A campaign attributed to the FIN7 attackers targets restaurants with phishing emails and infected RTF Word documents that carry out fileless malware attacks.
Attackers behind February’s fileless malware attacks dropped malware on some bank ATMs that gave them the ability to dispense money, “at any time, at the touch of a button.”
Researcher Matt Nelson disclosed another Windows UAC bypass, this one abusing the sdclt.exe backup and restore utility to execute a payload without triggering an alert.
Since January, a number of ransomware families are sharing a common infrastructure with different techniques allowing the malware to hide from detection systems.
Two recent fileless malware campaigns targeting financial institutions, government agencies and other enterprises have been linked to the same attack group.