Massive AdGholas Malvertising Campaigns Use Steganography and File Whitelisting to Hide in Plain Sight
Proofpoint and Trend Micro researchers collaborated to detect and analyze a sophisticated, previously undocumented malvertising campaign that exposed millions of users every day to attacks that employed steganography and multi-layered filtering.
Proofpoint researchers discovered a new delivery mechanism for malware - PayPal money request messages with both a link to Chthonic and a socially engineered request for $100.
For the first time since Proofpoint researchers discovered CryptXXX, the ransomware is being distributed via malicious documents attached to email messages.
Proofpoint researchers discover a cloned Pokemon GO Android APK backdoored with the malicious remote access tool (RAT) DroidJack.
Proofpoint researchers track an advanced persistent threat as Chinese actors target Russian and European military and diplomatic interests.
Proofpoint researchers describe the malware involved in a recent uptick in banking Trojans targeting Canadian interests.
Proofpoint researchers identified a new ransomware called "Bart" from actors who have been spreading Dridex and Locky.
Proofpoint researchers dissect the payload from the first large Locky ransomware campaign in over 3 weeks.
Proofpoint researchers have been tracking the relatively sudden shutdown of several elements of the advanced threat ecosystem, including the Angler exploit kit, which now appears to extend well beyond the disruption of the Necurs botnet we covered last week.