| 25-04-2025 |
Symantec Endpoint Protection Blocks AsyncRAT Malware Spread via Cloudflare Tunnels |
Feature |
Symantec Endpoint Protection counters a new malware campaign using Cloudflare tunnels to deliver AsyncRAT through phishing emails and malicious scripts. The attack deploys multi-stage payloads hidden in files to gain remote access, but Symantec’s adaptive, file, and web-based defenses stop it effectively. This protection ensures businesses remain secure against sophisticated cyber threats. |
|
| 25-04-2025 |
Symantec Email Threat Isolation Blocks Fake DVLA Phishing Emails |
Feature |
Symantec Email Threat Isolation safeguards users from phishing emails mimicking the UK’s Driver and Vehicle Licensing Agency (DVLA), which trick recipients into updating payment details. These fraudulent emails lead to credential-stealing webpages, but Symantec’s email and web security solutions effectively block the malicious URLs. The protection ensures safe online interactions for DVLA account holders. |
|
| 25-04-2025 |
Symantec Endpoint Protection Stops DslogdRAT Malware Targeting Japanese Organizations |
Feature |
Symantec Endpoint Protection blocks the DslogdRAT malware campaign exploiting Ivanti Connect Secure vulnerabilities to target organizations in Japan. The malware enables remote command execution and data theft, but Symantec’s file, network, and web-based defenses prevent its spread. This robust security ensures safe endpoints and servers. |
|
| 24-04-2025 |
Alpine Quest App Hides Spyware Targeting Russian Military, Blocked by Symantec |
Company News |
A tampered version of the Alpine Quest navigation app was found carrying spyware that steals sensitive data like contacts, locations, and documents from Russian military devices. The malware sends stolen information to a Telegram bot and remote server, updating with every user movement. Symantec’s security solutions, including Android.Reputation.2 detection, protect users by identifying and neutralizing this threat. |
|
| 24-04-2025 |
Symantec Shields Against Proton66 Malware Campaigns with VMware Carbon Black |
Cybersecurity |
Proton66’s infrastructure is fueling phishing and malware attacks, including GootLoader, SpyNote, and XWorm, targeting Android users and Korean-speaking communities. Symantec’s VMware Carbon Black and WebPulse technologies block these threats, detecting malicious activities like compromised WordPress sites and WeaXor ransomware. The solutions use advanced machine learning and email security to protect users. |
|
| 24-04-2025 |
Symantec Counters PE32 Ransomware with VMware Carbon Black Protection |
Feature |
PE32 ransomware, a Telegram-controlled malware, uses a dual-extortion approach, demanding separate payments for file decryption and data privacy. Despite its simple code, it threatens systems with weak security, but Symantec’s VMware Carbon Black blocks it effectively. The solution employs behavior-based and machine learning detection to stop malicious activities. |
|
| 23-04-2025 |
Symantec Responds to New FormBook Malware Threat with Advanced Protection Tools |
Feature |
A new FormBook malware campaign has been detected spreading in the wild, targeting systems with data-stealing capabilities. Symantec has issued updated threat protection to help users defend against this growing cyber risk. The malware uses stealthy techniques to bypass defenses, making timely protection essential. Learn how Symantec’s solutions help safeguard sensitive data from emerging threats. |
|
| 23-04-2025 |
Symantec Blocks ToyMaker and Cactus Ransomware Threat with VMware Carbon Black |
Feature |
Cisco Talos researchers uncovered ToyMaker, an Initial Access Broker using the LAGTOY implant to enable Cactus ransomware attacks. Symantec’s VMware Carbon Black detects and blocks this threat, protecting users from malware execution and data breaches. The solution uses advanced machine learning and web-based security to neutralize malicious activities. Visit Broadcom’s Security Center to learn how VMware Carbon Black safeguards against ToyMaker and Cactus ransomware |
|
| 22-04-2025 |
Gunra Ransomware Hits Healthcare and Manufacturing Sectors with Double Extortion Tactics |
Company News |
