+1.813.321.0987

Over the past two weeks, we saw “The Twelve Frauds of Christmas – Payment Diversion Fraud” which is a type of fraud where criminals target an individual to divert payments to criminal-controlled bank accounts. Also, we saw the “New MuddyWater Threat: Old Kitten; New Tricks” and much more on our digested blog for the week.

For more articles, check out our #onpatrol4malware blog.

The Twelve Frauds of Christmas – Payment Diversion Fraud

Source: Sark Tower

Payment Diversion Fraud is a type of fraud where criminals target an individual to divert payments to criminal-controlled bank accounts. This is typically accomplished through Business Email Compromise (BEC). Read more.


APT Cloud Atlas: Unbroken Threat

Source: Positive Technologies

Specialists at the PT Expert Security Center have been monitoring the Cloud Atlas group since May 2019. According to our data, its attacks have been targeting the government sector of 5 countries. Read more.

New MuddyWater Threat: Old Kitten; New Tricks

Source: Deep Instinct

MuddyWater, also known as Static Kitten and Mercury, is a cyber espionage group that’s most likely a subordinate element within Iran’s Ministry of Intelligence and Security (MOIS). Read more.

Accelerated Cyber Security Transformation: Time. The Nameless APT

Source: Mandiant

Time is an extremely persistent threat actor observed across all industries. The group has conducted the longest running and highest volume campaigns observed among any group to date. Read more.

Pulling the Curtains on Azov Ransomware: Not a Skidsware but Polymorphic Wiper

Source: Check Point Research

Check Point Research (CPR) provides under-the-hood details of its analysis of the infamous Azov Ransomware. Investigation shows that Azov is capable of modifying certain 64-bit executables to execute its own code. Read more.

GoTrim: Go-based Botnet Actively Brute Forces WordPress Websites

Source: Fortinet

FortiGuard Labs recently encountered a previously unreported Content Management System (CMS) scanner and brute forcer written in the Go programming language (also commonly referred to as Golang. Read more.

Precious Gemstones: The New Generation of Kerberos Attacks

Source: Malwarebytes Labs

Unit 42 researchers show new detection methods that help improve detection of a new line of Kerberos attacks, which allow attackers to modify Kerberos tickets to maintain privileged access. Read more.