What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-10-01 05:50:03 | GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers (lien direct) | Chinese cybersecurity researchers have uncovered a widespread, ongoing malware campaign that has already hijacked over 100,000 home routers and modified their DNS settings to redirect users to malicious web pages-especially if they visit banking sites-and steal their login credentials.
Dubbed GhostDNS, the campaign has many similarities with the infamous DNSChanger malware that works by changing
|
Malware | ★★★★ | |
|
2018-09-27 10:40:03 | Cybersecurity Researchers Spotted First-Ever UEFI Rootkit in the Wild (lien direct) | Cybersecurity researchers at ESET have unveiled what they claim to be the first-ever UEFI rootkit being used in the wild, allowing hackers to implant persistent malware on the targeted computers that could survive a complete hard-drive wipe.
Dubbed LoJax, the UEFI rootkit is part of a malware campaign conducted by the infamous Sednit group, also known as APT28, Fancy Bear, Strontium, and
|
Malware | APT 28 | ★★★★★ |
|
2018-09-27 03:30:00 | VPNFilter Router Malware Adds 7 New Network Exploitation Modules (lien direct) | Security researchers have discovered even more dangerous capabilities in VPNFilter-the highly sophisticated multi-stage malware that infected 500,000 routers worldwide in May this year, making it much more widespread and sophisticated than earlier.
Attributed to Russia's APT 28, also known as 'Fancy Bear,' VPNFilter is a malware platform designed to infect routers and network-attached storage
|
Malware | VPNFilter APT 28 | ★★★★★ |
|
2018-09-19 08:32:05 | New Malware Combines Ransomware, Coin Mining and Botnet Features in One (lien direct) | Windows and Linux users need to beware, as an all-in-one, destructive malware strain has been discovered in the wild that features multiple malware capabilities including ransomware, cryptocurrency miner, botnet, and self-propagating worm targeting Linux and Windows systems.
Dubbed XBash, the new malware, believed to be tied to the Iron Group, a.k.a. Rocke-the Chinese speaking APT threat
|
Malware | ||
|
2018-09-07 12:04:03 | No.1 Adware Removal Tool On Apple App Store Caught Spying On Mac Users (lien direct) | A highly popular top-tier app in Apple's Mac App Store that's designed to protect its users from adware and malware threats has been, ironically, found surreptitiously stealing their browsing history without their consent, and sending it to a server in China.
What's more concerning? Even after Apple was warned a month ago, the company did not take any action against the app.
The app in
|
Malware Tool | ||
|
2018-09-04 02:53:01 | Thousands of MikroTik Routers Hacked to Eavesdrop On Network Traffic (lien direct) | Last month we reported about a widespread crypto-mining malware campaign that hijacked over 200,000 MikroTik routers using a previously disclosed vulnerability revealed in the CIA Vault 7 leaks.
Now Chinese security researchers at Qihoo 360 Netlab have discovered that out of 370,000 potentially vulnerable MikroTik routers, more than 7,500 devices have been compromised to enable Socks4 proxy
|
Malware Vulnerability | ||
|
2018-08-27 00:17:04 | Critical Flaw in Fortnite Android App Lets Hackers Install Malware (lien direct) | Security researchers from Google have publicly disclosed an extremely serious security flaw in the first Fortnite installer for Android that could allow other apps installed on the targeted devices to manipulate installation process and load malware, instead of the Fortnite APK.
Earlier this month, Epic Games announced not to make its insanely popular game 'Fortnite for Android' available
|
Malware | ||
|
2018-08-23 02:43:03 | New Android Malware Framework Turns Apps Into Powerful Spyware (lien direct) | Security researchers have uncovered a new, powerful Android malware framework that is being used by cybercriminals to turn legitimate apps into spyware with extensive surveillance capabilities-as part of what seems to be a targeted espionage campaign.
