Executive Summary
Microsoft recently reported on Royal ransomware, a ransomware family used by the threat actor DEV-0569
Related Families: Gozi (Ursnif)
Verticals Targeted: Financial
Executive Summary
Bleeping Computer recently reported on a malware campaign that uses CAPTCHA to bypass browser warnings and deliver Gozi. This technique appears to be a novel TTP for threat actors.
Related Families: Elibomi, FakeReward, AxBanker, IcRAT, IcSpy
Verticals Targeted: Financial
Executive Summary
Trend Micro recently reported on a phishing and Android malware campaign targeting clients of multiple banks in India. The campaign leverages multiple malware families, including Elibomi, FakeReward, AxBanker, IcRAT, and IcSpy.
Executive Summary
Azov ransomware is a recently discovered malware family being distributed through pirated software, keygens, and adware bundles. It acts as a wiper and is capable of backdooring 64-bit executables. It also uses a unique pattern for overwriting files.
Verticals Targeted: Healthcare
Executive Summary
Multiple incidents in the last few months highlight the ongoing threats to the Healthcare vertical. These incidents have included data leaks, data theft and extortion, ransomware, and other cyber attacks.
Verticals Targeted: Financial
Executive Summary
ThreatFabric recently reported on multiple Android droppers found on the Google Play Store distributing banking trojans.
Verticals Targeted: Government
Executive Summary
Symantec recently reported on Spyder Loader, a tool used by Chinese nexus state-sponsored threat actor group Winnti to target government entities in Hong Kong.
