Displaying items by tag: TrickBot

Nearly 10 months after it was taken down by authorities in Europe, the US and Canada, the Emotet botnet appears to have returned, with at least one of the bots associated with it being observed by a security firm.

Microsoft's Remote Desktop Protocol tool was the attack vector of choice for ransomware attackers in 2020 as they stepped up as the pandemic created an environment suitable for this malware genre to thrive.

ANALYSIS When did American cyber security firm FireEye become aware that it had been compromised and its crown jewels — its Red Team tools — stolen?

American cyber security company FireEye, which announced a couple of days ago that it had been compromised by unknown attackers who stole its offensive tools, has been accused of having poor Internet-facing security by a British company that specialises in PKI.

GUEST RESEARCH: Q3 2020 Internet Security Report sheds light on COVID-19 threat trends, growing network attacks, malware targeting US SCADA systems, and more.

Webroot has released its annual list of the Nastiest Malware, "revealing phishing, botnet attacks and ransomware as 2020’s most vicious cybersecurity threats".

Global security firm Sophos has questioned the connection drawn between ransomware attacks facilitated by the Trickbot botnet and threats to election security, with a senior researcher saying gangs did not generally target local governments specifically for political effect.

Microsoft's Windows operating system is the target of a massive majority of the malicious software that abounds these days. And it has adopted the same strategy for avoiding blame as it did with the problem of viruses and worms: presenting itself as part of the solution, not the problem.

Recent reports identified the US Cyber Command as being responsible for the temporary neutering of Trickbot, but it seems other organisations assisted.

Malware campaigns equipped with the capability to exploit powerful, hidden backdoors are becoming commoditised, according to one security firm which says that research reveals that several high-profile hacker campaigns are integrating the misuse of SSH machine identities capabilities into their attacks.

Security vendor Deep Instinct has detected malware that targets Microsoft Outlook and has compromised more than 250 million email accounts.