What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-12-01 18:43:10 | Emotet now spreads via fake Adobe Windows App Installer packages (lien direct) | The notorious Emotet malware is now distributed through malicious Windows App Installer packages that pretend to be Adobe PDF software. [...] | Malware | ★★★ | |
|
2021-11-30 18:04:42 | Microsoft Defender scares admins with Emotet false positives (lien direct) | Microsoft Defender for Endpoint is currently blocking Office documents from being opened and some executables from launching due to a false positive tagging the files as potentially bundling an Emotet malware payload. [...] | Malware | ||
|
2021-11-30 15:06:34 | Finland warns of Flubot malware heavily targeting Android users (lien direct) | Finland's National Cyber Security Centre (NCSC-FI) has issued a "severe alert" to warn of a massive campaign targeting the country's Android users with Flubot banking malware pushed via text messages sent from compromised devices. [...] | Malware | ||
|
2021-11-30 11:07:09 | Android banking malware infects 300,000 Google Play users (lien direct) | Malware campaigns distributing Android trojans that steals online bank credentials have infected almost 300,000 devices through malicious apps pushed via Google's Play Store. [...] | Malware | ||
|
2021-11-30 06:56:06 | Yanluowang ransomware operation matures with experienced affiliates (lien direct) | An affiliate of the recently discovered Yanluowang ransomware operation is focusing its attacks on U.S. organizations in the financial sector using BazarLoader malware in the reconnaissance stage. [...] | Ransomware Malware | ||
|
2021-11-29 08:43:29 | APT37 targets journalists with Chinotto multi-platform malware (lien direct) | North Korean state hacking group APT37 targets South Korean journalists, defectors, and human rights activists in watering hole, spear-phishing emails, and smishing attacks delivering malware dubbed Chinotto capable of infecting Windows and Android devices. [...] | Malware Cloud | APT 37 | |
|
2021-11-26 13:02:16 | TrickBot phishing checks screen resolution to evade researchers (lien direct) | The TrickBot malware operators have been using a new method to check the screen resolution of a victim system to evade detection of security software and analysis by researchers. [...] | Malware | ||
|
2021-11-25 14:30:00 | How cybercriminals adjusted their scams for Black Friday 2021 (lien direct) | Black Friday is approaching, and while shoppers prepare to open their wallets, cybercriminals hone their malware droppers, phishing lures, and fake sites. [...] | Malware | ||
|
2021-11-25 10:45:38 | (Déjà vu) New Linux malware hides in cron jobs with invalid dates (lien direct) | Security researchers have discovered a new remote access trojan (RAT) for Linux that keeps an almost invisible profile by hiding in tasks scheduled for execution on a non-existent day, February 31st. [...] | Malware | ||
|
2021-11-25 10:45:38 | New CronRAT malware infects Linux systems using odd day cron jobs (lien direct) | Security researchers have discovered a new remote access trojan (RAT) for Linux that keeps an almost invisible profile by hiding in tasks scheduled for execution on a non-existent day, February 31st. [...] | Malware | ||
|
2021-11-25 09:26:52 | Discord malware campaign targets crypto and NFT communities (lien direct) | A new malware campaign on Discord uses the Babadeda crypter to hide malware that targets the crypto, NFT, and DeFi communities. [...] | Malware | ||
|
2021-11-24 11:08:18 | Stealthy new JavaScript malware infects Windows PCs with RATs (lien direct) | A new stealthy JavaScript malware loader named RATDispenser is being used to infect devices with a variety of remote access trojans (RATs) in phishing attacks. [...] | Malware | ||
|
2021-11-24 08:02:04 | Black Friday 2021 deal: 20% off Zero2Automated malware analysis courses (lien direct) | The popular Zero2Automated malware analysis and reverse-engineering course is having another Black Friday and Cyber Monday promotion this year, where you can get 20% off all courses on their site. [...] | Malware | ||
|
2021-11-23 16:09:03 | Malware now trying to exploit new Windows Installer zero-day (lien direct) | Malware creators have already started testing a proof-of-concept exploit targeting a new Microsoft Windows Installer zero-day publicly disclosed by security researcher Abdelhamid Naceri over the weekend. [...] | Malware | ||
|
2021-11-23 11:00:29 | Over nine million Android devices infected by info-stealing trojan (lien direct) | A large-scale malware campaign on Huawei's AppGallery has led to approximately 9,300,000 installs of Android trojans masquerading as over 190 different apps [...] | Malware | ||
|
2021-11-23 10:38:06 | Hackers target biomanufacturing with stealthy Tardigrade malware (lien direct) | An advanced hacking group is actively targeting biomanufacturing facilities with a new custom malware called 'Tardigrade.' [...] | Malware | ||
|