A new ransomware threat, Gunra, is targeting healthcare, electronics, and beverage companies using double extortion methods—encrypting and stealing data before demanding ransom. Files are marked with a .encrt extension, and victims face data leaks if they don’t comply within five days. Symantec and VMware Carbon Black detect and block this malware using behavioral, adaptive, and machine learning tools. Businesses are urged to enable endpoint protection and monitor suspicious activity to prevent data breaches. |
|
| 22-04-2025 |
Interlock Ransomware Group Targets Users with ClickFix Tactics and Infostealers |
Company News |
The Interlock ransomware group is using fake CAPTCHAs and compromised websites to trick users into running PowerShell-based backdoors via ClickFix tactics. Victims are misled with legitimate-looking pages while malware installs ransomware, keyloggers, and infostealers in the background. Symantec and VMware Carbon Black offer advanced protection using behavioral, email, and machine learning-based threat detection. Stay alert and use trusted cybersecurity tools to prevent data theft and system compromise. |
|
| 22-04-2025 |
Billbug Espionage Group Deploys New Tools in Southeast Asia Cyber Attacks |
Feature |
The China-linked Billbug APT group has resurfaced with advanced cyber espionage tactics, using custom tools like ChromeKatz, CredentialKatz, and a reverse SSH tool. Their latest campaign leveraged DLL sideloading through trusted software such as Trend Micro and Bitdefender, alongside a new variant of the Sagerunex backdoor. These targeted attacks focused on critical sectors including government and telecoms. Discover how threat actors weaponize legitimate tools—read the full threat analysis and stay informed. |
|
| 22-04-2025 |
Symantec EDR Blocks Credential Dumping Attacks Using Advanced Threat Detection |
Feature |
Credential dumping is a major entry point for cybercriminals targeting business networks. Symantec Endpoint Detection and Response (EDR) helps detect and block these attacks through behavioral analytics and machine learning, offering strong protection against tools like Mimikatz and LaZagne. The platform gives security teams deep visibility into network threats and supports fast, effective response. Learn how Symantec EDR strengthens your organization’s defense against credential theft. |
|
| 22-04-2025 |
RustoBot Botnet Targets TOTOLINK Devices Using Rust-Based Malware |
Feature |
The newly identified RustoBot botnet exploits vulnerabilities in unpatched TOTOLINK routers to launch DDoS attacks across multiple architectures. Detected as threats like CL.Downloader!gen277 and Linux.Mirai, it’s actively blocked by Symantec’s security suite, including VMware Carbon Black. WebPulse-enabled tools provide additional protection by filtering malicious IPs and domains. Stay protected by keeping devices updated and reviewing your threat detection policies today. |
|
| 21-04-2025 |
Symantec SEP Web Extension Blocks Over 6.5M Online Threats in One Week |
Service |
Symantec Endpoint Protection browser extensions for Chrome and Edge stopped over 6.5 million attacks last week, protecting 157,000+ endpoints. Using advanced URL reputation and browser intrusion prevention, threats like phishing, scams, cryptojacking, and malicious redirects were effectively blocked. Businesses are encouraged to enable browser protection for real-time security. Explore how Symantec’s SEP Web Extension keeps users safe from evolving web threats. |
|
| 21-04-2025 |
Symantec IPS Blocks 52 Million Cyberattacks in One Week Across Global Endpoints |
Company News |
Symantec’s Intrusion Prevention System (IPS) protected over 341,000 endpoints last week, blocking 52 million attacks—most at the pre-infection stage. From server vulnerability scans to malware C&C attempts and cryptojacking, SEP’s deep packet inspection engine shielded desktops and servers worldwide. Businesses are urged to activate IPS for enhanced threat prevention. Discover how Symantec IPS defends against today’s most dangerous cyber threats. |
|
| 21-04-2025 |
SuperCard X Malware Targets Android Devices for NFC-Based Financial Fraud |
Company News |
A new Android malware called SuperCard X is being used in financial fraud campaigns, stealing NFC card data through fake apps spread via SMS and calls. Once installed, the malware enables unauthorized contactless transactions and ATM withdrawals. Symantec detects and blocks this threat using tools like Android.Reputation.2 and WebPulse protection. Stay protected by enabling Symantec’s mobile and web security features. |
|
| 18-04-2025 |
PasivRobber Spyware Targets macOS: Symantec Tools Block New Malware Variant |
