturer's cybersecurity research. An important result in the second quarter of 2022: GandCrab is the most active ransomware in DA-CH. The latest edition for the second quarter of 2022 highlights the period from May to August. While the ransomware GandCrab plays a rather small role in a global comparison, the encryption Trojan dominates the ESET detection statistics in Germany, Austria and Switzerland. Almost one in four ransomware finds can be traced back to GandCrab. Another interesting change is that politically motivated ransomware is on the decline….

Read more

Encrypted malware and Office vulnerabilities are a cause for concern
Encrypted malware and Office vulnerabilities are a cause for concern

WatchGuard's current Internet Security Report also documents the Emotet comeback and increasing attacks on SCADA systems. Google Chrome and Microsoft Office-based threats are also on the rise. WatchGuard Technologies' Internet Security Report's latest findings on top malware trends and network threats are in, showing an overall decrease in malware for the second quarter of 2022 compared to peaks in the first half of last year. However, Google Chrome and Microsoft Office-based threats are on the rise. Internet Security Report for the second quarter of 2022 And also with regard to the potential danger...

Read more