What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-01-25 13:26:47 | New DazzleSpy malware targets macOS users in watering hole attack (lien direct) | A new watering hole attack has been discovered targeting macOS users and visitors of a pro-democracy radio station website in Hong Kong and infecting them with the DazzleSpy malware [...] | Malware | ||
|
2022-01-25 11:31:34 | Google Drive now warns you of suspicious phishing, malware docs (lien direct) | Google is rolling out new warning banners in Google Drive to alert users of potentially suspicious files that threat actors could use for malware delivery and in phishing attacks. [...] | Malware Threat | ||
|
2022-01-24 12:55:28 | Android malware BRATA wipes your device after stealing data (lien direct) | The Android malware known as BRATA has added new and dangerous features to its latest version, including GPS tracking, the capacity to use multiple communication channels, and a function that performs a factory reset on the device to wipe all traces of malicious activity. [...] | Malware | ||
|
2022-01-21 12:54:28 | Phishing impersonates shipping giant Maersk to push STRRAT malware (lien direct) | A new phishing campaign using fake shipping delivery lures installs the STRRAT remote access trojan on unsuspecting victim's devices. [...] | Malware | ★★★★★ | |
|
2022-01-21 10:56:21 | Microsoft disables Excel 4.0 macros by default to block malware (lien direct) | Microsoft has announced that Excel 4.0 (XLM) macros will now be disabled by default to protect customers from malicious documents. [...] | Malware | ||
|
2022-01-20 13:37:25 | FBI links Diavol ransomware to the TrickBot cybercrime group (lien direct) | The FBI has formally linked the Diavol ransomware operation to the TrickBot Group, the malware developers behind the notorious TrickBot banking trojan. [...] | Ransomware Malware | ||
|
2022-01-20 07:55:29 | New MoonBounce UEFI malware used by APT41 in targeted attacks (lien direct) | Security analysts have discovered and linked MoonBounce, "the most advanced" UEFI firmware implant found so far in the wild, to the Chinese-speaking APT41 hacker group (also known as Winnti). [...] | Malware Guideline | APT 41 | |
|
2022-01-19 10:15:45 | New BHUNT malware targets your crypto wallets and passwords (lien direct) | A novel modular crypto-wallet stealing malware dubbed 'BHUNT' has been spotted targeting cryptocurrency wallet contents, passwords, and security phrases. [...] | Malware | ||
|
2022-01-18 06:55:34 | Europol shuts down VPN service used by ransomware groups (lien direct) | Law enforcement authorities from 10 countries took down VPNLab.net, a VPN service provider used by ransomware operators and malware actors. [...] | Ransomware Malware | ||
|
2022-01-16 13:32:35 | Microsoft: Fake ransomware targets Ukraine in data-wiping attacks (lien direct) | Microsoft is warning of destructive data-wiping malware disguised as ransomware being used in attacks against multiple organizations in Ukraine. [...] | Ransomware Malware | ||
|
2022-01-15 10:12:24 | Linux malware sees 35% growth during 2021 (lien direct) | The number of malware infections on Linux-based IoT (internet of things) devices rose by 35% in 2021 compared to the previous year's numbers. The principal goal was recruiting devices to be part of DDoS (distributed denial of service) attacks. [...] | Malware | ||
|
2022-01-13 13:08:36 | Microsoft Defender weakness lets hackers bypass malware detection (lien direct) | Threat actors can take advantage of a weakness that affects Microsoft Defender antivirus on Windows to learn locations excluded from scanning and plant malware there. [...] | Malware Threat | ||
|
2022-01-12 12:53:27 | Magniber ransomware using signed APPX files to infect systems (lien direct) | The Magniber ransomware has been spotted using Windows application package files (.APPX) signed with valid certificates to drop malware pretending to be Chrome and Edge web browser updates. [...] | Ransomware Malware | ||
|
2022-01-11 12:39:53 | New RedLine malware version spread as fake Omicron stat counter (lien direct) | A new variant of the RedLine info-stealer is distributed via emails using a fake COVID-19 Omicron stat counter app as a lure. [...] | Malware | ||
|
2022-01-11 10:04:33 | (Déjà vu) New SysJoker backdoor targets Windows, macOS, and Linux (lien direct) | A new multi-platform backdoor malware named 'SysJoker' has emerged in the wild, targeting Windows, Linux, and macOS with the ability to evade detection on all three operating systems. [...] | Malware | ||
|
2022-01-11 10:04:33 | New SysJocker backdoor targets Windows, macOS, and Linux (lien direct) | A new multi-platform backdoor malware named 'SysJocker' has emerged in the wild, targeting Windows, Linux, and macOS with the ability to evade detection on all three operating systems. [...] | Malware | ||
|
2022-01-10 16:09:01 | Linux version of AvosLocker ransomware targets VMware ESXi servers (lien direct) | AvosLocker is the latest ransomware gang that has added support for encrypting Linux systems to its recent malware variants, specifically targeting VMware ESXi virtual machines. [...] | Ransomware Malware | ||
