X-Industry

ursnif (4)

What’s Old (Ursnif), is New Again (Gozi)

10854679261?profile=RESIZE_400xOne of the oldest and most successful forms of banking malware has been repurposed into a backdoor trojan described as "significantly dangerous" and likely to be used for ransomware attacks.  The new variant of Ursnif malware, also known as Gozi, has been detailed by researchers who suggest it has been purposefully built to power ransomware and data-theft attacks by using malicious Microsoft Office documents to get into users’ computers and requires macros to be activated. 

Designed to steal ban

11 Malware Actors Targeting YOU

10756525283?profile=RESIZE_400xThe US Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) have picked 11 malware families as their top threats.    The list comprises malware that has evolved over the past ten years as banking trojans, remote access trojans, information stealers, and ransomware delivery tools.

The agencies listed the top malware strains of 2022:

  • Agent Tesla (information stealer)
  • AZORult (information stealer)
  • Formbook (information stealer)
  • Ursnif (banking Tro

TACTICAL REPORT: GEOPOL, CYBERSEC AND THE ENERGY SECTOR

8522620286?profile=RESIZE_400xActivity Summary - Week Ending 5 February 2021:

  • Red Sky Alliance identified 34,976 connections from new unique IP addresses
  • Greek Bank, Alpha Bank Group has an Attack Server (C2) Compromise
  • DigitalOcean has a Compromised (C2) IP
  • Analysts identified 2,089 new IP addresses participating in various Botnets
  • PowerShell Dropping REvil
  • Ursnif/Gozi using INPS as Bait
  • How the World Ends
  • US – Russia Cyber Strategy
  • Rocket Chat (Al Qaeda) urging Cyber Terrorism
  • Operation Lady-Bird
  • Electric Grids – Still a

TACTICAL CYBER REPORT: COMMUNICATION / SOCIAL MEDIA

8466315484?profile=RESIZE_400xActivity Summary - Week Ending 22 January 2021:

  • Keylogged: imports1@fairdealfurniture.biz - Mombasa Kenya
  • Red Sky Alliance observed 29 unique email accounts compromised with Keyloggers
  • Analysts identified 19,902 connections from new unique IP Addresses
  • 1,957 new IP addresses participating in various Botnets
  • Ursnif (Gozi) banking Trojan
  • ElectroRat Crypto-Stealing
  • JetBrains
  • Social Media Alternative Parler is under Siege
  • The Word of the Moment – Purge
  • Censorship-Resistant Blockchain Social Media
  • S