Keep yourself as safe as possible with our guide to phishing – what it is, how to detect it and how to keep your personal details and money away from online crooks. What is phishing? Phishing (pronounced fishing) covers a broad range of online criminal activities, all centred around fooling people into giving up personal…
Detailsby AlienVault Public TLP: White In this blogpost, ThreatFabric presents its findings on Vultur, a new banking trojan that can record and keylogging on victims’ devices via VNC, as part of a series of blog posts. REFERENCE: https://www.threatfabric.com/blogs/vultur-v-for-vnc.html TAGS:Vultur, VNC, Keylogging, RAT, Brunhilda INDUSTRY:Banking TARGETED COUNTRIES:Spain, Australia, Italy MALWARE FAMILIES:Brunhilda, Vultur ATT&CK IDS:T1113 – Screen Capture, T1056 – Input Capture, T1219 – Remote Access Software, T1030 –…
Detailsby AlienVault Public TLP: White Mobile security firm Zimperium has uncovered a new family of Android Trojan applications that hijack Facebook accounts and spread the malware to other victims, including the US, Canada, Australia and Japan. REFERENCE: https://blog.zimperium.com/flytrap-android-malware-compromises-thousands-of-facebook-accounts https://thehackernews.com/2021/08/beware-new-android-malware-hacks.html https://blog.zimperium.com/flytrap-android-malware-compromises-thousands-of-facebook-accounts/ https://www.bleepingcomputer.com/news/security/flytrap-malware-hijacks-thousands-of-facebook-accounts/ https://uk.pcmag.com/security/134975/flytrap-android-malware-used-to-compromise-facebook-accounts TAGS:flytrap, google play, trojan, facebook, android MALWARE FAMILY:FlyTrap ATT&CK IDS:T1055 – Process Injection, T1566 – Phishing, T1557 – Man-in-the-Middle, T1503 – Credentials…
DetailsPatch now available for Kaseya VSA platform.Alert status HIGH Background The ACSC has observed reporting that organisations globally have been impacted by the Kaseya VSA compromise and REvil ransomware. The ACSC has also received reporting from impacted Australian organisations. The ACSC is aware that a vulnerability in the Kaseya VSA platform enabled the REvil group to distribute malware through…
DetailsCybercriminals are targeting construction companies to conduct business email compromise scams. All parties to construction projects should be vigilant when emailing about invoices and bank details.Alert status MEDIUM The ACSC has observed a growing trend affecting construction companies and their customers. In the past six months there has been an increase in cybercriminals targeting builders and…
DetailsCREATED 10 HOURS AGO by AlienVault Public TLP: White A wiper malware disguised with a filename associated to the Tokyo Olympic Games was recently uploaded to VirusTotal concurring with the start of the Olympic Games. REFERENCE:https://www.mbsd.jp/research/20210721/blog/ TAGS:Tokyo 2020, Olympic Games, Wiper TARGETED COUNTRY:Japan ATT&CK IDS:T1497 – Virtualization/Sandbox Evasion, T1485 – Data Destruction, T1204.002 – Malicious File
Details
