Over the last two weeks, we observed a new threat referred to as “SQUIRRELWAFFLE” is being spread more widely via spam campaigns, infecting systems with a new malware loader. In addition, Black Friday, one of the biggest retail spending days of the year, is fast approaching. According to Adobe Analytics, consumer spending on that day last year reached a whopping 9.03 billion dollars, and 2021 is expected to be even bigger.

For more articles, check out our #onpatrol4malware blog.

New Quishing Campaign Shows How Threat Actors Innovate to Bypass Security

Source: Abnormal

Between September 15, 2021, and October 13, 2021, Abnormal identified and blocked almost 200 emails sent to our customers—all of which were part of a phishing campaign attempting to collect Microsoft credentials. Read more.

Unique and undocumented malicious loader that runs as a server

Source: We Live Security

ESET researchers have discovered a unique and previously undescribed loader for Windows binaries that, unlike other such loaders, runs as a server and executes received modules in memory. We have named this new malware Wslink after one of its DLLs. Read more.

Anatomy of a Linux Ransomware Attack

Source: Linux Security

Through a combination of advanced encryption and effective extortion mechanisms, a ransomware attack can have devastating consequences for any victim including data loss, reputation harm, recovery costs, and significant downtime. Read more.

Black Friday Scams are Coming | Online Shoppers Should Approach with Caution

Source: Fortinet

Black Friday, one of the biggest retail spending days of the year, is fast approaching. According to Adobe Analytics, consumer spending on that day last year reached a whopping 9.03 billion dollars, and 2021 is expected to be even bigger. Read more.

Avast releases decryptor for AtomSilo and LockFile ransomware

Source: DECODEDavas.io

On Oct 17, 2021, Jiří Vinopal published information about a weakness in the AtomSilo ransomware and that it is possible to decrypt files without paying the ransom. Read more.

Banking scam uses Docusign phish to thieve 2FA codes

Source: Naked Security

Two weeks ago was Cybersecurity Awareness Month’s “Fight the Phish” week, a theme that the #Cybermonth organizers chose because this age-old cybercrime is still a huge problem. Read more.

SQUIRRELWAFFLE Leverages malspam to deliver Qakbot, Cobalt Strike

Source: Cisco

Recently, a new threat referred to as “SQUIRRELWAFFLE” is being spread more widely via spam campaigns, infecting systems with a new malware loader. Read more.

New Trickbot and BazarLoader campaigns use multiple delivery vectors

Source: zscaler

The  Zscaler ThreatLabz research team monitors thousands of files daily tracking new and pervasive threats, including one of the most prominent banking trojans of the last five years: Trickbot. Read more.