Over the last two weeks, we saw new LinkedIn scams, where cybercriminals attack when we may be at our most vulnerable – here’s what to look out for and how to avoid falling victim to fraud when using the platform. Also, check out “The Strange Link Between A Destructive Malware And A Ransomware-Gang Linked Custom Loader: IsaacWiper Vs Vatet”.
For more articles, check out our #onpatrol4malware blog.
Raspberry Robin gets the worm early
Source: Red Canary
Red Canary is tracking a worm spread by external drives that leverages Windows Installer to reach out to QNAP-associated domains and download a malicious DLL. Read more.
Common LinkedIn scams: Beware of phishing attacks and fake job offers
LinkedIn scammers attack when we may be at our most vulnerable – here’s what to look out for and how to avoid falling victim to fraud when using the platform. Read more.
Nigerian Tesla: 419 scammer gone malware distributor unmasked
Agent Tesla is a well-known data stealer written in .NET that has been active since 2014 and is perhaps one of the most popular payloads observed in malspam campaigns. Read more.
Mustang Panda deploys a new wave of malware targeting Europe
Source: Cisco Talos
This attacker started attacks earlier this year where a vast majority of the lures and decoys consisted of themes related to the European Union (EU). Read more.
The Strange Link Between A Destructive Malware And A Ransomware-Gang Linked Custom Loader: IsaacWiper Vs Vatet
On March 1st, 2022, ESET researchers reported variants of a destructive malware deployed against Ukraine. Read more.
Operation CuckooBees: A Winnti Malware Arsenal Deep-Dive
In part one of this research, the Cybereason Nocturnus Incident Response Team provided a unique glimpse into the Winnti intrusion playbook. Read more.
The Lotus Panda is Awake, Again. Analysis Of Its Last Strike.
NAIKON is the name of an APT (Advanced Persistent Threat) which is believed to originate from China. The Naikon hacker group was first tracked over a decade ago, back in 2010. Read more.