Last publications with IOC

Last news

CARBANAK Week Part Two: Continuing the CARBANAK Source Code

Following the release of our four-part CARBANAK Week blog series, many readers have found places to make the data shared in these posts actionable. We have updated this post to include some of this information.

CARBANAK Week Part One: A Rare Occurrence

CARBANAK is one of the most full-featured backdoors around. It was used to perpetrate millions of dollars in financial crimes, largely by the group we track as FIN7.

Hackers Launching Malware via Weaponized Excel File

Attackers distributing this malicious campaign via weaponized Excel File via email with attached Excel file that posed as a legitimate file with thefilename “Military Financing.xlsm.”

CVE-2019-0859: zero-day vulnerability

CVE-2019-0859 is a Use-After-Free vulnerability in the system function that handles dialog windows, or more precisely, their additional styles. The exploit pattern found in the wild targeted 64-bit versions of OS, from Windows 7 to the latest builds of Windows 10. Exploitation of the vulnerability allows the malware to download and execute a script written by the attackers, which in the worst-case scenario results in full control over the infected PC.