Finally, some relief from the Windows updates process that has annoyed users the world over for years! We’re seeing new tricks used by old malware and vice versa; ex. Emotet intercepting email conversations and injecting malware links. 

For more articles, check out our #onpatrol4malware blog.

Windows updates

Mapping Out a Malware Distribution Network

Source: Bromium

More than a dozen US-based web servers were used to host 10 malware families, distributed through mass phishing campaigns. Malware families include Dridex, GandCrab, Neutrino, IcedID and others. Read more.

Windows updates

The Evolution of Phishing Kits

Source: Zscaler

Gone are the days when a phishing page was a single page designed to capture user credentials. Phishing kits have become sophisticated and advanced to evade detection and look more legitimate to the user. Read more.

Windows updates

Microsoft lets Windows users off the update leash 

Source: Sophos

The company is changing the way that Windows Updates downloads and installs releases, enabling users to delay them. Read more.

Windows updates

A Quick Look at Emotet’s Updated JavaScript Dropper  

Source: Security Soup

Emotet continues to be among the most widely distributed and destructive malware variants affecting organizations throughout the private and public sectors. Read more.

Windows updates

Abuse of hidden “well-known” directory in HTTPS sites  

Source: Zscaler

In this blog, we are focusing on the Shade/Troldesh ransomware and phishing pages that we detected last month from several hundred compromised CMS sites. Read more.

Windows updates

Project TajMahal – a sophisticated new APT framework

Source: Cyberscoop

‘TajMahal’ is a previously unknown and technically sophisticated APT framework discovered by Kaspersky Lab…. Read more.

Malware Update

MAR-10135536-8 – North Korean Trojan: HOPLIGHT

Source: CISA

Working with U.S. Government partners, DHS and FBI identified Trojan malware variants used by the North Korean government. This malware variant has been identified as HOPLIGHT. Read more.

Email threats

Emotet hijacks email conversation threads to insert links to malware

Source: ZDNet

The group has been spotted this week reviving old email conversation threads and injecting links to malicious files. Read more.

Malware Patrol

The Nasty List Phishing Scam is Sweeping Through Instagram

Source: BleepingComputer

A new phishing scam called the “The Nasty List” is sweeping through Instagram and is targeting victim’s login credentials. Read more.