by Paul Ducklin Apple pushed out an iOS update in something of a hurry to shut down a serious 0-day bug. The GnuPG team scrambled to fix an ironic vulnerability that could be exploited during the very process of checking if the data you just received could be trusted. And . . . Read more
Great news from Europol – if you’ve heard of Emotet, you’ll have a good idea how badly things often end for its victims.
A look back at what was hot with readers — offering a snapshot of the security stories that were most top-of-mind for security professionals and consumers throughout the year. As 2020 draws to a close, it’s clear that work-from-home security, ransomware, COVID-19-themed social engineering and attacks by nation-states will go . . . Read more
Just in time for the Christmas holiday, Emotet is sending the gift of Trickbot. After a lull of nearly two months, the Emotet botnet has returned with updated payloads and a campaign that is hitting 100,000 targets per day. Emotet started life as a banking trojan in 2014 and has . . . Read more
Emails try to lure victims with malicious documents claiming to have information about voting interference. Threat actors have taken advantage of the ongoing uncertainty around the 2020 U.S. election to unleash a new malspam campaign aimed at spreading the Qbot trojan. Criminals behind Qbot resurfaced the day after the election . . . Read more
by Paul Ducklin If you’ve followed the inglorious history of malware in recent years, you’ll almost certainly have heard the name Emotet. That’s a long-lived and extensive family of malware that we’ve had the unfortunate necessity to warn you about on many occasions, Emotet is what’s known as a bot . . . Read more
Malicious redirection websites are using typosquatting and impersonation to attack unwary visitors. Parked domains, which act as aliases and redirect to other websites, can send visitors to malicious or unwanted landing pages or turn entirely malicious at any point in time – as evidenced by a recent Emotet campaign, a . . . Read more
An investigation showed a custom backdoor RAT and the Emotet trojan in the networks of municipal victims of the attacks. The National Guard has been called in to help stop a series of government-focused ransomware attacks in Louisiana, according to a report. Local government offices across the Pelican State have . . . Read more