Threat Roundup for January 17 to January 24

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Jan 17 and Jan 24. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]

The post Threat Roundup for January 17 to January 24 appeared first on Cisco Blogs.

January 24, 2020
Read More >>

NK CARROTBALL dropper used in attacks on U.S. Govn Agency

A US Government agency was hit with a phishing attack attempting to deliver a new malware dropper dubbed CARROTBALL. Security experts at Palo Alto Networks have uncovered a new malware dropper called CARROTBALL that was used in targeted attacks against a U.S. government agency and non-US foreign nationals. Experts attribute the attack to the Konni […]

The post NK CARROTBALL dropper used in attacks on U.S. Govn Agency appeared first on Security Affairs.

January 24, 2020
Read More >>

#CQLabs – Windows Defender Exploit Guard under the hood by Artur Wojtkowski

Antivirus software usually uses malware signatures, behavioral detection or heuristic detection to block malware. All these methods may be insufficient in case of APT (Advanced Persistent Threat) attacks prepared specifically for the victim or attacks exploiting 0day vulnerabilities in software, that were never seen before. Exploit Guard: Exploit Protection and Exploit Guard: Attack Surface Reduction […]

January 24, 2020
Read More >>

Technical Report of the Bezos Phone Hack

Motherboard obtained and published the technical report on the hack of Jeff Bezos’s phone, which is being attributed to Saudi Arabia, specifically to Crown Prince Mohammed bin Salman. …investigators set up a secure lab to examine the phone and its artifacts and spent two days poring over the device but were unable to find any malware on it. Instead, they…

January 24, 2020
Read More >>

Ako Ransomware targeting businesses using RaaS

Ako Ransomware targeting businesses using RaaS Quick Heal security researchers recently observed ransomware that uses RaaS (Ransomware as a Service) which is a subpart of MaaS (Malware as a Service). Before delving into the AKO ransomware or RaaS, one …

January 24, 2020
Read More >>