Microsoft included Remote Desktop Protocol (RDP) with its offerings for the first time in 1996. Since then, cybercriminals have been trying, sometimes with success, to hack into machines via this protocol and we’ve seen countless RDP attacks done by di…
written by Jakub Kroustek, Vladislav Iliushin, Anna Shirokova, Jan Neduchal and Martin Hron
Disclaimer: Analysis of the server content and samples was done on Thursday, September 20th. Follow the Avast Blog for further updates.&nbs…
There’s a secret war happening under the noses of hundreds of millions of online users, and it’s war on a grand scale because so many players are involved. Armies of cybercriminals, consisting of everything from solo marauders to frighteningly …
Introduction
Today, we hear a lot about IoT, which stands for internet of things. All these smart boxes, light bulbs, shades, thermostats, voice assistants, and smart machines are slowly sneaking into our households, businesses and industrial environm…
Introduction
Today, we hear a lot about IoT, which stands for internet of things. All these smart boxes, light bulbs, shades, thermostats, voice assistants, and smart machines are slowly sneaking into our households, businesses and industrial environm…
Introduction
As one of the leading companies in computer security, we work hard every day to bring the highest level of protection to all of our users. This requires us to constantly explore new ways of defeating malware, often experimenting with blee…
For anyone in the cybersecurity industry, 2018 began on January 3rd — the day a trio of CPU bugs was announced. What trio? You probably recall Meltdown and Spectre, but from our perspective, the latter bug is really two for the price of one. While Meltdown and Spectre both got plenty of coverage in media outlets and security blogs around the globe (yes, that includes us, too), there’s an important distinction to make and more to say on this matter.
This is a call to action! Please see my experiment below — and agree with my assertion that as a global digital culture, we must care more about security. Starting now.
Over the past few days, we have been analyzing a development with the Necurs botnet – a cybercrime operation dating back to 2012 that quickly became one of the largest spam botnets in the world. We reported on the infamous cybergang responsible for the distribution of global malware campaigns such as “Locky” and “GlobeImposter” in two blog posts (here and here) that explained how malware is spread via Necurs. And now we have seen a new link to that chain with attackers serving brand new files via the same botnet. These files are spreading malicious Visual Basic Scripts (VBScripts) and our analysis suggests that the authors are using the services provided by the Necurs botnet to reach more victims. The ultimate goal of the attackers is to make systems vulnerable to attacks with the ability to steal personal data and to infect them with keyloggers, banking malware, and ransomware.
Today, I shared new findings from Avast’s continued investigations of the CCleaner APT (Advanced Persistent Threat) at RSA.