Emotet is back again on the scene and, to be fair, we’re not surprised. Its predictable return has come just ten months after the takedown of its infrastructure, following an internationally coordinated law enforcement operation in January 2021. If you need a refresher on that operation, Digital Shadows (now ReliaQuest) published two analyses a few […]
In this week’s ShadowTalk, we discuss the big vulnerability and exploit stories of the week. The team discuss the Cisco denial- of-service vulnerability affecting its Adaptive Security Appliance (ASA), as well as a vulnerability in Oracle’s VirtualBox technology posted to GitHub. Dr. Richard Gold, Rafael Amado and Michael debate the benefits and drawbacks of bug […]
A couple of weeks ago, we learned about a new phishing campaign that delivered Trickbot in an attempt to harvest the credentials of online banking customers. This latest wave targeted UK users, pretending to come from HRMC (HM Revenue & Customs). The actors exploited a vulnerability in Internet Explorer (CVE-2018-8174), for which a patch was […]
This week’s Shadow Talk discusses what the Cambridge Analytica revelations mean for disinformation and personal privacy, updates to Trickbot, Zeus Panda and Remnit trojans, City of Atlanta suffers from ransomware attack, and Dragonfly campaign attribution to Russian Government. US pins energy-sector attacks on Russia-backed threat group The United States government has named the threat group […]
Since the discovery of TrickBot in September 2016, its operators have continued to develop the malware to include the targeting of new locations and customers of new banks. This was demonstrated by both independent reporting and through Digital Shadows (now ReliaQuest)’ analysis of the configuration files used by the malware. These files contain bank domains […]