Legitimate Android applications when bundled with the malware framework, dubbed Triout, gain capabilities to spy on infected devices by recording
|
Malware | ||
|
2018-08-21 08:37:04 | Dark Tequila Banking Malware Uncovered After 5 Years of Activity (lien direct) | Security researchers at Kaspersky Labs have uncovered a new, complex malware campaign that has been targeting customers of several Mexican banking institutions since at least 2013.
Dubbed Dark Tequila, the campaign delivers an advanced keylogger malware that managed to stay under the radar for five years due to its highly targeted nature and a few evasion techniques.
Dark Tequila has
|
Malware | ||
|
2018-08-15 02:28:00 | Former Microsoft Engineer Gets Prison for Role in Reveton Ransomware (lien direct) | A former Microsoft network engineer who was charged in April this year has now been sentenced to 18 months in prison after pleading guilty to money laundering in connection with the Reveton ransomware.
Reveton malware is old ransomware, also known as scareware or police ransomware that instead of encrypting files locks the screen of victims' computers and displays a message purporting to come
|
Ransomware Malware Guideline | ||
|
2018-08-09 07:20:03 | Researchers Developed Artificial Intelligence-Powered Stealthy Malware (lien direct) | Artificial Intelligence (AI) has been seen as a potential solution for automatically detecting and combating malware, and stop cyber attacks before they affect any organization.
However, the same technology can also be weaponized by threat actors to power a new generation of malware that can evade even the best cyber-security defenses and infects a computer network or launch an attack only
|
Malware Threat | ||
|
2018-08-07 02:03:00 | TSMC Chip Maker Blames WannaCry Malware for Production Halt (lien direct) | Taiwan Semiconductor Manufacturing Company (TSMC)-the world's largest makers of semiconductors and processors-was forced to shut down several of its chip-fabrication factories over the weekend after being hit by a computer virus.
Now, it turns out that the computer virus outbreak at Taiwan chipmaker was the result of a variant of WannaCry-a massive ransomware attack that wreaked havoc across
|
Ransomware Malware | Wannacry | |
|
2018-08-03 02:16:01 | Hackers Infect Over 200,000 MikroTik Routers With Crypto Mining Malware (lien direct) | Security researchers have discovered at least three massive malware campaigns exploiting hundreds of thousands of unpatched MikroTik routers to secretly install cryptocurrency miners on computers connected to them.
In all, the malware campaigns have compromised more than 210,000 routers from Latvian network hardware provider Mikrotik across the world, with the number still increasing as of
|
Malware | ||
|
2018-08-01 03:32:01 | NSO Spyware Targets Saudi Human Rights Activists and Researchers (lien direct) | Amnesty International, one of the most prominent non-profit human rights organizations in the world, claims one of its staff members has been targeted by a sophisticated surveillance tool made by Israel's NSO Group.
The NSO Group is an Israeli firm that's mostly known for selling high-tech spyware and surveillance malware capable of remotely cracking into Apple's iPhones and Google's Android
|
Malware Tool | ||
|
2018-07-31 09:19:04 | SamSam Ransomware Attacks Extorted Nearly $6 Million (lien direct) | Ransomware has become a multimillion-dollar black market business for cybercriminals, and SamSam being a great example.
New research revealed that the SamSam ransomware had extorted nearly $6 million from its victims since December 2015, when the cyber gang behind the ransomware started distributing the malware in the wild.
Researchers at Sophos have tracked Bitcoin addresses owned by the
|
Ransomware Malware | ||
|
2018-07-25 04:54:05 | iPhone Hacking Campaign Using MDM Software Is Broader Than Previously Known (lien direct) | India-linked highly targeted mobile malware campaign, first unveiled two weeks ago, has been found to be part of a broader campaign targeting multiple platforms, including windows devices and possibly Android as well.
As reported in our previous article, earlier this month researchers at Talos threat intelligence unit discovered a group of Indian hackers abusing mobile device management (MDM)
|
Malware Threat | ||
|
2018-07-13 04:01:05 | Hackers Used Malicious MDM Solution to Spy On \'Highly Targeted\' iPhone Users (lien direct) | Security researchers have uncovered a "highly targeted" mobile malware campaign that has been operating since August 2015 and found spying on 13 selected iPhones in India.
