On May 12, 2017, the now infamous WannaCry ransomware burst onto the worldwide scene on its way to infecting over 200,000 systems and 150 countries in just 3 days. NHS hospitals in the UK operations ground to a halt. Petya malware followed suit soon afterwards by targeting and ransacking systems in Ukraine, Russia, and Europe before spreading to other countries.
Cyber security malware threats.
Travelex was hit with a major ramsomware attack on New Years eve. The cyber attacks forced the company to take down all computers and revert to use pen and paper.
Remote attackers have abused ConnectWise Control software to deliver ransomware to its victims. The latest attacks against a real estate company used ransomware dubbed "Zeppelin", a variant of the VegaLocker ransomware family.
A multi-stage downloader trojan dubbed sLoad uses BITS to steal data from compromised systems. Attackers use sLoad to evade anti-malware protections and security monitoring that may not detect activity using these unconventional protocols.
Security researchers have discovered a dangerous Android vulnerability dubbed “StrandHogg” under active attack by dozens of malicious apps. To add, 500 of the most popular apps may also be vulnerable to the StrandHogg vulnerability.
A new Windows trojan dubbed CStealer attempts to steal passwords from Chrome browser. The malware also uses a remote MongoDB server to store the stolen passwords.
Security researchers from Trend Micro have spotted a dozen obfuscated botnets being used in a highly targeted malware campaign.
The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has warned of an ongoing and widespread phishing campaign designed to spread Emotet malware throughout Australia.
Attackers are using a "fileless" malware dubbed Divergent to generate revenue via click-fraud. Divergent further uses NodeJS and a WinDivert utlility to facilitate the malware attack.
A cyber attack group dubbed "Tortoiseshell" has deployed a fake website posing as a site to help U.S. military veterans find jobs. The website is then used to download malware to visitors' systems.