Police stop mass ATM ATTACK!

Police stop mass ATM ATTACK! Askari Blue Supports Local Police Cyber Forum The Office of the Northamptonshire Police, Fire and Crime Commissioner (NorthantsPFCC) held it’s September Cyber Forum to support local businesses and organisations. Askari Blue was invited to present on ‘An Introduction to Threat Intelligence’, a difficult task in just 15 minutes. Earlier in … Read more

Malware stops you getting infected (…Again)

Malware stops you getting infected (…Again) A new TTP is observed in Smominru malware. Smominru malware was first observed in 2017 primarily used as a cryptomining botnet. Its large payloads allow for many features, including credential theft and wormable capabilities, spreading across Windows 7 and Server 2008. It has been documented to have many propagation … Read more

What does Hurricane Dorian have to do with Cyber Security?

Cybercriminals prevent aid to Hurricane victims What does Hurricane Dorian have to do with Cyber Security? Over the weekend, Hurricane Dorian killed approximately 50 people, with islands such as Abaco within the Bahamas taking the greatest impact and most recently leaving thousands of Canadians without Power. But with weather reporting and early warning systems, would … Read more

Hunting for MageCart

Hunting for MageCart We’ve heard a lot in the news about MageCart over the last year. If you’re unfamiliar, MageCart is a collection of cybercriminal groups known for stealing credit card data. Two of the best-known breaches, British Airways and Ticket Master, collectively impacted ~420,000 customer and the ICO has since warned of intentions to … Read more

Askari Blue fights CyberCrime at Police HQ

This week we supported Northamptonshire Police and County Council by presenting on Nigerian Scammers using malware to steal millions £. The event was part of Northamptonshire Police Fire and Ambulance council to raise awareness of Cyber Threats towards the local community. Small businesses attended to help understand this ever growing risk.

Emotet Banking Trojan Loves U.S.A Internet Providers

According to new data by TrendMicro, attackers utilising the Emotet banking Trojan predominantly used internet providers located in the U.S.A. to host their Command & Control infrastructure. In a recent blog post, TrendMicro states that the United States of America, with a 45% share, hosts more Emotet C2 infrastructure through Comcast, followed by Mexico and Canada. The top … Read more

State-Sponsored Actors Focus Attacks on Asia

Southeast Asia is the most actively attacked region, accordingly to Cyber Security firm, Group-IB. Their annual Hi-Tech Crime Trends Report 2018 advises, “In just one year, 21 state-sponsored groups were detected in this area, which is more than in the United States and Europe.” Although, not only state-sponsored groups are focusing their attention on this … Read more

Malware Distributors Adopt DKIM to Bypass Mail Filters

In July 2018, US-CERT raised an alert regarding the Emotet banking trojan, which is also being used to distribute a secondary malware known as “Trickbot”. This alert provided recommendations on how businesses can mitigate their exposure to the Trojan. Unfortunately, it looks like criminals are also reading the US-CERT’s warnings as they have adopted new … Read more