Proofpoint researchers have been tracking the relatively sudden shutdown of several elements of the advanced threat ecosystem, including the Angler exploit kit, which now appears to extend well beyond the disruption of the Necurs botnet we covered last week.
Proofpoint researchers take a look at the effects of an apparent outage in the massive Necurs botnet on two of the biggest names in malware: Dridex and Locky.
Proofpoint researchers track new campaigns from a familiar actor using evasive macros and distributing a new Dridex sub-botnet targeting Swiss banking institutions.
With its latest version, detected last week by Proofpoint researchers, CryptXXX breaks the currently available decryption tool and adds new capabilities to encrypt shared network resources, among other updates.
Proofpoint researchers recently detected a phishing campaign that ultimately led recipients to download and install the iSpy keylogger.
Proofpoint researchers analyze two updated malware downloaders that have reappeared after several months hiatus and profile one threat actor experimenting with various loaders to distribute Vawtrak.
Proofpoint researchers track an updated point-of-sale malware called AbaddonPOS and loader being distributed in targeted, personalized emails to US retailers.
Proofpoint researchers have been tracking Version 2.00x of the CryptXXX ransomware. The latest iteration, version 2.006, breaks the freely available decryption tool for CryptXXX.