|
2022-01-10 13:43:47 | Oops: Cyberspies infect themselves with their own malware (lien direct) | After infecting themselves with their own custom remote access trojan (RAT), an Indian-linked cyber-espionage group has accidentally exposed its operations to security researchers. [...] | Malware | ||
|
2022-01-08 14:35:42 | Trojanized dnSpy app drops malware cocktail on researchers, devs (lien direct) | Hackers targeted cybersecurity researchers and developers this week in a sophisticated malware campaign distributing a malicious version of the dnSpy .NET application to install cryptocurrency stealers, remote access trojans, and miners. [...] | Malware | ||
|
2022-01-07 12:37:12 | FluBot malware now targets Europe posing as Flash Player app (lien direct) | The widely distributed FluBot malware continues to evolve, with new campaigns distributing the malware as Flash Player and the developers adding new features. [...] | Malware | ||
|
2022-01-05 09:54:34 | iOS malware can fake iPhone shut downs to snoop on camera, microphone (lien direct) | Researchers have developed a new technique that fakes a shutdown or reboot of iPhones, preventing malware from being removed and allowing hackers to secretly snoop on microphones and receive sensitive data via a live network connection. [...] | Malware | ||
|
2022-01-05 06:00:00 | Microsoft code-sign check bypassed to drop Zloader malware (lien direct) | A new Zloader campaign exploits Microsoft's e-signature code verification to steal user credentials from over two thousand victims in 111 countries. [...] | Malware | ||
|
2022-01-03 15:45:11 | Purple Fox malware distributed via malicious Telegram installers (lien direct) | A laced Telegram for desktop installer was spotted distributing the Purple Fox malware while disabling the UAC on the infected systems. [...] | Malware | ||
|
2021-12-30 15:17:31 | Have I Been Pwned adds 441K accounts stolen by RedLine malware (lien direct) | The Have I Been Pwned data breach notification service now lets you check if your email and password are one of 441,000 accounts stolen in an information-stealing campaign using RedLine malware. [...] | Data Breach Malware | ||
|
2021-12-30 09:55:50 | (Déjà vu) Firmware attack can drop persistent malware in hidden SSD area (lien direct) | Korean researchers have developed a set of attacks against some solid-state drives (SSDs) that could allow planting malware in a location that's beyond the reach of the user and security solutions. [...] | Malware | ||
|
2021-12-30 09:55:50 | Hiding malware inside the flex capacity space on modern SSDs (lien direct) | Korean researchers have developed a set of attacks against some solid-state drives (SSDs) that could allow planting malware in a location that's beyond the reach of the user and security solutions. [...] | Malware | ||
|
2021-12-28 14:23:39 | New Flagpro malware linked to Chinese state-backed hackers (lien direct) | The cyber-espionage APT (advanced persistent threat) group tracked as 'BlackTech' was spotted using a novel malware called 'Flagpro' in attacks against Japanese firms. [...] | Malware | ||
|
2021-12-28 13:07:19 | RedLine malware shows why passwords shouldn\'t be saved in browsers (lien direct) | The RedLine information-stealing malware targets popular web browsers such as Chrome, Edge, and Opera, demonstrating why storing your passwords in browsers is a bad idea. [...] | Malware | ||
|
2021-12-24 08:11:22 | Dridex Omicron phishing taunts with funeral helpline number (lien direct) | A malware distributor for the Dridex banking malware has been toying with victims and researchers over the last few weeks. The latest example is a phishing campaign that taunts victims with a COVID-19 funeral assistance helpline number. [...] | Malware | ||
|
2021-12-23 17:33:01 | Stealthy BLISTER malware slips in unnoticed on Windows systems (lien direct) | Security researchers have uncovered a malicious campaign that relies on a valid code-signing certificate to disguise malicious code as legitimate executables. [...] | Malware | ★★★★ | |
|
2021-12-22 12:15:38 | Dridex malware trolls employees with fake job termination emails (lien direct) | A new Dridex malware phishing campaign is using fake employee termination emails as a lure to open a malicious Excel document, which then trolls the victim with a season's greeting message. [...] | Malware | ||
|
2021-12-20 11:33:11 | Log4j vulnerability now used to install Dridex banking malware (lien direct) | Threat actors now exploit the critical Apache Log4j vulnerability named Log4Shell to infect vulnerable devices with the notorious Dridex banking trojan or Meterpreter. [...] | Malware Vulnerability Threat | ||
|
2021-12-19 11:02:01 | New stealthy DarkWatchman malware hides in the Windows Registry (lien direct) | A new malware named 'DarkWatchman' has emerged in the cybercrime underground, and it's a lightweight and highly-capable JavaScript RAT (Remote Access Trojan) paired with a C# keylogger. [...] | Malware | ||
|
