Security Alerts & News
by Tymoteusz A. Góral

History
#1082 Adwind RAT resurfaces, targeting Danish companies
The remote access Trojan Adwind has resurfaced and as of last weekend, is being used in spam emails targeting Danish companies, researchers said.

In emails purporting to be order requests coming from either spoofed or fake return addresses, attackers are spreading malicious .jar, or Java archive files. Assuming a user clicks through and opens the file, Adwind’s code is run, and the machine is pulled into a botnet.

According to researchers with Romania-based Heimdal Security, who described the RAT in a blog post on Monday, this iteration of Adwind communicates with a server that’s been used in other RAT campaigns that use dynamic DNS services. Command and control servers used by the RAT have been down and up over the course of its existence. Most of them rely on Dynamic DNS servers and are not real domain registrations.
Read more
#1084 Android security bulletin features two patch levels
#1083 EasyDoc malware adds Tor backdoor to Macs for botnet control
#1082 Adwind RAT resurfaces, targeting Danish companies
#1081 An increase of sophisticated phishing attacks in Sweden
#1080 12 security suites for Mac OS X put to the test
#1079 Second man pleads guilty of hacking entertainment industry celebrities
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12