Miscreants have ramped up their use of QR codes to phish for credentials, according to INKY threat researchers.

The post The Rise of QR Codes Spurs Rise in ‘Fresh Phish’ appeared first on Security Boulevard.

FIN8 Group Using Modified Sardonic Malware for Deployment of BlackCat Ransomware     

According to the Symantec Threat Hunter Team, the financially motivated threat actor known as FIN8 has been observed using an updated version of a malware called Sardonic to deliver the BlackCat ransomware. The update on the Sardonic malware is an attempt on the part of the e-crime group to diversify its focus and maximize profits from infected entities. [1] 

The C++ based Sardonic backdoor has the ability to harvest system information and execute commands, and has a plugin system designed to load and execute additional malware payloads delivered as DLLs. Unlike the previous variant of Sardonic, which was designed in C++, the latest iteration packs in significant alterations, with most of the source code rewritten in C and modified so as to deliberately avoid similarities. 

In the latest incident analyzed by Symantec, Sardonic malware is embedded into a PowerShell script that was deployed into the targeted system after obtaining initial access. The script is designed to launch a .NET loader, which then decrypts and executes an injector module to ultimately run the implant. Successful infection leads to the deployment of BlackCat ransomware.    

The post FIN8 Group Using Modified Sardonic Malware for Deployment of BlackCat Ransomware appeared first on Security Boulevard.

Current LLM-based tech like ChatGPT can accurately classify malware risk in only 5% of cases—and they may never be able to recognize novel approaches used to create malware.

The post ChatGPT Provides Limited Help Identifying Malware appeared first on Security Boulevard.

VIPRE's Email Threat Trends Report for Q1 2023 analyzed 1.8 billion emails to provide a comprehensive understanding of contemporary email threats.

The post A Look at the Email Threat Landscape in Q1 2023 appeared first on Security Boulevard.

The post Protect Your Systems from Malicious Packages: What You Need to Know appeared first on WeSecureApp :: Simplifying Enterprise Security.

The post Protect Your Systems from Malicious Packages: What You Need to Know appeared first on Security Boulevard.

Red Menshen is an APT group that is rapidly evolving its BPFDoor backdoor malware that targets systems running Linux or Solaris.

The post APT Group Red Menshen is Rapidly Evolving its BPFDoor Malware appeared first on Security Boulevard.

AI-enabled zero-trust solutions can help address the rising threat of mobile malware.

The post Addressing the Mobile Malware Threat With Zero-Trust appeared first on Security Boulevard.

A SlashNext report detailed how cybercriminals use generative AI capabilities to launch phishing and BEC attacks in greater volume.

The post SlashNext Report Shows How Cybercriminals Use Generative AI appeared first on Security Boulevard.

A SpyCloud report found more than half of respondents are extremely concerned about their ability to thwart attacks that exfiltrate authentication data.

The post Concerns About Infostealer Malware on the Rise appeared first on Security Boulevard.

The post Today’s cybersecurity health checks must identify AI based threats. Does yours? first appeared on SlashNext.

The post Today’s cybersecurity health checks must identify AI based threats. Does yours? appeared first on Security Boulevard.