2021-11-23 10:38:06 | Tardigrade hackers target big pharma vaccine makers with stealthy malware (lien direct) | An advanced hacking group known as 'Tardigrade' is targeting biomanufacturing facilities and research centers working on vaccines and critical medicines. [...] | Malware | ||
|
2021-11-20 12:55:47 | Microsoft Exchange servers hacked in internal reply-chain attacks (lien direct) | Threat actors are hacking Microsoft Exchange servers using ProxyShell and ProxyLogon exploits to distribute malware and bypass detection using stolen internal reply-chain emails. [...] | Malware Threat | ||
|
2021-11-18 16:19:09 | Android malware BrazKing returns as a stealthier banking trojan (lien direct) | The BrazKing Android banking trojan has returned with dynamic banking overlays and a new implementation trick that enables it to operate without requesting risky permissions. [...] | Malware | ||
|
2021-11-18 09:47:45 | North Korean cyberspies target govt officials with custom malware (lien direct) | A state-sponsored North Korean threat actor tracked as TA406 was recently observed deploying custom info-stealing malware in espionage campaigns. [...] | Malware Threat | ||
|
2021-11-16 18:07:17 | Here are the new Emotet spam campaigns hitting mailboxes worldwide (lien direct) | The Emotet malware kicked into action yesterday after a ten-month hiatus with multiple spam campaigns delivering malicious documents to mailboxes worldwide. [...] | Spam Malware | ||
|
2021-11-15 15:04:23 | (Déjà vu) Emotet malware is back and rebuilding its botnet via TrickBot (lien direct) | The Emotet malware was considered the most widely spread malware in the past, using spam campaigns and malicious attachments to distribute the malware. [...] | Spam Malware | ||
|
2021-11-15 15:04:23 | The Emotet malware is back and rebuilding its botnet via TrickBot (lien direct) | The Emotet malware was considered the most widely spread malware in the past, using spam campaigns and malicious attachments to distribute the malware. [...] | Spam Malware | ||
|
2021-11-15 14:15:27 | Alibaba ECS instances actively hijacked by cryptomining malware (lien direct) | Threat actors are hijacking Alibaba Elastic Computing Service (ECS) instances to install cryptominer malware and harness the available server resources for their own profit. [...] | Malware | ||
|
2021-11-12 10:27:11 | Microsoft warns of surge in HTML smuggling phishing attacks (lien direct) | Microsoft has seen a surge in malware campaigns using HTML smuggling to distribute banking malware and remote access trojans (RAT). [...] | Malware | ||
|
2021-11-11 16:34:07 | Windows 10 App Installer abused in BazarLoader malware attacks (lien direct) | The TrickBot gang operators are now abusing the Windows 10 App Installer to deploy their BazarLoader malware on the systems of targets who fall victim to a highly targeted spam campaign. [...] | Spam Malware | ||
|
2021-11-11 15:41:09 | BotenaGo botnet targets millions of IoT devices with 33 exploits (lien direct) | A new BotenaGo malware botnet has been discovered using over thirty exploits to attack millions of routers and IoT devices. [...] | Malware | ||
|
2021-11-11 02:45:34 | Careful: \'Smart TV remote\' Android app on Google Play is malware (lien direct) | Two Android apps sitting on the Google Play store have been found to contain malware this week. These apps are called 'Smart TV remote' and 'Halloween Coloring'. [...] | Malware | ||
|
2021-11-10 08:56:28 | New Android malware targets Netflix, Instagram, and Twitter users (lien direct) | A new Android malware known as MasterFred uses fake login overlays to steal the credit card information of Netflix, Instagram, and Twitter users. [...] | Malware | ||
|
2021-11-09 12:33:16 | Iranian state hackers use upgraded malware in attacks on ISPs, telcos (lien direct) | The Iranian state-supported APT known as 'Lyceum' (Hexane, Spilrin) targeted ISPs and telecommunication service providers in the Middle East and Africa between July and October 2021. [...] | Malware | ||
|
2021-11-03 12:29:07 | Stealthier version of Mekotio banking trojan spotted in the wild (lien direct) | A new version of a banking trojan known as Mekotio is being deployed in the wild, with malware analysts reporting that it's using a new, stealthier infection flow. [...] | Malware | ||
|
2021-10-29 12:20:10 | Snake malware biting hard on 50 apps for only $25 (lien direct) | Cybercriminals are flooding to use the Snake password-stealing trojan, making it one of the popular malware families used in attacks. [...] | Malware | ||
|
2021-10-29 12:08:44 | Hive ransomware now encrypts Linux and FreeBSD systems (lien direct) | The Hive ransomware gang now also encrypts Linux and FreeBSD using new malware variants specifically developed to target these platforms. [...] | Ransomware Malware | ||
|
2021-10-28 21:17:36 | TrickBot malware dev extradited to U.S. faces 60 years in prison (lien direct) | A Russian national believed to be a member of the TrickBot malware development team has been extradited to the U.S. and is currently facing charges that could get him 60 years in prison. [...] | Malware | ||
