Over the last two weeks, we saw the DUCKTAIL, infostealer Malware that is targeting Facebook Business Accounts. Also, Palo Alto release the new Incident Response Report 2022.

For more articles, check out our #onpatrol4malware blog.

The evolution of botnets and DDoS attacks

Source: BetaNews

Botnets are here to stay. Given the exponential growth of poorly-secured IoT devices that can be co-opted into an IoT botnet, as well as the growing population of vulnerable computers, botnet attacks have become endemic. Read more.

Sophisticated Ransomware targeting Windows and Linux Users

Source: SecureList by Kaspersky

Rootkits are malware implants which burrow themselves in the deepest corners of the operating system. Although on paper they may seem attractive to attackers, creating them poses significant technical challenges and the slightest programming error has the potential to completely crash the victim machine. Read more.

Incident Response Report 2022

Source: Unit 42 Palo Alto

Every week brings news about threat actors—new campaigns, new groups, new types of attacks, new targets. Defenders can easily wind up playing catchup, but what does it take to flip the script? Read more.

Threat actors leverages DLL-SideLoading to spread Qakbot malware

Source: Security Affairs

Qakbot malware operators are using the Windows Calculator to side-load the malicious payload on target systems. Security expert ProxyLife and Cyble researchers recently uncovered a Qakbot campaign that was leveraging the Windows 7 Calculator app for DLL side-loading attacks. Read more.

Luca Stealer Source Code Leaked on a Cybercrime Forum

Source: Cyble

Rust-based Malware Targeting Crypto Users. During a routine threat-hunting exercise, Cyble Research Labs discovered an unknown Rust-based stealer, which we have dubbed “Luca Stealer. Read more.

DUCKTAIL: An Infostealer Malware Targeting Facebook Business Account

Source: With Secure

WithSecure Intelligence has been tracking an operation dubbed “DUCKTAIL” that targets individuals and organizations that operate on Facebook’s Business/Ads platform. Read more.

New Magecart campaigns are targeting online ordering sites

Source: Avast

The malware was found in more than 300 restaurants that used them and exposed more than 50,000 paid orders. Magecart, the notorious credit card stealing cybercrime syndicate, is once again in the news. Read more.