If you are a regular reader of The Hacker News, you might be aware of an ongoing cyber attack — detected in the wild by McAfee and FireEye — that silently installs malware on fully-patched computers by exploiting an unpatched Microsoft Word vulnerability in all current versions of Microsoft Office.
Now, according to security firm Proofpoint, the operators of the Dridex malware started
Security researchers have discovered a new variant of Dridex – one of the most nefarious banking Trojans actively targeting financial sector – with a new, sophisticated code injection technique and evasive capabilities called “AtomBombing.”
On Tuesday, researchers with IBM X-Force disclosed new research, exposing the new Dridex version 4, which is the latest version of the infamous financial
Dridex has undergone a massive update and now sports a new injection method for evading detection based on the technique known as AtomBombing.
Dridex banking malware returns with a new bypass technique that allows the malware to execute without triggering a Windows UAC alert to the user.
A massive wave of Locky ransomware delivered via DOCM attachments is targeting the healthcare sector this month.
After a mysterious three weeks off the grid, Necurs has returned to spewing massive volumes of email containing improved versions of the potent Locky ransomware and Dridex banking Trojan.
The Dridex banking trojan that is widely being used by cyber criminals to distribute malware onto users’ machines has now been found distributing a security software.
A portion of the Dridex banking Trojan botnet may have been hacked or compromised by an unknown Whitehat Hacker, who replaced the malicious links with Avira Antivirus installers.
What is Dridex Banking Trojan? How it Works
A phishing campaign that spiked this week is pushing the Dridex banking Trojan via malicious macros embedded in XML file attachments.