Tagged With cisco talos


A new botnet, boasting an army of 500,000 remotely-controlled routers in 54 countries, has been discovered. VPNFilter allows attackers to steal credentials, monitor Modbus SCADA protocols and has a destructive capability that can render an infected device unusable. It can be triggered on a single device or as part of a mass attack.


Threat actors, Group 74, have targeted people attending the Cyber Conflict US Conference being held in Washington next month. They have distributed a flyer that delivers a VBA payload. Cleverly, the bad guys copied the text from the real flyer from the conference website and used that to craft their attack. While this isn't a new technique it's interesting that they are specifically focussing on security experts, presumably as a way of boosting their credibility in the hacker community.