Blogs & Stories

SpiderLabs Blog

Attracting more than a half-million annual readers, this is the security community’s go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

Spam Masters of Extortion, Illusion and Evasion

In 2018 we saw a rise in sextortion scams in which cyber-criminals notified their victims via email that they have hacked or infected the victim’s computer with malware. Or the perpetrators had procured evidence in the form of personal recordings of the victim performing sexual acts or having illegal files of sexual content on their computer. The scammers then threatened to publicly expose the victim unless a ransom demand is paid in cryptocurrency (bitcoin) within a given time.

Rise of the Webminers

About a year ago webminers began to appear on more and more website. It was popularized by CoinHive and a couple of high-profile scandals revolving around ThePirateBay and Showtime and, in the span of a year, it has evolved into the most common consequence a compromised site suffers- a webminer injection, or “cryptojacking”.

Spammed JScript Phones Home To Download NemucodAES And Kovter

Contributed by: Gerald Carsula, Rodel Mendez and Nicholas Ramos Last June, we reported that Kovter was being spammed together with Cerber ransomware that used a fake email delivery notification. For the last few weeks another set of fake UPS delivery...

Petya Ransomware: A glimpse of the past, the present, and the future

Contributed by: Gerald Carsula, Rodel Mendez, and Nicholas Ramos Ransomware seem to be the trend now and this type of malware will no doubt continue to grow. But do you still remember in the 90's when boot viruses were the...

FakeGlobe and Cerber Ransomware: Sneaking under the radar while WeCry

Recently, we observed a constant influx of spam that distributes two ransomware families, perhaps trying to sneak in while everyone is focused with the recent WannaCry malware. Based on data from our Spam Research Database, an email campaign distributing FakeGlobe...

Bitcoin Transaction Malleability Theory in Practice – Blackhat USA 2014

***UPDATE: 10/17/2014 A demonstration of Bitcoing transaction malleability using PUSHDATA2 is now available: The demonstration was created by Daniel Chechik, Rami Kogan and Ben Hayak. *** This August we (Daniel Chechik and Ben Hayak) gave a talk at Blackhat USA...

Stay Connected


Subscribe

Sign up to receive the latest security news and trends from Trustwave.

No spam, unsubscribe at any time.


Trending Topics