What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-01-21 11:15:30 | (Déjà vu) Hackers now use Microsoft OneNote attachments to spread malware (lien direct) | Threat actors now use OneNote attachments in phishing emails that infect victims with remote access malware which can be used to install further malware, steal passwords, or even cryptocurrency wallets. [...] | Malware Threat | ★★★★★ | |
|
2023-01-21 11:15:30 | Beware: Hackers now use OneNote attachments to spread malware (lien direct) | Threat actors now use OneNote attachments in phishing emails that infect victims with remote access malware which can be used to install further malware, steal passwords, or even cryptocurrency wallets. [...] | Malware Threat | ★ | |
|
2023-01-20 11:02:16 | New Boldmove Linux malware used to backdoor Fortinet devices (lien direct) | Suspected Chinese hackers exploited a recently disclosed FortiOS SSL-VPN vulnerability as a zero-day in December, targeting a European government and an African MSP with a new custom 'BOLDMOVE' Linux and Windows malware. [...] | Malware Vulnerability | ★★★ | |
|
2023-01-19 18:30:22 | New \'Hook\' Android malware lets hackers remotely control your phone (lien direct) | A new Android malware named 'Hook' is being sold by cybercriminals, boasting it can remotely take over mobile devices in real-time using VNC (virtual network computing). [...] | Malware | ★★★ | |
|
2023-01-19 12:55:02 | Roaming Mantis\' Android malware adds DNS changer to hack WiFi routers (lien direct) | Starting in September 2022, the 'Roaming Mantis' credential theft and malware distribution campaign was observed using a new version of the Wroba.o/XLoader Android malware that incorporates a function for detecting specific WiFi routers and changing their DNS. [...] | Malware Hack | ★★ | |
|
2023-01-18 14:57:51 | Ukraine links data-wiping attack on news agency to Russian hackers (lien direct) | The Computer Emergency Response Team of Ukraine (CERT-UA) has linked a destructive malware attack targeting the country's National News Agency of Ukraine (Ukrinform) to Sandworm Russian military hackers. [...] | Malware | ★★★ | |
|
2023-01-17 18:09:38 | (Déjà vu) Hackers push malware via Google search ads for VLC, 7-Zip, CCleaner (lien direct) | Hackers are setting up fake websites for popular free and open-source software to promote malicious downloads through advertisements in Google search results. [...] | Malware | CCleaner CCleaner | ★ |
|
2023-01-17 18:09:38 | Hackers turn to Google search ads to push info-stealing malware (lien direct) | Hackers are setting up fake websites for popular free and open-source software to promote malicious downloads through advertisements in Google search results. [...] | Malware | ★★★ | |
|
2023-01-17 14:53:40 | Hackers can use GitHub Codespaces to host and deliver malware (lien direct) | GitHub Codespaces, a cloud-hosted integrated development environment (IDE), has a port forwarding feature that malicious actors can abuse to host and distribute malware to unaware developers. [...] | Malware | ★ | |
|
2023-01-16 11:41:30 | Malicious \'Lolip0p\' PyPi packages install info-stealing malware (lien direct) | A threat actor has uploaded to the PyPI (Python Package Index) repository three malicious packages that carry code to drop info-stealing malware on developers' systems. [...] | Malware Threat | ★★★ | |
|
2023-01-16 07:15:34 | Avast releases free BianLian ransomware decryptor (lien direct) | Security software company Avast has released a free decryptor for the BianLian ransomware strain to help victims of the malware recover locked files without paying the hackers. [...] | Ransomware Malware | ★★ | |
|
2023-01-14 17:28:34 | CircleCI\'s hack caused by malware stealing engineer\'s 2FA-backed session (lien direct) | Hackers breached CircleCi in December after an engineer became infected with information-stealing malware that stole the employee's 2FA-backed SSO session, allowing access to the company's internal systems. [...] | Malware Hack | ★★★★ | |
|
2023-01-12 17:24:02 | RAT malware campaign tries to evade detection using polyglot files (lien direct) | Operators of the StrRAT and Ratty remote access trojans (RAT) are running a new campaign using polyglot MSI/JAR and CAB/JAR files to evade detection from security tools. [...] | Malware | ★★★ | |
|
2023-01-12 15:41:56 | Android TV box on Amazon came pre-installed with malware (lien direct) | A Canadian system administrator discovered that an Android TV box purchased from Amazon was pre-loaded with persistent, sophisticated malware baked into its firmware. [...] | Malware | ★★★ | |
|
2023-01-11 12:24:19 | Gootkit malware abuses VLC to infect healthcare orgs with Cobalt Strike (lien direct) | The Gootkit loader malware operators are running a new SEO poisoning campaign that abuses VLC Media Player to infect Australian healthcare entities with Cobalt Strike beacons. [...] | Malware | ★★ | |
|
2023-01-11 02:00:00 | New Dark Pink APT group targets govt and military with custom malware (lien direct) | Attacks targeting government agencies and military bodies in multiple countries in the APAC region have been attributed to what appears to be a new advanced threat actor that leverages custom malware to steal confidential information. [...] | Malware Threat | ★★ | |
