Combating a spate of Java malware with machine learning in real-time

In recent weeks, we have seen a surge in emails carrying fresh malicious Java (.jar) malware that use new techniques to evade antivirus protection. But with our research team’s automated expert systems and machine learning models, Windows 10 PCs get real-time protection against these latest threats. Attackers are constantly changing their methods and tools. We…

1

Tax-themed phishing and malware attacks proliferate during the tax filing season

Tax-themed scams and social engineering attacks are as certain as (death or) tax itself. Every year we see these attacks, and 2017 is no different. These attacks circulate year-round as cybercriminals take advantage of the different country and region tax schedules, but they peak in the months leading to U.S. Tax Day in mid-April. The U.S. Internal Revenue Service last…

0

Ransomware: A declining nuisance or an evolving menace?

(Note: Read our latest comprehensive report on ransomware: Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene.)   The volume of ransomware encounters is on a downward trend. Are we seeing the beginning of the end of this vicious threat? Unfortunately, a look at the attack vectors, the number of unique families released…

2

No slowdown in Cerber ransomware activity as 2016 draws to a close

(Note: Read our latest comprehensive report on ransomware: Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene.)   As everybody else winds down for the holidays, the cybercriminals behind Cerber are busy ramping up their operations. Following our discovery of a spam campaign that takes advantage of holiday shopping, we found two new…

21

Been shopping lately? Fake credit card email can spook you into downloading Cerber ransomware

(Note: Read our latest comprehensive report on ransomware: Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene.)   As the shopping sprees become increasingly frenetic during holiday season, it’s hard not to worry about how much credit card debt we’re piling. Some of us rely on email notifications from our banks to track…

0

Don’t let this Black Friday/Cyber Monday spam deliver Locky ransomware to you

(Note: Read our latest comprehensive report on ransomware: Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene.)   We see it every year: social engineering attacks that take advantage of the online shopping activities around Black Friday and Cyber Monday, targeting customers of online retailers. This year, we’re seeing a spam campaign that…

2

Nemucod dot dot..WSF

The latest Nemucod campaign shows the malware distributing a spam email attachment with a .wsf extension, specifically ..wsf (with a double dot) extension. It is a variation of what has been observed since last year (2015) – the TrojanDownloader:JS/Nemucod malware downloader using JScript. It still spreads through spam email attachment, typically inside a .zip file,…

8

Upatre update: infection chain and affected countries

Upatre is a type of malware that is typically installed on a machine after a person is tricked into clicking on a link or opens an attachment contained in a spam email. Since January 2015,  we have seen spam emails commonly distributed by variants of the Hedsen and Cutwail malware families. Upatre’s malicious actions vary, but…

3

Insights into Win32/Bradop

Have you heard of Win32/Bradop? We recently investigated this interesting data theft family in more detail and exposed some of its inner secrets. The following is a description of what we found out. Spoiler alert: spam emails, protectors, the download mechanism, database credentials, stolen data, and the source code all figure in prominently. Win32/Bradop arrives…

0

There’s a cream for that

The other day, while previewing messages in my inbox, I saw a conspicuous message with the following parameters, typos included: To: (email address)CC: (email address),…Subject: Your ex sent me this pciture of you.Body:Hey (email address),Your ex sent me this picture claiming it’s you. Is it really so? You probaly should see a doctor:) They can…

0