Cybersecurity Special the automotive industry as a target of cyberattacks

Hornetsecurity Blog

Get regular updates from the world of cloud security

In our blog, the Hornetsecurity team – especially the experts from the Security Lab – regularly report on IT security topics as well as on current innovations and events at Hornetsecurity.

The webshells powering Emotet

The webshells powering Emotet

The Hornetsecurity Security Lab presents details on the webshells behind the Emotet distribution operation, including insights into payload downloads and how from 2020-07-22 to 2020-07-24 Emotet payloads on Emotet download URLs were replaced with HTML code displaying GIFs. The analysis shows that the number of downloads of the malicious content behind the Emotet download URLs is significant and has been observed peaking at 50,000 downloads per hour. Highlighting that Emotet emails do get clicked. The analysis further shows that compromised websites are not just compromised once but multiple times by different actors and cleanup efforts by the website administrators are often insufficient leading to re-enabling of the malicious Emotet downloads.
Providence Strategic Growth and Verdane Invest in Hornetsecurity

Providence Strategic Growth and Verdane Invest in Hornetsecurity

LONDON, OSLO, AND HANOVER – [23] JULY 2020 – Providence Strategic Growth (“PSG”), the growth equity affiliate of premier asset management firm Providence Equity Partners (“Providence”), and Verdane, the specialist Northern European growth equity investor, today announced that they have entered into a definitive agreement for an investment in Hornetsecurity Group (“Hornetsecurity”), a leading European provider of cloud-based email security and data protection, whereby affiliates of PSG become new shareholders in the Company whereas Verdane re-invests.
Emotet is back

Emotet is back

On 2020-07-17 the Hornetsecurity Security Lab detected the return of Emotet malspam. The reemerging Emotet malspam was already blocked by existing detection rules. The current Emotet malspam wave again uses malicious macro documents spread either via attachments or via malicious download links. As usual, the VBA macros in the document download the Emotet loader that the Hornetsecurity Security Lab has previously analyzed.
Deepfakes – A New Threat to Organizations

Deepfakes – A New Threat to Organizations

A hacker is smart, much smarter than the average. With just a few clicks and a few key combinations, he’s hacked into the systems of governments, government agencies and large corporations. He avoids the public and acts in secret. His skin is pale, he always wears dark clothes and works late into the night – that’s what Hollywood tells us. And the stereotypes created by the film industry remain in our consciousness…But who is behind the ingenious attacks that frighten whole companies?
Clop, Clop! It’s a TA505 HTML malspam analysis

Clop, Clop! It’s a TA505 HTML malspam analysis

In this article Hornetsecurity’s Security Lab outlines one of the current infection chains by the operators behind the Clop ransomware. The outlined infection chain starts from an email with a malicious HTML attachment. This attachment redirects the victim to an XLS document containing the Get2 loader. This loader then installs a remote access trojan (RAT) on the system, which is used to prepare the victims network for the deployment of the Clop ransomware. The goal of the attack is to encrypt as many systems in the victims organization as possible in order to extort the highest possible ransom. To this end, the attackers also threaten to publish stolen data if the ransom is not paid.
Cyber attacks on automotive sector picking up speed

Cyber attacks on automotive sector picking up speed

Autonomous driving, electromobility, connected cars and car sharing – the automotive industry is in a state of upheaval. New technologies and digitalized processes bring numerous advantages to automotive companies, enabling them to meet new customer needs on the one hand and to remain competitive on the other. However, the ongoing digitalization of the industry not only offers advantages, but also provides hackers with an ever greater target for attacks. And cyber criminals are trying to exploit these intensively: The security analysts of the Hornetsecurity Security Lab discovered that the automotive sector, after the energy and logistics industry, is one of the most attacked industries worldwide in the past year…
Hornetsecurity signs first UK distributor contract with Brigantia

Hornetsecurity signs first UK distributor contract with Brigantia

Hornetsecurity, the German company which is Europe’s leading email cloud security provider, is expanding its presence in the UK through a strategic partnership with cybersecurity distributor Brigantia. The new partnership – which follows Hornetsecurity’s acquisition of the Poole-based email security provider Everycloud in January – will give it access to Brigantia’s network of resellers throughout the UK and Ireland and support its plans to become the UK market leader within 12 months…

Sign Up Hornet News

The new Cyberthreat Report