Skip to Content

Microsoft Will Block Excel XLL Add-ins from the Internet

Starting in March, Microsoft will block XLL files coming from the Internet in Office Excel. In its Microsoft 365 roadmap, Microsoft writes that it is making this change “to combat the increasing number of malware attacks in recent months.” Note Nice to see Microsoft continuing its quest to block common malware delivery methods. XLL files …

Read More about Microsoft Will Block Excel XLL Add-ins from the Internet

HUMAN Security Takes Down Vastflux Ad Fraud Operation

Researchers from HUMAN have taken down a sizeable ad fraud scheme that spoofed more than 1,700 apps and managed to generate 12 billion ad requests a day. By injecting JavaScript into the ads, the scammers were able to layer multiple ads, registering views for ads that users did not see. HUMAN dubbed the malicious campaign …

Read More about HUMAN Security Takes Down Vastflux Ad Fraud Operation

Linux Malware Exploits Backdoor Flaws in Multiple WordPress Plug-ins

Updated on 2023-01-05: New WordPress backdoor Dr.Web researchers have found a new exploit tool designed to attack WordPress sites, infect them with a backdoor, and then inject malicious scripts in their codebase. The malware targets vulnerabilities in more than 30 WordPress themes and plugins and exclusively targets Linux-based servers. Read more: Linux backdoor malware infects …

Read More about Linux Malware Exploits Backdoor Flaws in Multiple WordPress Plug-ins

MasquerAds abuse Google Ads

Updated on 2022-12-29 A new MasquerAds technique is being widely used by threat actors to abuse the Google Ads platform in an attempt to deliver a variety of malware to victims’ systems. Read more: “MasquerAds” — Google’s Ad-Words Massively Abused by Threat Actors, Targeting Organizations, GPUs and Crypto Wallets Overview: MasquerAds On the same note, …

Read More about MasquerAds abuse Google Ads

FateGrab/StealDeal malware

Updated on 2022-12-22: FateGrab/StealDeal malware CERT-UA has a report out on a recent spear-phishing campaign that used a compromised Ministry of Defense account to target users of Delta, a platform used by Ukraine’s military forces for coordinating attacks. Read more: Кібератака на користувачів системи DELTA з використанням шкідливих програм RomCom/FateGrab/StealDeal (CERT-UA#5709) Overview Ukraine’s DELTA military …

Read More about FateGrab/StealDeal malware

RisePro Stealer

Updated on 2022-12-29 Sekoia has a technical breakdown of RisePro, a new infostealer trojan spotted being advertised in underground cybercrime forums by Flashpoint. Per Sekoia, RisePro is currently being deployed as a second-stage payload on systems infected with the PrivateLoader malware. Read more: New RisePro Stealer distributed by the prominent PrivateLoader “RisePro” Stealer and Pay-Per-Install …

Read More about RisePro Stealer

Guloader malware updated with new anti-evasion techniques

Updated on 2022-12-26 GuLoader has been updated with new anti-evasion techniques to dodge traditional security solutions. The new version is also hostile to systems running virtual machines. Read more: Malware Analysis: GuLoader Dissection Reveals New Anti-Analysis Techniques and Code Injection Redundancy Updated on 2022-12-21 OALABS has released IOCs for the Guloader malware. Get them while …

Read More about Guloader malware updated with new anti-evasion techniques

MoneyMonger malware use Flutter to deliver loan scam apps

Updated on 2022-12-16 Zimperium found bad actors abusing Flutter, an open-source UI software development kit, to deliver loan scam apps with severe privacy and security risks, in a campaign dubbed MoneyMonger. Updated on 2022-12-15 Zimperium has a report on MoneyMonger, a threat actor that develops and offers money-lending apps but also steals personal information from …

Read More about MoneyMonger malware use Flutter to deliver loan scam apps

Azov wiper malware

Updated on 2022-12-13 Check Point has a technical breakdown of Azov, a data wiper that was deployed in the wild in September and November. The malware was delivered on systems previously infected with the SmokeLoader malware, tried to frame known security researchers as its authors, and according to Check Point, was “an egregious false flag …

Read More about Azov wiper malware


Updated on 2022-12-13 Trend Micro also has a report on a new Go-based malware strain named CHAOS RAT, used in recent crypto-mining attacks against Linux servers. The malware appears to have been open-sourced on GitHub. Overview Trend Micro researchers spotted a cryptocurrency mining campaign against Linux machines using the open-source Chaos RAT to deploy Monero …

Read More about CHAOS RAT Malware

BlueFox Infostealer Malware-as-a-Service Model

Updated on 2022-12-12 Russian security firm Positive Technologies has an analysis of BlueFox, a new infostealer advertised on underground forums under a Malware-as-a-Service model. Their report is in Russian. An English-language report on the same malware is also available via Sekoia. Read more: Опасайтесь синих лис: разбор нового MaaS-стилера BlueFox Overview Sekoia researchers have analyzed …

Read More about BlueFox Infostealer Malware-as-a-Service Model
Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.