Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2023-01-13 20:00:00 |
Malware Comes Standard With This Android TV Box on Amazon (lien direct) |
The bargain T95 Android TV device was delivered with preinstalled malware, adding to a trend of Droid devices coming out-of-the-box tainted. |
Malware
Prediction
|
|
★★★★
|
|
2023-01-12 22:20:00 |
Researchers Find \'Digital Crime Haven\' While Investigating Magecart Activity (lien direct) |
A security vendor's investigation of infrastructure associated with a new, crypto-focused Magecart skimmer leads to discovery of cryptoscam sites, malware distribution marketplace, Bitcoin mixers, and more. |
Malware
Guideline
|
|
★★★
|
|
2023-01-12 19:11:00 |
Critical Cisco SMB Router Flaw Allows Authentication Bypass, PoC Available (lien direct) |
Unpatched Cisco bugs, tracked as CVE-2023-20025 and CVE-2023-20026, allow lateral movement, data theft, and malware infestations. |
Malware
|
|
★★
|
|
2023-01-10 15:04:00 |
Netskope Threat Research: Malware-Delivering Cloud Apps Nearly Tripled in 2022 (lien direct) |
401 distinct cloud apps shown to deliver malware; Microsoft OneDrive delivered 30% of all cloud malware downloads. |
Malware
Threat
|
|
★★★
|
|
2023-01-06 18:46:00 |
PurpleUrchin Gang Embraces DevOps In Massive Cloud Malware Campaign (lien direct) |
The Automated Libra group is deploying all components of its campaign in an automated manner via containers, stealing free trial resources for cryptomining, but the threat could get larger. |
Malware
Threat
|
|
★★★
|
|
2023-01-05 18:02:00 |
Bluebottle Continues Bank Heist Assault With Signed Malware (lien direct) |
The financially motivated threat group, also known as OPERA1ER, demonstrated an evolution in tactics in its compromise of three Francophone financial institutions in Africa, likely adding to its $11 million to-date haul. |
Malware
Threat
|
|
★★★
|
|
2023-01-04 15:46:00 |
BitRat Malware Gnaws at Victims With Bank Heist Data (lien direct) |
Attackers have compromised a Colombian financial institution and are using a bevy of leaked customer details in further malicious activity to spread an info-gathering remote access Trojan (RAT). |
Malware
|
|
★★★
|
|
2023-01-03 19:03:00 |
WordPress Sites Under Attack from Newly Found Linux Trojan (lien direct) |
Researchers who discovered the backdoor Linux malware say it may have been around for more than three years - and it targets 30+ plugin bugs. |
Malware
|
|
★★
|
|
2023-01-03 16:55:17 |
Raspberry Robin Worm Hatches a Highly Complex Upgrade (lien direct) |
The Evil Corp-linked malware family has undergone an evolution, becoming more obfuscated and "several times more complex," as the group behind it tests how far the worm can be spread. |
Malware
|
|
★★★
|
|
2022-12-21 15:03:30 |
Godfather Banking Trojan Masquerades as Legitimate Google Play App (lien direct) |
The malware has resurfaced, using an icon and name similar to the legitimate Google Play app MYT Music, a popular app with more than 10 million downloads. |
Malware
|
|
★★★
|
|
2022-12-19 21:28:00 |
Sophisticated DarkTortilla Malware Serves Imposter Cisco, Grammarly Pages (lien direct) |
Sites spoofing Grammarly and a Cisco webpage are spreading the DarkTortilla threat, which is filled with follow-on malware attacks. |
Malware
|
|
★★
|
|
2022-12-16 16:00:03 |
Chinese APT Group MirrorFace Interferes in Japanese Elections (lien direct) |
The MirrorFace group has deployed popular malware LodeInfo for spying and data theft against certain members of the Japanese House of Representatives. |
Malware
|
|
★★★
|
|
2022-12-16 14:00:00 |
Live From London: Next-Gen Cybersecurity Takes Stage at Black Hat Europe (lien direct) |
