minute read
Share this article:
A widespread email campaign using malicious Microsoft Excel attachments and Excel 4 macros is delivering IcedID at high volumes, suggesting it’s filling the Emotet void.
The banking trojan known as IcedID appears to be taking the place of the recently disrupted Emotet trojan, according to researchers.
IcedID (a.k.a. BokBot), bears similarities to Emotet in that it’s a modular malware that started life as a banking trojan used to steal financial information. Increasingly though, it’s being used as a dropper for other malware, researchers noted – also just like Emotet.
The malware has been circulating at increasing rates, thanks to a spate of email campaigns using Microsoft Excel spreadsheet file attachments, according to Ashwin Vamshi and Abhijit Mohanta, researchers with Uptycs.
One Discord network search turned up 20,000 virus results, researchers found.
Workflow and collaboration tools like Slack and Discord have been infiltrated by threat actors, who are abusing their legitimate functions to evade security and deliver info-stealers, remote-access trojans (RATs) and other malware.
The pandemic-induced shift to remote work drove business processes onto these collaboration platforms in 2020, and predictably, 2021 has ushered in a new level cybercriminal expertise in attacking them.
Cisco’s Talos cybersecurity team said in a report on collaboration app abuse this week that during the past year threat actors have increasingly used apps like Discord and Slack to trick users into opening malicious attachments and deploy various RATs and stealers, including Agent Tesla, AsyncRAT, Formbook and others.
Mar 25, 2021 5:00 AM PT
Sourcegraph on Wednesday launched Batch Changes, an automated internal coding tool that allows enterprises to automate and track large-scale code changes across all repositories and code hosts. For software developers, this is game changing.
This new tool also provides developers and enterprises with an easy way to manage the resulting change sets through checks and code reviews so they can be confident each change is merged.
Last year, over 800,000 developers used Sourcegraph to search and understand their code. In the same way that big data has disrupted data teams, big code is creating hurdles for enterprise engineering teams who struggle to navigate and make changes across increasingly large and complex codebases, according to Sourcegraph.
Booking.Com s GDPR Fine Should Serve as Wake-Up Call Twitter Get Permission
The 475,000 euro ($560,000) fine levied this week against hotel booking site Booking.com by Dutch privacy authorities should serve as a wake-up call for other companies when it comes to following the rules of the EU s General Data Protection Regulation laws, some experts say.
On Wednesday, the Dutch Data Protection Authority announced the fine against Booking.com, which is headquartered in Amsterdam. The Dutch Data Protection Authority, also known as AP, is the independent data protection authority for the Netherlands and is charged with investigating breaches and enforcing GDPR rules.
FBI and CISA: APT Groups Targeting Government Agencies
May 5, 2021 Twitter Get Permission
The U.S. Cybersecurity and Infrastructure Security Agency and the FBI warn that unidentified nation-state actors are scanning for three vulnerabilities in Fortinet s operating system, FortiOS, to likely target government and private sector companies for cyberespionage.
In a joint alert released on Friday, the agencies note nation-state actors are scanning for FortiOS vulnerabilities tracked as CVE-2018-13379, CVE-2020-12812, CVE-2019-5591 for initial attacks.
The alert does not disclose details of the threat actors, but says the agencies have detected a surge in scanning activities for the vulnerabilities since March. The agencies say the attackers could use the vulnerabilities to gain access to the networks of government or private entities.