2021-12-16 06:00:00 | Phorpiex botnet returns with new tricks making it harder to disrupt (lien direct) | The previously shutdown Phorpiex botnet has re-emerged with new peer-to-peer command and control infrastructure, making the malware more difficult to disrupt. [...] | Malware | ||
|
2021-12-15 16:59:27 | Emotet starts dropping Cobalt Strike again for faster attacks (lien direct) | Right in time for the holidays, the notorious Emotet malware is once again directly installing Cobalt Strike beacons for rapid cyberattacks. [...] | Malware | ||
|
2021-12-14 14:09:44 | Microsoft fixes Windows AppX Installer zero-day used by Emotet (lien direct) | Microsoft has patched a high severity Windows zero-day vulnerability exploited in the wild to deliver Emotet malware payloads. [...] | Malware Vulnerability | ||
|
2021-12-14 13:41:43 | (Déjà vu) Microsoft December 2021 Patch Tuesday fixes 6 zero-days, 67 flaws (lien direct) | Today is Microsoft's December 2021 Patch Tuesday, and with it comes fixes for six zero-day vulnerabilities and a total of 67 flaws. These updates include a fix for an actively exploited Windows Installer vulnerability used in malware distribution campaigns. [...] | Malware Vulnerability | ||
|
2021-12-14 11:25:04 | Anubis Android malware returns to target 394 financial apps (lien direct) | The Anubis Android banking malware is now targeting the customers of nearly 400 financial institutions in a new malware campaign. [...] | Malware | ||
|
2021-12-13 16:22:11 | (Déjà vu) TinyNuke info-stealing malware is again attacking French users (lien direct) | The info-stealing malware TinyNuke has re-emerged in a new campaign targeting French users with invoice-themed lures in emails sent to corporate addresses and individuals working in manufacturing, technology, construction, and business services. [...] | Malware | ||
|
2021-12-13 15:49:11 | Phishing campaign uses PowerPoint macros to drop Agent Tesla (lien direct) | A new variant of the Agent Tesla malware has been spotted in an ongoing phishing campaign that relies on Microsoft PowerPoint documents laced with malicious macro code. [...] | Malware | ||
|
2021-12-12 18:07:20 | Hackers start pushing malware in worldwide Log4Shell attacks (lien direct) | Threat actors and researchers are scanning for and exploiting the Log4j Log4Shell vulnerability to deploy malware or find vulnerable servers. In this article we compiled the known payloads, scans, and attacks using the Log4j vulnerability. [...] | Malware Vulnerability Threat | ||
|
2021-12-11 11:12:06 | Microsoft: These are the building blocks of QBot malware attacks (lien direct) | As QBot campaigns increase in size and frequency, researchers are looking into ways to break the trojan's distribution chain and tackle the threat. [...] | Malware | ||
|
2021-12-09 12:34:17 | Malicious Notepad++ installers push StrongPity malware (lien direct) | The sophisticated hacking group known as StrongPity is circulating laced Notepad++ installers that infect targets with malware. [...] | Malware | ||
|
2021-12-09 06:00:00 | Hundreds of thousands of MikroTik devices still vulnerable to botnets (lien direct) | Approximately 300,000 MikroTik routers are vulnerable to critical vulnerabilities that malware botnets can exploit for cryptomining and DDoS attacks. [...] | Malware | ||
|
2021-12-07 18:21:46 | Emotet now drops Cobalt Strike, fast forwards ransomware attacks (lien direct) | In a concerning development, the notorious Emotet malware now installs Cobalt Strike beacons directly, giving immediate network access to threat actors and making ransomware attacks imminent. [...] | Ransomware Malware Threat | ||
|
2021-12-06 10:00:00 | Russian hacking group uses new stealthy Ceeloader malware (lien direct) | The Nobelium hacking group continues to breach government and enterprise networks worldwide by targeting their cloud and managed service providers and using a new custom "Ceeloader" malware. [...] | Malware | ||
|
2021-12-05 13:45:16 | Malicious Excel XLL add-ins push RedLine password-stealing malware (lien direct) | Cybercriminals are spamming website contact forms and discussion forums to distribute Excel XLL files that download and install the RedLine password and information-stealing malware. [...] | Malware | ||
|
2021-12-04 12:06:12 | Malicious KMSPico installers steal your cryptocurrency wallets (lien direct) | Threat actors are distributing altered KMSpico installers to infect Windows devices with malware that steals cryptocurrency wallets. [...] | Malware Threat | ||
|
2021-12-03 12:40:10 | Fake support agents call victims to install Android banking malware (lien direct) | The BRATA Android remote access trojan (RAT) has been spotted in Italy, with threat actors calling victims of SMS attacks to steal their online banking credentials. [...] | Malware Threat | ||
|
2021-12-02 05:12:19 | New malware hides as legit nginx process on e-commerce servers (lien direct) | eCommerce servers are being targeted with remote access malware that hides on Nginx servers in a way that makes it virtually invisible to security solutions. [...] | Malware |
To see everything:
Our RSS (filtrered)