Check out our slideshow detailing the emerging cybersecurity trends in cloud, creating a defensible Internet, malware evolution, and more that lit up audiences in London. |
Malware
|
|
★★
|
|
2022-12-15 16:20:20 |
Blackmailing MoneyMonger Malware Hides in Flutter Mobile Apps (lien direct) |
Money-lending apps built using the Flutter software development kit hide a predatory spyware threat and highlight a growing trend of using personal data for blackmail. |
Malware
Threat
Prediction
|
|
★★★
|
|
2022-10-10 20:35:32 |
Emotet Rises Again With More Sophistication, Evasion (lien direct) |
An analysis of the malware and its infection strategies finds nearly 21,000 minor and 139 major variations on the malware - complexity that helps it dodge analysis. |
Malware
|
|
|
|
2022-10-06 15:15:20 |
Russia-Linked Cybercrime Group Hawks Combo of Malicious Services With LilithBot (lien direct) |
The malware-as-a-service group Eternity is selling a one-stop shop for various malware modules it's been distributing individually via a subscription model on Telegram. |
Malware
|
|
|
|
2022-10-05 13:01:39 |
RatMilad Spyware Scurries onto Enterprise Android Phones (lien direct) |
A novel mobile malware found lurking behind a phone-spoofing app is being distributed via Telegram and a dedicated website, in a broad operation to monitor corporate victims. |
Malware
|
|
|
|
2022-10-03 20:56:00 |
Bumblebee Malware Loader\'s Payloads Significantly Vary by Victim System (lien direct) |
On some systems the malware drops infostealers and banking Trojans; on others it installs sophisticated post-compromise tools, new analysis shows. |
Malware
|
|
★★
|
|
2022-09-28 20:59:09 |
Sophisticated Covert Cyberattack Campaign Targets Military Contractors (lien direct) |
Malware used in the STEEP#MAVERICK campaign features rarely seen obfuscation, anti-analysis, and evasion capabilities. |
Malware
|
|
|
|
2022-09-28 16:12:09 |
Chaos Malware Resurfaces With All-New DDoS & Cryptomining Modules (lien direct) |
The previously identified ransomware builder has veered in an entirely new direction, targeting consumers and business of all sizes by exploiting known CVEs through brute-forced and/or stolen SSH keys. |
Ransomware
Malware
|
|
|
|
2022-09-20 20:33:17 |
ChromeLoader Malware Evolves into Prevalent, More Dangerous Cyber Threat (lien direct) |
Microsoft and VMware are warning that the malware, which first surfaced as a browser-hijacking credential stealer, is now being used to drop ransomware, steal data, and crash systems at enterprises. |
Malware
Threat
|
|
|
|
2022-09-07 15:53:37 |
Next-Gen Linux Malware Takes Over Devices With Unique Tool Set (lien direct) |
The Shikitega malware takes over IoT and endpoint devices, exploits vulnerabilities, uses advanced encoding, abuses cloud services for C2, installs a cryptominer, and allows full remote control. |
Malware
Tool
|
|
|
|
2022-09-06 20:16:44 |
TeslaGun Primed to Blast a New Wave of Backdoor Cyberattacks (lien direct) |
What under-the-hood details of newly discovered attack control panel tells us about how the Evil Corp threat group manages its ServHelper backdoor malware campaigns. |
Malware
Threat
|
|
|
|
2022-09-02 16:52:51 |
Raspberry Robin Malware Connected to Russian Evil Corp Gang (lien direct) |
Infections attributed to the USB-based worm have taken off, and now evidence links the malware to Dridex and the sanctioned Russian cybercriminal group Evil Corp. |
Malware
|
|
|
|
2022-09-01 14:45:27 |
Apple Quietly Releases Another Patch for Zero-Day RCE Bug (lien direct) |
Apple continues a staged update process to address a WebKit vulnerability that allows attackers to craft malicious Web content to load malware on affected devices. |