|
2021-10-28 09:15:44 | New AbstractEmu malware roots Android devices, evades detection (lien direct) | New Android malware can root infected devices to take complete control and silently tweak system settings, as well as evade detection using code abstraction and anti-emulation checks. [...] | Malware | ||
|
2021-10-26 15:45:30 | Spammers use Squirrelwaffle malware to drop Cobalt Strike (lien direct) | A new malware threat named Squirrelwaffle has emerged in the wild, supporting actors with an initial foothold and a way to drop malware onto compromised systems and networks. [...] | Malware Threat | ||
|
2021-10-22 11:14:08 | Microsoft: WizardUpdate Mac malware adds new evasion tactics (lien direct) | Microsoft says it found new variants of macOS malware known as WizardUpdate (also tracked as UpdateAgent or Vigram), updated to use new evasion and persistence tactics. [...] | Malware | ||
|
2021-10-21 17:10:53 | Massive campaign uses YouTube to push password-stealing malware (lien direct) | Widespread malware campaigns are creating YouTube videos to distribute password-stealing trojans to unsuspecting viewers. [...] | Malware | ||
|
2021-10-21 10:22:50 | RAT malware spreading in Korea through webhards and torrents (lien direct) | An ongoing malware distribution campaign targeting South Korea is disguising RATs (remote access trojans) as an adult game shared via webhards and torrents. [...] | Malware | ||
|
2021-10-20 11:49:39 | Google: YouTubers\' accounts hijacked with cookie-stealing malware (lien direct) | Google says YouTube creators have been targeted with password-stealing malware in phishing attacks coordinated by financially motivated threat actors since at least late 2019. [...] | Malware | Uber | |
|
2021-10-18 13:28:10 | State-backed hackers breach telcos with custom malware (lien direct) | A previously unknown state-sponsored actor is deploying a novel toolset in attacks targeting telecommunication providers and IT firms in South Asia. [...] | Malware | ||
|
2021-10-12 04:13:49 | Photo editor Android app STILL sitting on Google Play store is malware (lien direct) | An Android app sitting on the Google Play store touts itself to be a photo editor app. But, it contains code that steals the user's Facebook credentials to potentially run ad campaigns on the user's behalf, with their payment information. The app has scored over 5K installs, with similar spyware apps having 500K+ installs. [...] | Malware | ||
|
2021-10-11 10:44:41 | Huawei Cloud targeted by updated cryptomining malware (lien direct) | A new version of a 2020 crypto-mining malware that was previously targeting Docker containers has now been spotted focusing on new cloud service providers like the Huawei Cloud. [...] | Malware | ||
|
2021-10-10 13:16:30 | FontOnLake malware infects Linux systems via trojanized utilities (lien direct) | A newly discovered malware family has been infecting Linux systems concealed in legitimate binaries. Dubbed FontOnLake, the threat delivers backdoor and rootkit components. [...] | Malware Threat | ||
|
2021-10-07 13:53:05 | FIN12 hits healthcare with quick and focused ransomware attacks (lien direct) | While most ransomware actors spend time on the victim network looking for important data to steal, one group favors quick malware deployment against sensitive, high-value targets. [...] | Ransomware Malware | ||
|
2021-10-06 15:42:54 | Hackers use stealthy ShellClient malware on aerospace, telco firms (lien direct) | Threat researchers investigating malware used to target companies in the aerospace and telecommunications sectors discovered a new threat actor that has been running cyber espionage campaigns since at least 2018. [...] | Malware Threat | ||
|
2021-10-01 09:19:20 | Flubot Android malware now spreads via fake security updates (lien direct) | The Flubot malware has switched to a new and likely more effective lure to compromise Android devices, now trying to trick its victims into infecting themselves with the help of fake security updates warning them of Flubot infections. [...] | Malware | ||
|
2021-10-01 08:18:18 | Hydra malware targets customers of Germany\'s second largest bank (lien direct) | The Hydra banking trojan is back to targeting European e-banking platform users, and more specifically, customers of Commerzbank, Germany's second-largest financial institution. [...] | Malware | ||
|
2021-09-29 10:45:18 | New Android malware steals millions after infecting 10M phones (lien direct) | A large-scale malware campaign has infected more than 10 million Android devices from over 70 countries and likely stole hundreds of millions from its victims by subscribing to paid services without their knowledge. [...] | Malware | ||
|
2021-09-28 13:46:26 | FinFisher malware hijacks Windows Boot Manager with UEFI bootkit (lien direct) | Commercially developed FinFisher malware now can infect Windows devices using a UEFI bootkit that it injects in the Windows Boot Manager. [...] | Malware |
To see everything:
Our RSS (filtrered)
