GandCrab Riding Emotet’s Bus

| February 15, 2019

article image
Emotet Known for constantly changing its payload and infection vectors like spam mail, Malicious Doc and even Malicious JS files. It compromised a very high number of websites on the internet. Emotet malware campaign has existed since 2014. It comes frequently in intervals with different techniques and variants to deliver malware on a victim’s machine. Most of the websites are genuine but somehow tricked into delivering Emotet. But this time, some of these websites were seen delivering GandCrab Ransomware V 5.1 for some time. The payload was downloaded through a malicious doc on the victim’s computer using VBA macro. The PowerShell script from macro connected to the compromised website and downloaded GandCrab Ransomware from the URL. It is observed that the same website was used in other malicious campaigns and served different purposes over time.

Spotlight

SecureLink Group

We’re specialists in cyber security. It’s our focus every hour of the day, every day of the year. That’s why we’re among the best – if not the best – in the world at what we do. But true cyber security isn’t just about protection.

OTHER ARTICLES

Security by Sector: Improving Quality of Data and Decision-Making a Priority for Credit Industry

Article | February 17, 2020

The subject of how information security impacts different industry sectors is an intriguing one. For example, how does the finance industry fare in terms of information security compared to the health sector, or the entertainment business? Are there some sectors that face greater cyber-threats and risks than others? Do some do a better job of keeping data secure, and if so, how and why?A new study of credit management professionals has revealed that improving the quality of data and decision-making will be a top priority for the credit industry in the next three years. The research, from Equifax Ingnite in collaboration with Coleman Parkes, takes a deep dive into the views of credit management pros across retail, banking, finance and debt management/recovery sectors.

Read More

EMAIL SECURITY CONCEPTS THAT NEED TO BE IN YOUR EMAIL INFOSEC POLICY

Article | June 16, 2021

Compliance requirements have become more complex because of the continual evolution of security threats and vulnerabilities. Many organizations fail to create an extensive security program to cover their challenges. Emails are one of the most susceptible channels for cyber-criminals to operate. This is why every organization must pay keen attention to email security policies in cybersecurity. Because emails are prone to cyberattacks, enterprises and individuals must take critical measures to secure their email accounts against unauthorized access. Malicious actors use phishing to trick recipients into sharing sensitive information, either by impersonating trusted contacts or legitimate business owners. Email is still one of the most vulnerable avenues for hackers and cyber crooks. Here are the critical email security concepts that need inclusion into your information security policy.

Read More

Critical Gaps Remain in Defense Department Weapons System Cybersecurity

Article | March 13, 2020

While the U.S. military is the most effective fighting force in the modern era, it struggles with the cybersecurity of its most advanced weapons systems. In times of crisis and conflict, it is critical that the United States preserve its ability to defend and surge when adversaries employ cyber capabilities to attack weapons systems and functions. Today, the very thing that makes these weapons so lethal is what makes them vulnerable to cyberattacks: an interconnected system of software and networks. Continued automation and connectivity are the backbone of the Department of Defense’s warfighting capabilities, with almost every weapons system connected in some capacity. Today, these interdependent networks are directly linked to the U.S. military’s ability to carry out missions successfully, allowing it to gain informational advantage, exercise global command and control, and conduct long-range strikes. An example of such a networked system is the F-35 Joint Strike Fighter, which the Air Force chief of staff, Gen. David Goldfein, once called “a computer that happens to fly.” Underpinning this platform’s unrivaled capability is more than 8 million lines of software code.

Read More

CYBERSECURITY AND CORONAVIRUS: KEEPING YOUR BUSINESS SAFE

Article | March 19, 2020

Measures to mitigate the outbreak of COVID-19 have led to an unprecedented increase in remote working across the board. Our guest author Philip Blake, European Regional Director at EC-Council and cybersecurity expert, outlines key challenges and tips for staying secure while away from the office. As governments and businesses work on mitigating the impact of the ongoing COVID-19 outbreak, social distancing measures are leading to an increase in remote working across all sectors. The reasoning behind the measures is best left to health authorities, and are discussed at length elsewhere. The purpose of this article is to shed light on some of the key cybersecurity challenges around the sudden spike in remote work arrangements, and propose potential measures to keep networks as secure as possible during these times.

Read More

Spotlight

SecureLink Group

We’re specialists in cyber security. It’s our focus every hour of the day, every day of the year. That’s why we’re among the best – if not the best – in the world at what we do. But true cyber security isn’t just about protection.

Events