Category Archives: Antivirus

Spam and phishing in Q2 2017

Spam: quarterly highlights Delivery service Trojans At the start of Q2 2017, we registered a wave of malicious mailings imitating notifications from well-known delivery services. Trojan downloaders were sent out in ZIP archives, and after being launched they downloaded other … Continue reading

Posted in Antivirus | Comments Off on Spam and phishing in Q2 2017

Explained: user agent

If you are the kind of person that uses different browsers or different devices to access websites, you may have noticed that many sites can look quite different depending on which browser you are using. When your browser sends a … Continue reading

Posted in Antivirus | Comments Off on Explained: user agent

A week in security (August 14 – August 20)

Last week, we gave some security tips for parents and kids aimed at the new school term. We also took a peek at the inside of the Kronos malware, focusing on how it works and protects itself. And, once again, … Continue reading

Posted in Antivirus | Comments Off on A week in security (August 14 – August 20)

Inside the Kronos malware – part 1

Recently, a researcher nicknamed MalwareTech famous from stopping the WannaCry ransomware, got arrested for his alleged contribution into creating the Kronos banking malware. We are still not having a clear picture whether the the allegations are true or not – … Continue reading

Posted in Antivirus | Comments Off on Inside the Kronos malware – part 1

Booking a Taxi for Faketoken

The Trojan-Banker.AndroidOS.Faketoken malware has been known about for already more than a year. Throughout the time of its existence, it has worked its way up from a primitive Trojan intercepting mTAN codes to an encrypter. The authors of its newer … Continue reading

Posted in Antivirus | Comments Off on Booking a Taxi for Faketoken

Locky ransomware returns to the game with two new flavors

We recently observed a fresh malicious spam campaign pushed through the Necurs botnet distributing so far, two new variants of Locky ransomware. In our last Q2 2017 report on tactics and techniques, we mentioned that Locky ransomware had reappeared with … Continue reading

Posted in Antivirus | Comments Off on Locky ransomware returns to the game with two new flavors

ShadowPad in corporate networks

 ShadowPad, part 2: Technical Details (PDF) style=”margin-bottom:0!important”> In July 2017, during an investigation, suspicious DNS requests were identified in a partner’s network. The partner, which is a financial institution, discovered the requests originating on systems involved in the processing of … Continue reading

Posted in Antivirus | Comments Off on ShadowPad in corporate networks

IT threat evolution Q2 2017

Targeted attacks and malware campaigns Back to the future:  looking for a link between old and new APTs This year’s Security Analyst Summit (SAS) included interesting research findings on several targeted attack campaigns.  For example, researchers from Kaspersky Lab and … Continue reading

Posted in Antivirus | Comments Off on IT threat evolution Q2 2017

Week in Security (August 7 – August 13)

Last week, we explained how security certificates work and how malware authors have used them to block security software from being downloaded and executed. We also showed how the Magnitude exploit kit is spreading a Cerber ransomware variant that uses … Continue reading

Posted in Antivirus | Comments Off on Week in Security (August 7 – August 13)

Back to school cybersecurity tips for parents and kids

The time to start the new school term is just around the corner. And for parents, the excitement and anxiety may be palpable, especially if it’s their kid’s first time attending a new school. Ads for back-to-school gear start as … Continue reading

Posted in Antivirus | Comments Off on Back to school cybersecurity tips for parents and kids