NPP Australia: Notifying Customers of a New PayID Leak
infosec

NPP Australia: Notifying Customers of a New PayID Leak

PayID's search function on Australia's new payment platform (NPP) has encountered problems once again. This...
Read More
infosec

Man-in-the-middle attacks: What are the most common types?

In a previous article we analyzed exactly what man-in-the-middle attacks are, how they work, how they are carried out and how we can protect ourselves against ...
Read More
infosec tweaks

Man-in-the-middle attacks: What is and how to protect yourself?

A man-in-the-middle attack presupposes three parts. The victim, the entity with which the victim is trying to communicate ...
Read More
infosec

Your keyboard can betray your passwords to hackers

Hackers are able to edit your online passwords only from the sound of your keystrokes, revealed a ...
Read More
infosec

Bluetooth vulnerability affects Apple, Qualcomm and Intel devices!

Bluetooth is used worldwide as one of the most convenient methods of connecting and controlling connected devices. However, according to ...
Read More
Latest Posts

Despite the arrests of cybercriminals, malicious activity continues

cybercriminals

Despite the fact that investigations carried out last year by Europol and the US Department of Justice, resulted in the arrest of many cybercriminals believed to have been leading positions in FIN7 and Carbanak, security experts are still finding signs of their activity. In addition, the number of hacking groups, using similar tools and the same infrastructure is growing. You will then find out what tools these groups use and how you can stay safe.

FIN7

The FIN7 team specializes in attacks on businesses in order to gain access to financial data or the PoS infrastructure. The usual method to follow is spear phishing campaigns through specialized social engineering. In order to convince their victims, they will first exchange dozens of normal and harmless messages with them.

In most cases, attacks use malicious documents with macros to install malicious software on the victim's computer. Then, modules are downloaded to the system's memory to collect information, download additional malware, capture screenshots, and cybercriminals may create additional modules at any time.

CobaltGoblin / Carbanak / EmpireMonkey

And other cybercriminals use similar tools and techniques. The only difference is their goals, such as banks. The main strategy of the Carbanak (or CobaltGoblin or EmpireMonkey) team is to gain access to victims' networks and then find interesting parameters that can generate revenue.

AveMaria botnet

AveMaria is a new botnet used to steal information. When a machine is infected, it begins to collect all possible credentials from various softwares: browsers, e-mail programs, messaging programs, and so on. It also works as a keylogger.

To deliver payload, villains use spear phishing, social engineering, and malicious attachments. Experts believe it is also associated with FIN7.

CopyPaste

CopyPaste targets financial entities and companies in an African country. Malicious agents used several methods and tools similar to those used by Fin7.

How can you stay safe?

Use security solutions with a special feature designed to detect and prevent a phishing attempt. Businesses can protect their on-premise e-mail systems with targeted applications within the suite Kaspersky Endpoint Security for Business.

Enter training on safety and teach practical skills such as programs Kaspersky Automated Security Awareness Platform will help strengthen skills and conduct simulated phishing attacks.

All of the aforementioned groups benefit greatly from unpatched systems in corporate environments. To limit their capabilities, use a robust fix strategy and a security solution such as Kaspersky Endpoint Security for Business that can automatically fix the critical software.

Share
Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by
Absent Mia

About Absent Mia

Being your self, in a world that constantly tries to change you, is your greatest achievement

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *