top of page

Services
Professional services
Security Risk Assessment
Customized risk and compliance gap assessments with a tailored roadmap to address gaps and vulnerabilities.
Virtual CISO (vCISO)
Expert security leadership that assesses, addresses, and continually improves your security posture and compliance, all at a fraction of the cost of a full-time CISO.
Penetration Testing
Comprehensive penetration testing to uncover vulnerabilities and reinforce your defenses before attackers can exploit them.
Incident Response
Incident response plan development and testing, paired with rapid, expert action to contain security incidents, minimize damage, and maintain compliance with industry standards.
Managed Services
Third-Party Risk Management
Securely manage vendor relationships from start to finish.
Security Awareness Training
Empower your team to recognize threats.
Email Security
Protect your inbox from phishing and spam.
Vulnerability Management
Continuous scanning and alerts for swift risk remediation.
Managed Detection & Response (MDR)
Quickly detect, respond, and recover from advanced threats.
Password Management
Secure, manage, and simplify passwords.
Dark Web Monitoring
Monitor exposed data before it’s used against you.
Industry
Healthcare
Ensure patient trust with robust data protection and compliance.
Financial Services
Safeguard financial data while meeting compliance at every level.
K-12 Education
Enhance student safety and privacy while supporting educational goals.
Framework
HIPAA
SOC 2
Additional frameworks
Simplify security: How to build your security program with NIST CSF 2.0
Download the ebook
Resources
Resources
Blog
Stay updated with the latest trends and insights in cybersecurity. From industry news to expert analyses, our blog keeps you informed.
Podcast
Listen to expert discussions on pressing cybersecurity issues. Featuring interviews and practical advice, our podcast keeps you engaged and informed.
Security community
Stay updated with the latest security news and join the conversation. Connect with peers, share insights, and leave comments on the most recent updates.
Guides and reports
Access comprehensive guides and reports with actionable insights and strategies to improve your security stance.
Master HIPAA: How to achieve compliance with our ultimate guide
Download the guide
Company
Contact
Partners

Free Cybersecurity Review

Finance

Public·3 members

October 24, 2024

New Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detection

ree

Who:

Threat Actor: Operators of the Grandoreiro banking malware, a Brazilian banking trojan.
Target: Banking customers, particularly in Mexico, Latin America (LATAM), and Europe.

What:

Malware Evolution: New variants of Grandoreiro have adopted advanced tactics like domain generation algorithms (DGA), encryption, mouse tracking, and CAPTCHA barriers to evade detection.
Attack Methods: Delivered primarily through phishing emails and malicious ads, Grandoreiro uses large files disguised as legitimate software to bypass security measures, gathering credentials and monitoring user activity.

Impact:

Global Financial Threat: Capable of stealing credentials from over 1,700 financial institutions across 45 countries, the malware poses a significant risk to banking systems.
Evasion Tactics: The malware’s continuous evolution helps it avoid modern security systems, making it a persistent threat despite law enforcement crackdowns.

Read the full article HERE

27 Views

bottom of page