Hackers exploit Windows Error Reporting service in new fileless attack

A new fileless attack technique that abuses the Microsoft Windows Error Reporting (WER) service is the work of a hacking group that is yet to be identified. 

According to Malwarebytes security researchers Hossein Jazi and Jérôme Segura, the attack vector relies on malware burying itself in WER-based executables to avoid arousing suspicion.

In a blog post on Tuesday, the duo said the new “Kraken” attack — albeit not a completely novel technique in itself — was detected on September 17. 

See also: Researchers track hacking ‘fingerprints,’ link Russian attackers to Windows exploit sellers

A lure phishing document found by the team was packaged up in a .ZIP file. Titled, “Compensation manual.doc,” the file claims to contain information relating to worker compensation rights, but when opened, is able to trigger a malicious macro. 

The macro uses a custom version of the CactusTorch VBA module to spring a fileless attack, made possible

Read More

US warns: Big surge in Emotet malware campaigns makes it one of today’s top threats

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning over a huge surge in activity by the gang behind the Emotet trojan. 

Historically, the Emotet spam botnet has been linked to the distribution of banking trojans, but these days it spews malware-laden spam and then sells access to infected computers to any criminal group, including ransomware operators. 

Microsoft, Italy, and the Netherlands last month warned of a spike in Emotet malicious spam activity, which came a few weeks after France, Japan and New Zealand issued their alerts over Emotet.   

Emotet was quiet after February but came back with a vengeance in July. CISA describes Emotet as a “sophisticated trojan commonly functioning as a downloader or dropper of other malware” and “one of the most prevalent ongoing threats”. 

CISA’s assessment is understandable given that Emotet is considered to be currently the world’s

Read More

Broadcom settles antitrust dispute with EU by agreeing to refrain from any exclusivity arrangements for chips used in TV set-top boxes and internet modems (Valentina Pop/Wall Street Journal)


Valentina Pop / Wall Street Journal:

Broadcom settles antitrust dispute with EU by agreeing to refrain from any exclusivity arrangements for chips used in TV set-top boxes and internet modems  —  The U.S. company agrees to refrain from any exclusivity arrangements for chips used in television set-top boxes and internet modems, European Commission says… Read More

UK accounts for 45% of Europe’s card fraud as criminals target online transactions

Card fraud across Europe reached €1.55bn last year, with about 45% of that happening to UK consumers and businesses.

Data from BuyShares.co.uk, which provides information to investors, revealed that 2019 saw Є707m worth of card fraud committed in the UK, which is the biggest e-commerce market in Europe.

In comparison, France had the second highest level of card fraud, at Є441m, and Germany the third highest, suffering losses of Є91.5m to the crime.

Over three-quarters (76%) of the fraud in Europe happened through remote purchases, the research found. “The high value of fraud is a result of a high level of using cards for online purchases,” said the report

Card-not-present fraud, where a criminal uses card details without the physical card, continues to increase alongside the growth of e-commerce. Criminals are using sophisticated methods to glean payment card details, including malware and phishing scams.

“In Europe, most cards come

Read More