Month: January 2019

Fake Google Update Trojan, Azorult, Steals Passwords

The AZORult malware strain, an information stealer and downloader, has been observed by Minerva labs’ research team to be posing as a signed Google Update installer and achieves persistence by replacing the real Google Updater program on machines that have been compromised. This trojan, also known to be acting as a downloader for multiple other malware payloads, deploys malware in multi-stage campaigns and has been detected as part of complex campaigns that have been involved in spreading ransomware, data and cryptocurrency stealing malware. AZORult is designed to exfiltrate sensitive information, especially in large quantities, from files, […]

FCC’s Ajit Pai isn’t Going to Meet Congress About Phone-Tracking Scandal

The chairman is blaming government shutdown… Federal Communications Commission Chairman Ajit Pai has decided not to brief a Congressional committee on Monday about mobile carriers’ abilities to share their subscribers’ location data with third parties, even if those subscribers are not aware of the sharing or unwilling to share. Rep. Frank Pallone Jr., who is the chair of the congressional House Committee on Energy and Commerce, reached out to Pai for an emergency briefing after a Motherboard investigation revealed that carriers are selling their customers’ location data. The committee was told theleader of the FCC wouldn’t […]

Increase in Scammers Stealing Employee Paychecks

Business email compromise (BEC) scams are way up. There is a new trend showing its true colors where fraudsters are tricking human resource departments into changing employee’s direct deposit banks to divert paychecks into an account they own and/or control. More common BEC scams surround wire transfers and tricking employees into wiring money to unauthorized accounts; however, these cybercriminals are going one step further by stealing employee paychecks. TriVault has seen a massive increase in BEC attempts recently surrounding the diversion of monthly and bi-weekly wages. While filtering out dangerous […]

TriVault February Updates Announced

The February update will primarily consist of updates to our EDR suite; however, the much-anticipated launch of the TriVault SOC Tool will be coming in February as well. All enterprise organizations that request access to the TriVault SOC Tool will be provided this access at absolutely no cost. Individuals are not yet free to use this tool, unless sponsored by an organization. In continuance of our previous update, throughout January and February, expect changes and adjustments to be made to the website. We are continuously adding new content, and will […]

Kaspersky Potentially Helped U.S. Catch Alleged NSA Data Thief

Kaspersky came under fire in recent history over potential shady ties to the Russian government; however, with a twist of events, it appears that Kaspersky Lab may have assisted the U.S. National Security Agency (NSA) in capturing an alleged data thief. Back in late August of 2016, U.S. authorities had arrested Harold T. Martin III, and then indicted him in February of 2017 on 20 counts of unauthorized and willful retention of national defense information and data. This is after a tip from the Moscow-based security firm had led authorities […]

Criminals Claimed at Least 4.3% of All Monero Crypto Coins

Researchers from the Universidad Carlos III de Madrid, as well as the King’s College London, have analyzed a large set of data including over 4.4 million malware samples collected from 2007 to 2018. The researchers quantified the amount of Monero cryptocurrency (XMR) coins that criminals using crypto-mining malware have been able to acquire. OSINT data and static/dynamic analyses were grouped to efficiently extract data from these malware samples. This includes mining pools and wallet identifiers. The remaining information extracted has allowed researchers to estimate the rough sum of profits secured […]

The Unintentional Insider Threat

The insiders of a company, while normally very trusted, are and always will be a high security risk. Whether this is an executive with access to a lot of sensitive data or an administrator of human resources, a doctor, or even a custodian, does not matter. The Ponemon Institute has released a study stating that 56% of security practitioners surveyed said that company insiders are the primary cause for security breaches. 72% Of these practitioners said that they were not confident that they could control employee access to sensitive information. […]

Alert: Cyber Criminals Most Likely to Attack These Companies

Cyber criminals are determined now more than ever to attack our most vulnerable companies. Organizations of all sizes are sitting in the crosshairs of cyber criminals, just waiting to be attacked. New research has come to light regarding which industries in general are most vulnerable, as well as which jobs are primarily targeted. A new study from security company Proofpoint shows that there are a few specific industries that are sitting in the spotlight. Proofpoint performs research studies like this quarterly. This time it said: 99 percent of the most heavily targeted […]

Ryuk Ransomware Haunts Newspaper Industry

A ransomware attack being identified by the name of Ryuk ransomware has caused disruption over the weekend and into the end of 2018 in printing and delivery of major US newspapers. This includes Tribune Publishing and the Los Angeles Times. Those affected by the attack include the Wall Street Journal, Los Angeles Times, New York Times, Chicago Tribune, Baltimore Sun, Post-Tribute, Lake County News-Sun, Hartford Courant, Carroll County Times, and the Capital Gazette. This strain of ransomware initially came to fruition and gained international notoriety in August of 2018, when […]