Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The ability of an actor to remain undiscovered or obfuscating its doings when driving a malicious campaign usually affects the gains of such campaigns. These gains can be measured in different items such as time to allow completion of operations (exfiltration, movement of compromised data), ability to remain operative before take down notices are issued, or ability to obtain gains based on for-profit driven crimeware (DDoS for hire, Crypto mining).

You may be surprised to learn that a particular malware is responsible for data theft in over 20% of financial institutions and other verticals in 2019. Watering hole attacks involve a web server that hosts files or applications where the website or files on the site become weaponized with malware. While recent news cycles have shined a spotlight on ransomware and crimeware, malware is not a new concept.

Businesses remain under a constant threat of being attacked by malware through a variety of different attack vectors. Malware is an abbreviation used for malicious software. Malware has been one of the most prominent threats since the very beginning of the origin of the internet and still pertains to be so. Malware is an umbrella term, and it includes virus, trojan horse, ransomware, worm, spyware, adware, etc. In this article, we will be focussing on spyware and adware.

As companies invest in stronger firewalls and better IT infrastructure, brute force attacks have become harder to pull off. That’s the good news. The bad news is that hackers, in turn, have found new ways of wreaking havoc. The increasing use of ransomware as a weapon is a prime example of this. Through phishing or stolen passwords, a ransomware attack can sabotage a company’s most valuable asset, it’s content, without being detected.

LNKR malware uses browser extensions in Googles Chrome to track browsing movements and activities of users and then overlays ads on legitimate websites. Using extensions to add code that executes in a user’s browser is a common and lucrative monetization technique on the internet, where spyware, adware, and other browser-based nuisances have thrived since the early days.

Malware attacks are evolving and once common tactics are becoming a thing of the past. Attack strategies, like using a third-party hacking program or injecting viruses from external sources, are almost obsolete as they leave a distinct footprint. Most antimalware tools can now detect the presence of a foreign program or device and immediately block them.

NetWalker (also known as Mailto) is the name given to a sophisticated family of Windows ransomware that has targeted corporate computer networks, encrypting the files it finds, and demanding that a cryptocurrency payment is made for the safe recovery of the encrypted data.

It’s a weird time to be alive. Millions of people globally are living under government lockdowns, as we collectively endure the COVID-19 pandemic. COVID-19 has brought to light some fundamental truths about humanity, including our deep-seated need for social interactions. It has also highlighted how reliant we are on critical infrastructure like our healthcare systems and internet connections, both of which are currently strained.

A new kind of spam is being observed in the field that uses the browser notification feature to trick users into subscribing to sites that will in turn bombard users with notifications usually related to click or add profit schemes. Subscription notification request seen below: Browser notification subscription requests are a legitimate feature that allows visitors of a site to be notified when there is new content available. It saves users the need to constantly refresh or keep open browser tabs.

As if the pandemic itself weren’t causing enough pain and suffering in the world, cybercriminals are busy developing and deploying COVID-19-related malware to try and take advantage of unsuspecting victims. Fortunately, one of the world’s leading technology companies, Microsoft, is taking action to help people avoid becoming victims of these scams.