Home > Resources > Whitepapers > Analysis of malware targeting the Boleto payment system

Analysis of malware targeting the Boleto payment system

Over the past three years, Boleto malware has emerged to target the Brazilian market and there are now at least three different malware families attempting to defraud users of the Boleto payments system. Attackers have adopted the tactics and techniques that have been refined by older forms of financial malware to create a uniquely Brazilian threat. It is difficult to estimate the total losses attributable to Boleto malware, but given the growth and persistence of the threat, it is reasonable to conclude that these malicious campaigns continue to be highly profitable for attackers.

I'm For Real

Enter your details once to access all our information and resources

 

Spotlight

eSoft

eSoft is a leader in providing Simply Better Network Security™ to businesses of nearly any size. Privately-held eSoft, based in the foothills of Broomfield, Colorado, has developed the award-winning InstaGate and ThreatWall security appliances, as well as modular software bundles called ThreatPaks that provide Email and Web security. With over 20,000 appliances shipped to more than 40 countries, eSoft is providing network security to businesses in nearly every major industry, including education, finance, retail, and healthcare.

OTHER WHITEPAPERS
news image

CISA Stakeholder-Specific Vulnerability Categorization Guide

whitePaper | November 9, 2022

The CISA Stakeholder-Specific Vulnerability Categorization (SSVC) is a customized decision tree model that assists in prioritizing vulnerability response for the United States government (USG), state, local, tribal, and territorial (SLTT) governments; and critical infrastructure (CI) entities. This document serves as a guide for evaluating vulnerabilities using the CISA SSVC decision tree. The goal of SSVC is to assist in prioritizing the remediation of a vulnerability basedon the impact exploitation would have to the particular organization(s).

Read More
news image

Nasuni Access Anywhere Security Model

whitePaper | December 20, 2022

The Nasuni Access Anywhere add-on service delivers high-performance, VPN-less file access for remote and hybrid users, integrates an organization’s file shares with Microsoft Teams, and provides productivity tools such as desktop synchronization and external file and folder sharing to enhance user productivity and provide access to files seamlessly from anywhere on any device. This white paper outlines the security elements of the Nasuni Access Anywhere service.

Read More
news image

Embracing Security Operations in the Educational Sector

whitePaper | December 22, 2022

Nearly every part of the educational sector has fallen victim to a cyberattack, from elementary schools to universities. Securing education is no longer a “nice to have” but a “must do” and is a growing concern among the global educational community. Creating and maintaining effective information security and cybersecurity operations in education comes down to people, processes, and tools. It’s crucial for IT and security leaders across the entire spectrum of educational institutions to find the right balance between the three. While there are success stories of achieving that balance, there’s always more to do to identify, understand, and mitigate cybersecurity risks to these organizations. Establishing and improving existing cybersecurity operations must become a priority.

Read More
news image

Cybersecurity Considerations for Distributed Energy Resources on the U.S. Electric Grid

whitePaper | October 26, 2022

To address the impacts of climate change, the U.S. electric grid will be undergoing significant changes by integrating clean energy resources such as solar and wind. These efforts will be accelerated with the recent passage of the Infrastructure Investment and Jobs Act1 and the Inflation Reduction Act.

Read More
news image

Cyber Security After the Pandemic

whitePaper | April 29, 2021

The cyber security industry has faced two major sets of challenges over the last twelve months. The attacks and exploits affecting Solar Winds, Accellion, Microsoft and their customers have focused attention on supply chain risk, but the impact of the coronavirus pandemic has been felt more broadly across cyber security domains and disciplines.

Read More
news image

Scenarios for the Future of Cybercrime - White Paper for Decision Makers

whitePaper | January 28, 2020

Project 2020 is an initiative of the International Cyber Security Protection Alliance (ICSPA). Its aim is to anticipate the future of cybercrime, enabling governments, businesses and citizens to prepare themselves for the challenges and opportunities of the coming decade. It comprises a range of activities, including common threat reporting, scenario exercises, policy guidance and capacity building.

Read More

CISA Stakeholder-Specific Vulnerability Categorization Guide

whitePaper | November 9, 2022

The CISA Stakeholder-Specific Vulnerability Categorization (SSVC) is a customized decision tree model that assists in prioritizing vulnerability response for the United States government (USG), state, local, tribal, and territorial (SLTT) governments; and critical infrastructure (CI) entities. This document serves as a guide for evaluating vulnerabilities using the CISA SSVC decision tree. The goal of SSVC is to assist in prioritizing the remediation of a vulnerability basedon the impact exploitation would have to the particular organization(s).

Read More

Nasuni Access Anywhere Security Model

whitePaper | December 20, 2022

The Nasuni Access Anywhere add-on service delivers high-performance, VPN-less file access for remote and hybrid users, integrates an organization’s file shares with Microsoft Teams, and provides productivity tools such as desktop synchronization and external file and folder sharing to enhance user productivity and provide access to files seamlessly from anywhere on any device. This white paper outlines the security elements of the Nasuni Access Anywhere service.

Read More

Embracing Security Operations in the Educational Sector

whitePaper | December 22, 2022

Nearly every part of the educational sector has fallen victim to a cyberattack, from elementary schools to universities. Securing education is no longer a “nice to have” but a “must do” and is a growing concern among the global educational community. Creating and maintaining effective information security and cybersecurity operations in education comes down to people, processes, and tools. It’s crucial for IT and security leaders across the entire spectrum of educational institutions to find the right balance between the three. While there are success stories of achieving that balance, there’s always more to do to identify, understand, and mitigate cybersecurity risks to these organizations. Establishing and improving existing cybersecurity operations must become a priority.

Read More

Cybersecurity Considerations for Distributed Energy Resources on the U.S. Electric Grid

whitePaper | October 26, 2022

To address the impacts of climate change, the U.S. electric grid will be undergoing significant changes by integrating clean energy resources such as solar and wind. These efforts will be accelerated with the recent passage of the Infrastructure Investment and Jobs Act1 and the Inflation Reduction Act.

Read More

Cyber Security After the Pandemic

whitePaper | April 29, 2021

The cyber security industry has faced two major sets of challenges over the last twelve months. The attacks and exploits affecting Solar Winds, Accellion, Microsoft and their customers have focused attention on supply chain risk, but the impact of the coronavirus pandemic has been felt more broadly across cyber security domains and disciplines.

Read More

Scenarios for the Future of Cybercrime - White Paper for Decision Makers

whitePaper | January 28, 2020

Project 2020 is an initiative of the International Cyber Security Protection Alliance (ICSPA). Its aim is to anticipate the future of cybercrime, enabling governments, businesses and citizens to prepare themselves for the challenges and opportunities of the coming decade. It comprises a range of activities, including common threat reporting, scenario exercises, policy guidance and capacity building.

Read More
More Whitepapers

Spotlight

eSoft

eSoft is a leader in providing Simply Better Network Security™ to businesses of nearly any size. Privately-held eSoft, based in the foothills of Broomfield, Colorado, has developed the award-winning InstaGate and ThreatWall security appliances, as well as modular software bundles called ThreatPaks that provide Email and Web security. With over 20,000 appliances shipped to more than 40 countries, eSoft is providing network security to businesses in nearly every major industry, including education, finance, retail, and healthcare.

Events

Nordic IT Security Event

Conference