Company News |
A new macOS threat, PasivRobber spyware, is actively stealing browser data, emails, and app info using disguised dynamic libraries. Symantec’s protection tools, including VMware Carbon Black and WebPulse, are blocking and detecting it using AI-based and file-based threat prevention. Users are urged to update their security settings and stay protected. Learn how Symantec tools are stopping this spyware in its tracks. |
|
| 17-04-2025 |
Fileless Malware Targets Windows Users with XWorm and Rhadamanthys – Symantec Enhances Defense |
Company News |
A stealthy malware campaign is using fileless attacks via PowerShell and JScript to drop XWorm and Rhadamanthys, aiming to steal sensitive data from Windows systems. Techniques like fake CAPTCHAs and scheduled tasks are used to trick users into launching threats. Symantec, with VMware Carbon Black and Email Threat Isolation, offers strong protection through behavior-based and machine learning detection. Secure your systems now with trusted tools like Symantec to stay ahead of evolving cyber threats. |
|
| 17-04-2025 |
Symantec Shields Against Fritillary APT’s Latest Cyberespionage Campaign |
Company News |
Symantec, powered by Broadcom, protects users from a new Fritillary APT campaign targeting European diplomatic entities with custom malware like GrapeLoader and WineLoader. Leveraging AI-driven tools such as VMware Carbon Black and WebPulse, Symantec detects and blocks these sophisticated threats. The campaign focuses on reconnaissance and backdoor delivery for potential future attacks. |
|
| 17-04-2025 |
Symantec Detects PteroLNK Malware Linked to Shuckworm APT |
Company News |
Symantec, powered by VMware Carbon Black, now blocks PteroLNK malware—a new threat from the Shuckworm group. Using a malicious VBScript and LNK dropper, it spreads quickly across networks. With real-time cloud-based malware detection, Symantec ensures strong endpoint protection. Learn how to stay secure with Symantec’s advanced threat defense. |
|
| 16-04-2025 |
Symantec Shields Users from DOGE BIG BALLS Ransomware Threat |
Service |
Symantec delivers robust protection against the DOGE BIG BALLS Ransomware, a Fog ransomware variant exploiting a government efficiency department with deceptive ZIP files. This cyberthreat uses PowerShell scripts and a kernel exploit to encrypt data, but Symantec’s adaptive, behavior, and machine learning-based defenses block it effectively. The ransomware targets sensitive system data, making strong cloud security essential. |
|
| 16-04-2025 |
Symantec Stops BPFDoor Linux Backdoor Targeting Asia and Middle East |
Service |
Symantec safeguards systems from the stealthy BPFDoor Linux backdoor, a malware using Berkeley Packet Filtering to open reverse shells in Asia and Middle East industries. This cyberthreat risks exposing sensitive data by bypassing firewalls. Symantec’s robust cloud security and file-based detection, including VMware Carbon Black, ensure comprehensive protection. |
|
| 16-04-2025 |
Symantec Blocks Phishing Attacks Using NoCodeForm and Submit-Form |
Service |
Symantec protects users from phishing campaigns exploiting trusted cloud-based tools like NoCodeForm and Submit-Form to steal credentials. These attacks mimic legitimate login pages, but Symantec’s Email Security.cloud and Messaging Gateway use advanced filtering to stop them. The misuse of web forms highlights the need for robust cloud security measures. |
|
| 16-04-2025 |
Symantec Shields Against BPFDoor Linux Backdoor Targeting Asia and Middle East |
Cybersecurity |
Symantec’s advanced protection detects and blocks the BPFDoor Linux backdoor, a stealthy malware using Berkeley Packet Filtering to infiltrate networks in Asia and Middle East industries. This backdoor opens reverse shells, risking sensitive data exposure. Symantec’s Carbon Black solutions ensure robust defense against this threat. |
|
| 16-04-2025 |
Symantec Blocks DOGE BIG BALLS Ransomware Exploiting Government Efficiency Name |
Company News |
Symantec’s robust defenses stop the DOGE BIG BALLS Ransomware, a Fog ransomware variant using a deceptive finance-themed ZIP file to target victims. This attack exploits a government efficiency department’s name and a vulnerable driver to gain system access. Symantec’s adaptive, behavior, and machine learning-based protections ensure comprehensive security. Read the Symantec Protection Bulletin to stay informed and safe. |
|
