Researcher warns of a MacOS vulnerability that Apple refuses to correct

Researcher warns of a MacOS vulnerability that Apple refuses to correct

According to an Italian security researcher named Filippo Cavallarin, macOS Mojave 10.14.5 and younger are vulnerable to a ...
Read More

The Pentagon: Educates the cyber-squire for a world war on a deserted island!

The Pentagon: Few have access to Plum Island in which a secret branch of the US government is located and performs exercises ...
Read More
infosec tweaks

New generation malware and ways of protection: What you need to know

Every day we hear about new attacks by hackers on companies, organizations, and even individuals. The worrying is that the scammers ...
Read More

Google Play Protect protects your device from malware. Turn it on!

Due to the recent vulnerability of WhatsApp that enabled hackers to remotely install spyware on both ...
Read More

Hackers stole sensitive NederWoon customer information

A home rental company, NederWoon, has been hit by hackers. Hackers managed to get into the company's systems ...
Read More
Latest Posts

Despite the arrests of cybercriminals, malicious activity continues


Despite the fact that investigations carried out last year by Europol and the US Department of Justice, resulted in the arrest of many cybercriminals believed to have been leading positions in FIN7 and Carbanak, security experts are still finding signs of their activity. In addition, the number of hacking groups, using similar tools and the same infrastructure is growing. You will then find out what tools these groups use and how you can stay safe.


The FIN7 team specializes in attacks on businesses in order to gain access to financial data or the PoS infrastructure. The usual method to follow is spear phishing campaigns through specialized social engineering. In order to convince their victims, they will first exchange dozens of normal and harmless messages with them.

In most cases, attacks use malicious documents with macros to install malicious software on the victim's computer. Then, modules are downloaded to the system's memory to collect information, download additional malware, capture screenshots, and cybercriminals may create additional modules at any time.

CobaltGoblin / Carbanak / EmpireMonkey

And other cybercriminals use similar tools and techniques. The only difference is their goals, such as banks. The main strategy of the Carbanak (or CobaltGoblin or EmpireMonkey) team is to gain access to victims' networks and then find interesting parameters that can generate revenue.

AveMaria botnet

AveMaria is a new botnet used to steal information. When a machine is infected, it begins to collect all possible credentials from various softwares: browsers, e-mail programs, messaging programs, and so on. It also works as a keylogger.

To deliver payload, villains use spear phishing, social engineering, and malicious attachments. Experts believe it is also associated with FIN7.


CopyPaste targets financial entities and companies in an African country. Malicious agents used several methods and tools similar to those used by Fin7.

How can you stay safe?

Use security solutions with a special feature designed to detect and prevent a phishing attempt. Businesses can protect their on-premise e-mail systems with targeted applications within the suite Kaspersky Endpoint Security for Business.

Enter training on safety and teach practical skills such as programs Kaspersky Automated Security Awareness Platform will help strengthen skills and conduct simulated phishing attacks.

All of the aforementioned groups benefit greatly from unpatched systems in corporate environments. To limit their capabilities, use a robust fix strategy and a security solution such as Kaspersky Endpoint Security for Business that can automatically fix the critical software.

Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (, as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *