all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Astaroth, Mekotio & Ousaban abusing Google Cloud Run in LATAM-focused malware campaigns

Add to bookmarks
Feb. 20, 2024, 1 p.m. | Edmund Brumaghin

Cisco Talos Intelligence Group - Comprehensive Threat Intelligence blog.talosintelligence.com

  • Google Cloud Run is currently being abused in high-volume malware distribution campaigns, spreading several banking trojans such as Astaroth (aka Guildma), Mekotio and Ousaban to targets across Latin America and Europe.
  • The volume of emails associated with these campaigns has significantly increased since September 2023 and we continue to regularly

abusing america astaroth banking banking trojan banking trojans campaigns cloud continue distribution emails europe google google cloud guildma high latam latin america malware malware distribution malware research run securex september threat spotlight trojans

Visit resource

More from blog.talosintelligence.com / Cisco Talos Intelligence Group - Comprehensive Threat Intelligence

Rounding up some of the major headlines from RSA 2 days, 14 hours ago | blog.talosintelligence.com
coming conference major may +3
Talos releases new macOS open-source fuzzer 2 days, 20 hours ago | blog.talosintelligence.com
code fuzzer fuzzing linux +8
Only one critical vulnerability included in May’s Microsoft Patch Tuesday; One other zero-day in DWN … 4 days, 14 hours ago | blog.talosintelligence.com
code code execution critical critical vulnerability +18
Talos joins CISA to counter cyber threats against non-profits, activists and other at-risk communities 4 days, 19 hours ago | blog.talosintelligence.com
activists can cisa commercial +19
A new alert system from CISA seems to be effective — now we just need … 1 week, 2 days ago | blog.talosintelligence.com
alert alerts catalog cisa +12
Talos discloses multiple zero-day vulnerabilities, two of which could lead to code execution 1 week, 3 days ago | blog.talosintelligence.com
arbitrary code arbitrary code execution code code execution +14
What can we learn from the passwords used in brute-force attacks? 2 weeks, 2 days ago | blog.talosintelligence.com
attacks brute brute-force can +5
Vulnerabilities in employee management system could lead to remote code execution, login credential theft 2 weeks, 3 days ago | blog.talosintelligence.com
code code execution credential credential theft +21
Cisco Talos at RSAC 2024 2 weeks, 4 days ago | blog.talosintelligence.com
announcements cisco cisco talos cybersecurity +12

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Senior - Penetration Tester

@ Deloitte | Madrid, España
View on infosec-jobs.com

Associate Cyber Incident Responder

@ Highmark Health | PA, Working at Home - Pennsylvania
View on infosec-jobs.com

Senior Insider Threat Analyst

@ IT Concepts Inc. | Woodlawn, Maryland, United States
View on infosec-jobs.com