The WatchGuard Security Team spends a lot of time chasing ransomware extortion groups throughout the dark web. So, it only fits that one of the newer ransomware extortion groups is named Endurance Ransomware. It appears this "group" is one individual known as IntelBroker, who has allegedly breached several entities of the US government and two other separate businesses in one … [Read more...]
New Oski Stealer Variant, “Mars Stealer”, Targets Credentials, Crypto, and 2FA
In early 2020, during the emergence of the COVID-19 pandemic, researchers discovered a novel malware named Oski Stealer, capable of stealing browser data such as cookies, history, payment information, and autofill information, as well as cryptocurrency wallets, login credentials of applications, and Authy 2FA information. It can also take screenshots of your desktop and perform … [Read more...]
Deobfuscating a Dropper for a ZLoader Trojan Variant
On March 18th, 2021, the DNSWatch Tailored Analysis Team received an email from an internal WatchGuard employee who deemed the email as suspicious. The initial email included an attachment with the title Attachment_57904. A DNSWatch Analyst performed an initial assessment of the file in search of any malicious indicators or behaviors only to discover that the file was a heavily … [Read more...]
Top Cyber Threats Taking Advantage of the Pandemic Situation
This week, WatchGuard CTO Corey Nachreiner joined our Wi-Fi security experts to discuss top cyber threats that are intensifying in the United States and globally due to the pandemic situation. This trend is not unique to COVID-19. Hackers have always used disasters such as tsunamis and earthquakes, and high-profile events around the world to prey on victims, and this global … [Read more...]
Financial Entity Edenred Confirms Malware Infection
Initially reported by Security Affairs’ Pierluigi Paganini, Edenred, a company specializing in prepaid corporate services, identified a malware infection on some of their computer systems. Immediately after identifying the infection, Edenred implemented countermeasures to contain the infection and minimize its impact. Edenred has also begun communications with relevant … [Read more...]