New "Agent Tesla" Variant: Unusual "ZPAQ" Archive Format Delivers Malware
A new variant of Agent Tesla uses the uncommon compression format ZPAQ to steal information from approximately 40 web browsers and various email clients. But what exactly is this file compression format? What advantage does it provide to threat actors? And why it is assumed that the version of Agent…
Buyer beware: Phishing sites & Fake Shops still popular among criminals
Just in time for Black Friday, the number of phishing and scam websites is increasing. People on the lookout for a bargain are at risk of having there payment details and personal information stolen.
Criminals provide Ginzo stealer for free, now it is gaining traction
We identified more than 400 samples for Ginzo stealer within 10 days since 20th March and the numbers are rising. What is behind the free stealer?
War in Ukraine: What are the consequences for companies?
The uncertainty surrounding the armed conflict in Ukraine also raises numerous questions: How can companies protect themselves from getting caught between the fronts and becoming a target? There is only one thing that is certain: There are currently more questions than answers.
Allcome clipbanker is a newcomer in underground forums
The malware underground market might seem astoundingly professional in marketing and support. Let's take a look under the covers of one particular malware-as-a-service—the clipboard banker Allcome.
QR codes on Twitter deliver malicious Chrome extension
ISO file downloads are advertised via QR codes on Twitter and on supposedly free gaming sites, but they don't contain what they promise.
Germanys National Cybersecurity Agency declares red alert: Wave of attacks possibly imminent due to Log4Shell vulnerability
The remaining days before Christmas will not be relaxing ones for IT and IT security managers in companies around the world: The Log4Shell security vulnerability is currently keeping the IT world on tenterhooks.
Microsoft signed a malicious Netfilter rootkit
What started as a false positive alert for a Microsoft signed file turns out to be a WFP application layer enforcement callout driver that redirects traffic to a Chinese IP. How did this happen?
Digital Vaccination Record: Significant weaknesses in security
Instead of the yellow vaccination card, the digital proof of vaccination on the smartphone is supposed to serve as proof of vaccination. However, there are some glaring weaknesses behind the scenes that could potentially render the entire concept obsolete and raise some more than uncomfortable…
Commentary: Plans for iOS15 put victims of stalking and abuse at risk
Apple has announced some innovations for iOS 15 that are a cause for concern among victims of abuse and organizations that support survivors. Among other things, it will be possible to locate devices that are switched off. This is a disaster for people who are being spied on by their own partner.
Karsten Hahn
Virus Analyst
Tim Berghoff
Security Evangelist