The attackers, who are also believed to be operating from India, were found abusing mobile device management (MDM) protocol-a type of security software used by large enterprises to control and enforce policies on devices
|
Malware | ||
|
2018-07-09 07:57:01 | Stolen D-Link Certificate Used to Digitally Sign Spying Malware (lien direct) | Digitally signed malware has become much more common in recent years to mask malicious intentions.
Security researchers have discovered a new malware campaign misusing stolen valid digital certificates from Taiwanese tech-companies, including D-Link, to sign their malware and making them look like legitimate applications.
As you may know, digital certificates issued by a trusted certificate
|
Malware | ||
|
2018-07-06 06:08:01 | Most LokiBot samples in the wild are "hijacked" versions of the original malware (lien direct) | Hacker himself got hacked.
It turns out that most samples of the LokiBot malware being distributed in the wild are modified versions of the original sample, a security researcher has learned.
Targeting users since 2015, LokiBot is a password and cryptocoin-wallet stealer that can harvest credentials from a variety of popular web browsers, FTP, poker and email clients, as well as IT
|
Malware | ||
|
2018-07-05 12:29:04 | Ex-NSO Employee Caught Selling Stolen Phone Hacking Tool For $50 Million (lien direct) | A former employee of one of the world's most powerful hacking companies NSO Group has been arrested and charged with stealing phone hacking tools from the company and trying to sell it for $50 million on the Darknet secretly.
Israeli hacking firm NSO Group is mostly known for selling high-tech malware capable of remotely cracking into Apple's iPhones and Google's Android devices to
|
Malware Tool | ||
|
2018-07-05 07:59:01 | New Virus Decides If Your Computer Good for Mining or Ransomware (lien direct) | Security researchers have discovered an interesting piece of malware that infects systems with either a cryptocurrency miner or ransomware, depending upon their configurations to decide which of the two schemes could be more profitable.
While ransomware is a type of malware that locks your computer and prevents you from accessing the encrypted data until you pay a ransom to get the decryption
|
Ransomware Malware | ||
|
2018-07-04 03:11:05 | Beware! Fortnite Cheat Hijacks Gamers\' PCs to Intercept HTTPS Traffic (lien direct) | If you are looking for Fortnite v-bucks generator, aimbot or any other game cheats-then beware-you might end up installing malware on your PC!
Web-based game-streaming platform Rainway is reporting that tens of thousands of Fortnite players have inadvertently infected their systems with a piece of malware that hijacks their encrypted HTTPS web sessions to inject fraudulent ads into every
|
Malware | ||
|
2018-06-29 01:55:05 | Github Account of Gentoo Linux Hacked, Code Replaced With Malware (lien direct) | Downloaded anything from Gentoo's GitHub account yesterday?
Consider those files compromised and dump them now-as an unknown group of hackers or an individual managed to gain access to the GitHub account of the Gentoo Linux distribution on Thursday and replaced the original source code with a malicious one.
Gentoo is a free open source Linux or FreeBSD-based distribution built using the
|
Malware | ||
|
2018-06-26 08:42:04 | New Malware Family Uses Custom UDP Protocol for C&C Communications (lien direct) | Security researchers have uncovered a new highly-targeted cyber espionage campaign, which is believed to be associated with a hacking group behind KHRAT backdoor Trojan and has been targeting organizations in South East Asia.
According to researchers from Palo Alto, the hacking group, which they dubbed RANCOR, has been found using two new malware families-PLAINTEE and DDKONG-to target
|
Malware | ||
|
2018-06-26 04:53:02 | Python-Based Adware Evolves to Install Malicious Browser Extensions (lien direct) | Security researchers have been warning of a few newly detected variants of python-based adware that are being distributed in the wild not only to inject ads but also found installing malicious browser extensions and hidden cryptocurrency miner into victims' computers.
Dubbed PBot, or PythonBot, the adware was first uncovered more than a year ago, but since then the malware has evolved, as its
|
Malware |
To see everything:
Our RSS (filtrered)
