trickbot – PossibleThreat Articles

A week in security (February 13 – 19)

February 20, 2023 0 Comments #chatgpt, AI, Android, arris router, Artificial intelligence, cisa, data leaks, dprk, endpoint security leader, esxiargs, fake hogwarts legacy, informed consent, iphone calendar spam, josh saxe, lock and code s04e04, mortal kombat, news, password sharing, Ransomware, section 230, trickbot, valentine's day, Wordpress

Categories: News

Tags: Josh Saxe

Tags: Lock and Code S04E04

Tags: AI

Tags: artificial intelligence

Tags: endpoint security leader

Tags: CISA

Tags: DPRK

Tags: ChatGPT

Tags: informed consent

Tags: valentine’s day

Tags: password sharing

Tags: Android

Tags: data leaks

Tags: ESXiArgs

Tags: TrickBot

Tags: Wordpress

Tags: fake Hogwarts Legacy

Tags: Arris router

Tags: ransomware

Tags: Mortal Kombat

Tags: Section 230

Tags: iPhone calendar spam

The most interesting security related news from the week of February 13 to 19.

(Read more…)

The post A week in security (February 13 – 19) appeared first on Malwarebytes Labs.

MalwareBytes Security

TrickBot gang members sanctioned after pandemic ransomware attacks

February 15, 2023 0 Comments conti, news, Ransomware, sanction, trickbot

Categories: News

Tags: Conti

Tags: ransomware

Tags: TrickBot

Tags: sanction

The US, in partnership with the UK, named individuals tied to TrickBot and shamed them with a sanction.

Independent Krebs Security

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

February 9, 2023 0 Comments A Little Sunshine, adam meyers, christina svechinskaya, CrowdStrike, dyre, group-ib, ilya sachkov, intel 471, kaspersky lab, michael debolt, Ne'er-Do-Well News, Ransomware, ruslan stoyanov, sergey mikhaylov, trickbot, u.s. department of treasury, vitaly "bentley" kovalev, wizard spider

Credit to Author: BrianKrebs| Date: Thu, 09 Feb 2023 20:23:58 +0000

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “Trickbot,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. The U.S. Department of the Treasury says the Trickbot group is associated with Russian intelligence services, and that this alliance led to the targeting of many U.S. companies and government entities.

MalwareBytes Security

A week in security (August 22 – August 28)

August 29, 2022 0 Comments Binance, chromeos, cisa, cryptojackers, gitlab, Google, hikvision, lastpass, news, patch management, plex, reddit, Social engineering, trickbot, twitter

Categories: News

Tags: cryptojackers

Tags: CISA

Tags: Reddit

Tags: social engineering

Tags: Google

Tags: PLex

Tags: Hikvision

Tags: patch management

Tags: ChromeOS

Tags: Twitter

Tags: Binance

Tags: Gitlab

Tags: TrickBot

Tags: LastPass

The important security news of this week

(Read more…)

The post A week in security (August 22 – August 28) appeared first on Malwarebytes Labs.

MalwareBytes Security

A week in security (June 6 – June 12)

June 13, 2022 0 Comments 4chan, A week in security, apple passkeys, asyncrat, b&q father's day contest 2022, blackbasta, blog recap, cloud data breach, decryption tool, dridex, emotet, esxi, facebook, FBI, federal bureau of investigations, Linux, linux malware, makemoney, malvertising, meeting owl, Microsoft, phishing, prometheus, prometheus ransomware, Ransomware, ransomware task force, ssndob, trickbot, ukraine, virtual machines, vm, whatsapp, whiteboard owl, windows autopatch

Credit to Author: Malwarebytes Labs| Date: Mon, 13 Jun 2022 10:29:57 +0000

The most important and interesting computer security stories from the last week.

The post A week in security (June 6 – June 12) appeared first on Malwarebytes Labs.

MalwareBytes Security

Emotet fixes bug in code, resumes spam campaign

April 27, 2022 0 Comments email spam campaign, emotet, icedid, malware, mark of the web, mimikatz, motw, qakbot, Qbot, trickbot

Credit to Author: Jovi Umawing| Date: Wed, 27 Apr 2022 10:15:34 +0000

Emotet is back with a new spam campaign. And it’s now spreading itself as a shortcut link file pretending to be Word document.

The post Emotet fixes bug in code, resumes spam campaign appeared first on Malwarebytes Labs.

Microsoft Security

Uncovering Trickbot’s use of IoT devices in command-and-control infrastructure

March 16, 2022 0 Comments cybersecurity, IoT, Microsoft security intelligence, trickbot

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Wed, 16 Mar 2022 15:00:00 +0000

The Microsoft Defender for IoT research team has recently discovered the exact method through which MikroTik devices are used in Trickbot’s C2 infrastructure. In this blog, we share the analysis of this method and provide insights on how attackers gain access and how they use compromised IoT devices in Trickbot attacks.

The post Uncovering Trickbot’s use of IoT devices in command-and-control infrastructure appeared first on Microsoft Security Blog.

MalwareBytes Security

A week in security (February 28 – March 6)

March 7, 2022 0 Comments A week in security, chrome 99, Cisco, conti, crisis text line, deepfakes, hermeticwiper, malware, meta, NVIDIA, Podcast, Ransomware, toyota, trickbot, ukraine

Credit to Author: Malwarebytes Labs| Date: Mon, 07 Mar 2022 11:05:36 +0000

The most important and interesting security stories from the last seven days.

The post A week in security (February 28 – March 6) appeared first on Malwarebytes Labs.

Independent Krebs Security

Conti Ransomware Group Diaries, Part II: The Office

March 2, 2022 0 Comments A Little Sunshine, bentley, bleeping computer, conti, emotet, hof, lawrence abrams, mango, Ne'er-Do-Well News, palo alto networks, Ransomware, reverse, ryuk, stern, The Coming Storm, trickbot

Credit to Author: BrianKrebs| Date: Wed, 02 Mar 2022 17:49:52 +0000

Earlier this week, a Ukrainian security researcher leaked almost two years’ worth of internal chat logs from Conti, one of the more rapacious and ruthless ransomware gangs in operation today. Tuesday’s story examined how Conti dealt with its own internal breaches and attacks from private security firms and governments. In Part II of this series we’ll explore what it’s like to work for Conti, as described by the Conti employees themselves.

Independent Krebs Security

Conti Ransomware Group Diaries, Part I: Evasion

March 1, 2022 0 Comments alex holden, alla witte, conti, conti breach, conti ransomware, contileaks, emercoin, emerdns, hof, Hold Security, Ne'er-Do-Well News, Ransomware, revil ransomware, stern, The Coming Storm, trickbot, ukraine

Credit to Author: BrianKrebs| Date: Tue, 01 Mar 2022 20:50:30 +0000

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti, an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. The chat logs offer a fascinating glimpse into the challenges of running a sprawling criminal enterprise with more than 100 salaried employees. The records also provide insight into how Conti has dealt with its own internal breaches and attacks from private security firms and foreign governments.

← Previous