CARBANAK Week Part Two: Continuing the CARBANAK Source Code

Following the release of our four-part CARBANAK Week blog series, many readers have found places to make the data shared in these posts actionable. We have updated this post to include some of this information.

CARBANAK Week Part One: A Rare Occurrence

CARBANAK is one of the most full-featured backdoors around. It was used to perpetrate millions of dollars in financial crimes, largely by the group we track as FIN7.

Hackers Launching Malware via Weaponized Excel File

Attackers distributing this malicious campaign via weaponized Excel File via email with attached Excel file that posed as a legitimate file with thefilename “Military Financing.xlsm.”

CVE-2019-0859: zero-day vulnerability

CVE-2019-0859 is a Use-After-Free vulnerability in the system function that handles dialog windows, or more precisely, their additional styles. The exploit pattern found in the wild targeted 64-bit versions of OS, from Windows 7 to the latest builds of Windows 10. Exploitation of the vulnerability allows the malware to download and execute a script written by the attackers, which in the worst-case scenario results in full control over the infected PC.

DNS Hijacking Attack Exploiting DLink

DNS hijacking is a type of malicious attack that used to redirect the users to the malicious website when they visit the website via compromised routers or attackers modifying a server’s settings.

Adobe Released Security Updates & Fixed 43 Vulnerabilities

There are 8 different Adobe products are affected including Adobe Flash Player, Shockwave Player, Dreamweaver, Adobe XD CC, Adobe Experience Manager Forms, and Adobe Bridge CC.

Hackers Used US-based Web Servers

Hackers used hosting infrastructure in the United States to host 10 malware families and distributed them through mass phishing campaigns.The hosted malware families include five banking Trojans, two ransomware and three information stealer malware families. The malware includes familiar ones such as Dridex, GandCrab, Neutrino, IcedID, and others.

Oregon DHS’ 2 million emails accounts compromised in a recent phishing scheme

A successful phishing scheme has resulted in the compromise of 2 million email accounts belonging to the Oregon Department of Human Services. The incident has affected at least 350,000 people.What’s the matter - The Oregon Department of Human Services (DHS) announced last week that it had fallen victim to a phishing campaign after nine of its employees inadvertently gave hackers access to their accounts. The data breach occurred on January 8, 2019. However, the intrusion was discovered on January 28, 2019.

Hackers created a secret backdoor in 'hundreds of thousands' of Asus computers using software update

Leading computer maker ASUS suffered a cyber attack that allowed hackers to send malware to more than 50,000 customers, researchers claim. After compromising the Taiwan-based tech company's server, the hackers made it appear as though ASUS was sending legitimate software updates to its users that were laden with malicious software, according to a cyber security firm.

Top 12 phishing email subject lines

Cybercriminals often try to create a sense of urgency in their phony attempts to swindle unsuspecting users out of crucial information with subject lines that would compel the unsuspecting user into opening the phony email and potentially downloading malicious attachments. Unfortunately, they rarely announce themselves in phishing attacks and some even have the ability to appear to come from semi-trusted sources.