Malware
Vulnerability
|
|
|
|
2022-08-31 18:00:00 |
James Webb Telescope Images Loaded With Malware Are Evading EDR (lien direct) |
New Golang cyberattacks use deep space images and a new obfuscator to target systems - undetected. |
Malware
|
|
|
|
2022-08-26 13:18:17 |
Endpoint Protection / Antivirus Products Tested for Malware Protection (lien direct) |
Six out of the eight products achieved an "A" rating or higher for blocking malware attacks. Reports are provided to the community for free. |
Malware
|
|
|
|
2022-08-24 19:29:23 |
Efficient \'MagicWeb\' Malware Subverts AD FS Authentication, Microsoft Warns (lien direct) |
The Russia-backed Nobelium APT has pioneered a post-exploitation tool allowing attackers to authenticate as any user. |
Malware
Tool
|
|
|
|
2022-08-24 13:46:20 |
CyberRatings.org Announces New Web Browser Test Results for 2022 (lien direct) |
Three of the world's leading browsers were measured for phishing and malware protection, with time to block and protection over time as key metrics in test scores. |
Malware
Guideline
|
|
|
|
2022-08-23 16:15:00 |
One-Third of Popular PyPI Packages Mistakenly Flagged as Malicious (lien direct) |
The scans used by the Python Package Index (PyPI) to find malware fail to catch 41% of bad packages, while creating plentiful false positives. |
Malware
|
|
|
|
2022-08-22 16:32:52 |
New \'BianLian\' Ransomware Variant on the Rise (lien direct) |
Novel ransomware was created with the Go open source programming language, demonstrating how malware authors increasingly are opting to employ the flexible coding language. |
Ransomware
Malware
|
|
|
|
2022-08-18 14:38:22 |
Summertime Blues: TA558 Ramps Up Attacks on Hospitality, Travel Sectors (lien direct) |
The cybercriminal crew has used 15 malware families to target travel and hospitality companies globally, constantly changing tactics over the course of its four-year history. |
Malware
|
|
|
|
2022-08-17 18:39:51 |
\'DarkTortilla\' Malware Wraps in Sophistication for High-Volume RAT Infections (lien direct) |
The stealthy crypter, active since 2015, has been used to deliver a wide range of information stealers and RATs at a rapid, widespread clip. |
Malware
|
|
|
|
2022-08-10 15:47:13 |
OPSWAT Presents New Malware Analysis Capabilities for Operational Technology at Black Hat USA 2022 (lien direct) |
Product enhancements to offer full IT and OT threat intelligence services for OPSWAT customers. |
Malware
Threat
|
|
|
|
2022-08-10 14:46:53 |
Deepfence ThreatMapper 1.4 Unveils Open Source Threat Graph to Visualize Cloud-Native Threat Landscape (lien direct) |
New release also includes enterprise-grade cloud security posture management (CSPM) and YARA-based malware scanning capabilities. |
Malware
Threat
|
|
|
|
2022-08-09 16:43:50 |
Russia-Ukraine Conflict Holds Cyberwar Lessons (lien direct) |
Initial attacks used damaging wiper malware and targeted infrastructure, but the most enduring impacts will likely be from disinformation, researchers say. At Black Hat USA, SentinelOne's Juan Andres Guerrero-Saade and Tom Hegel will discuss. |
Malware
|
|
|
|
2022-08-08 19:00:00 |
10 Malicious Code Packages Slither into PyPI Registry (lien direct) |
The discovery adds to the growing list of recent incidents where threat actors have used public code repositories to distribute malware in software supply chain attacks. |
Malware
Threat
|
|
|
|
2022-08-05 16:20:31 |
Fresh RapperBot Malware Variant Brute-Forces Its Way Into SSH Servers (lien direct) |
Over the past few weeks, a Mirai variant appears to have made a pivot from infecting new servers to maintaining remote access. |
