Featured Post

Avira Antivirus Pro - Review 2020 - PCMag India

Image
Avira Antivirus Pro - Review 2020 - PCMag IndiaAvira Antivirus Pro - Review 2020 - PCMag IndiaPosted: 11 Jun 2020 12:00 AM PDTEvery computer needs antivirus protection, and one way companies can support that aim is to provide free antivirus to the masses. But these companies can't survive unless some users shell out their hard-earned cash for paid antivirus utilities. Piling on pro-only tools and components is one way companies encourage upgrading to a paid antivirus. Avira Antivirus Pro adds several components not available to users of Avira Free Security, but they don't really add much value. The biggest reason to pay for it is if you want to use Avira in a commercial setting, which isn't allowed with the free version.Avira's pricing is undeniably on the high side, with a list price of $59.88 per year for one license, $71.88 for three, and $95.88 for five. Admittedly, it seems to be perpetually on sale; just now, the one-license price is discounted to $44.99. That…

Emotet banking trojan possibly being prepped for a new attack - SC Magazine

Emotet banking trojan possibly being prepped for a new attack - SC Magazine


Emotet banking trojan possibly being prepped for a new attack - SC Magazine

Posted: 23 Apr 2020 12:00 AM PDT

Security researchers are seeing signs that the Emotet banking trojan is about to awaken from its latest hiatus by deploying newly improved credential and email stealing modules.

Emotet last came to life in January 2020 but analysts with the Herjavec Group believe the new modules are being placed as a first step toward the launch of a new phishing campaign. If and when this is released targets will find themselves battling its anti-malware evasion and a hashbusting implementation which makes it more dangerous compared to previous versions. Hashbusting ensures that the malware will have a different hash on each system it infects, rendering hash-based detections useless.

Some of the technical changes incorporated include reworked malware code to incorporate the use of a state machine to obfuscate the control flow and branches of code being flattened into nested loops, which enables the code blocks to be in any order and operationally execute in order by the state machine.

Emotet's last wave of attacks started on January 13, 2020 with a strong focus on the U.S., after a three-week break in activity. Reportedly, at the time many of the phishing emails contained business-related Microsoft Word attachments such as proof-of-delivery documents and agreements. Users who opened these attachments and enabled the malicious macros embedded within were subsequently infected with Emotet.

It is not known how an upcoming attack may present itself but Herjavec Group recommends:

  • Block email attachments commonly associated with malware (e.g.,.dll and .exe).
  • Block email attachments that cannot be scanned by antivirus software (e.g., .zip files).
  • Implement Group Policy Object and firewall rules.
  • Implement an antivirus program and a formalized patch management process.
  • Implement filters at the email gateway, and block suspicious IP addresses at the firewall.

Comments

Popular Posts

System detected an overrun of a stack-based buffer in this application [FIX] - Windows Report

Valorant anti-cheat lead answers many questions on Reddit - Millenium US