Malware
|
|
★★★★
|
|
2022-08-04 13:26:14 |
Deep Instinct Pioneers Deep-Learning Malware Prevention to Protect Mission-Critical Business Applications at Scale (lien direct) |
Agentless approach meets the attacker earlier to protect financial services and other large enterprises from an underserved attack vector. |
Malware
|
|
|
|
2022-08-03 19:57:48 |
School Kid Uploads Ransomware Scripts to PyPI Repository as \'Fun\' Project (lien direct) |
The malware packages had names that were common typosquats of a legitimate widely used Python library. One was downloaded hundreds of times. |
Ransomware
Malware
|
|
|
|
2022-08-02 22:03:15 |
Large Language AI Models Have Real Security Benefits (lien direct) |
Complex neural networks, including GPT-3, can deliver useful cybersecurity capabilities such as explaining malware and quickly classifying websites, researchers find. |
Malware
|
|
★★★★
|
|
2022-08-02 16:00:00 |
VirusTotal: Threat Actors Mimic Legitimate Apps, Use Stolen Certs to Spread Malware (lien direct) |
Attackers are turning to stolen credentials and posing as trusted applications to socially engineer victims, according to Google study of malware submitted to VirusTotal. |
Malware
Threat
|
|
|
|
2022-08-02 14:50:20 |
BlackCloak Bolsters Malware Protection With QR Code Scanner and Malicious Calendar Detection Features (lien direct) |
In conjunction with Black Hat 2022, pioneer of digital executive protection also announces new security innovations and SOC 2 Type II certification. |
Malware
|
|
|
|
2022-07-29 16:55:15 |
Amazon Adds Malware Detection to GuardDuty TDR Service (lien direct) |
The new GuardDuty Malware Protection and Amazon Detective were among 10 products and services unveiled at AWS re:Inforce in Boston this week. |
Malware
|
|
|
|
2022-07-29 14:06:33 |
Malicious npm Packages Scarf Up Discord Tokens, Credit Card Info (lien direct) |
The campaign uses four malicious packages to spread "Volt Stealer" and "Lofy Stealer" malware in the open source npm software package repository. |
Malware
|
|
|
|
2022-07-28 09:00:00 |
In a Post-Macro World, Container Files Emerge as Malware-Delivery Replacement (lien direct) |
With Microsoft disabling Office macros by default, threat actors are increasingly using ISO, RAR, LNK, and similar files to deliver malware because they can get around Windows protections. |
Malware
Threat
|
|
|
|
2022-07-26 21:01:14 |
LockBit 3.0: Significantly Improved Ransomware Helps the Gang Stay on Top (lien direct) |
Just ahead of its headline-grabbing attack on the Italian tax agency, the infamous ransomware group debuted an improved version of the malware featuring parts from Egregor and BlackMatter. |
Ransomware
Malware
|
|
|
|
2022-07-25 19:47:15 |
Supercharged Version of Amadey Infostealer & Malware Dropper Bypasses AVs (lien direct) |
Several threat actors used Amadey Bot previously to steal information and distribute malware such as the GandCrab ransomware and the FlawedAmmy RAT. |
Ransomware
Malware
Threat
|
|
|
|
2022-07-22 16:43:09 |
Snowballing Ransomware Variants Highlight Growing Threat to VMware ESXi Environments (lien direct) |
Luna, Black Basta add to rapidly growing list of malware tools targeted at virtual machines deployed on VMware's bare-metal hypervisor technology. |
Ransomware
Malware
Threat
|
|
|
|
2022-07-21 20:25:24 |
Mysterious, Cloud-Enabled macOS Spyware Blows Onto the Scene (lien direct) |
The CloudMensis spyware, which can lift reams of sensitive information from Apple machines, is the first Mac malware observed to exclusively rely on cloud storage for C2 activities. |
Malware
|
|
|