|
2023-01-10 18:05:01 | Over 1,300 fake AnyDesk sites push Vidar info-stealing malware (lien direct) | A massive campaign using over 1,300 domains to impersonate the official AnyDesk site is underway, all redirecting to a Dropbox folder recently pushing the Vidar information-stealing malware. [...] | Malware | ★★★★ | |
|
2023-01-09 16:16:26 | Microsoft: Kubernetes clusters hacked in malware campaign via PostgreSQL (lien direct) | The Kinsing malware is now actively breaching Kubernetes clusters by leveraging known weaknesses in container images and misconfigured, exposed PostgreSQL containers. [...] | Malware | Uber | ★★ |
|
2023-01-07 10:12:06 | Malicious PyPi packages create CloudFlare Tunnels to bypass firewalls (lien direct) | Six malicious packages on PyPI, the Python Package Index, were found installing information-stealing and RAT (remote access trojan) malware while using Cloudflare Tunnel to bypass firewall restrictions for remote access. [...] | Malware | ★★ | |
|
2023-01-05 10:17:25 | SpyNote Android malware infections surge after source code leak (lien direct) | The Android malware family tracked as SpyNote (or SpyMax) has had a sudden increase in detections in the final quarter of 2022, which is attributed to a source code leak of one of its latest, known as 'CypherRat.' [...] | Malware | ★★ | |
|
2023-01-04 17:29:46 | New SHC-compiled Linux malware installs cryptominers, DDoS bots (lien direct) | A new Linux malware downloader created using SHC (Shell Script Compiler) has been spotted in the wild, infecting systems with Monero cryptocurrency miners and DDoS IRC bots. [...] | Malware | ★★ | |
|
2023-01-04 12:16:37 | Hackers abuse Windows error reporting tool to deploy malware (lien direct) | Hackers are abusing the Windows Problem Reporting (WerFault.exe) error reporting tool for Windows to load malware into a compromised system's memory using a DLL sideloading technique. [...] | Malware Tool | ★★ | |
|
2023-01-03 13:10:01 | BitRAT malware campaign uses stolen bank data for phishing (lien direct) | Threat actors behind a recent malware campaign have been using the stolen information of bank customers in Colombia as lures in phishing emails designed to infect targets with the BitRAT remote access trojan, according to cloud security firm Qualys. [...] | Malware Threat | ★★ | |
|
2022-12-30 10:41:11 | New Linux malware uses 30 plugin exploits to backdoor WordPress sites (lien direct) | A previously unknown Linux malware has been exploiting 30 vulnerabilities in multiple outdated WordPress plugins and themes to inject malicious JavaScript. [...] | Malware | ★★★ | |
|
2022-12-28 14:12:16 | Hackers abuse Google Ads to spread malware in legit software (lien direct) | Malware operators have been increasingly abusing the Google Ads platform to spread malware to unsuspecting users searching for popular software products. [...] | Malware | ★★★ | |
|
2022-12-24 10:08:16 | New info-stealer malware infects software pirates via fake cracks sites (lien direct) | A new information-stealing malware named 'RisePro' is being distributed through fake cracks sites operated by the PrivateLoader pay-per-install (PPI) malware distribution service. [...] | Malware | ★★ | |
|
2022-12-21 16:47:58 | Corsair keyboard bug makes it type on its own, no malware involved (lien direct) | Corsair has confirmed that a bug in the firmware of K100 keyboards, and not malware, is behind previously entered text being auto-typed into applications days later. [...] | Malware | ★★★ | |
|
2022-12-21 16:10:36 | Zerobot malware now spreads by exploiting Apache vulnerabilities (lien direct) | The Zerobot botnet has been upgraded to infect new devices by exploiting security vulnerabilities affecting Internet-exposed and unpatched Apache servers. [...] | Malware | ★★★ | |
|
2022-12-21 03:00:00 | GodFather Android malware targets 400 banks, crypto exchanges (lien direct) | An Android banking malware named 'Godfather' has been targeting users in 16 countries, attempting to steal account credentials for over 400 online banking sites and cryptocurrency exchanges. [...] | Malware | ★★★ | |
|
2022-12-20 16:11:00 | VirusTotal cheat sheet makes it easy to search for specific results (lien direct) | VirusTotal has published a cheat sheet to help researchers create queries leading to more specific results from the malware intelligence platform. [...] | Malware Guideline | ★★★ | |
|
2022-12-20 13:42:20 | Hackers bombard PyPi platform with information-stealing malware (lien direct) | The PyPi python package repository is being bombarded by a wave of information-stealing malware hiding inside malicious packages uploaded to the platform to steal software developers' data. [...] | Malware | ★ | |
|
2022-12-20 10:15:59 | Raspberry Robin worm drops fake malware to confuse researchers (lien direct) | The Raspberry Robin malware is now trying its hand at some trickery by dropping a fake payload to confuse researchers and evade detection when it detects it's being run within sandboxes and debugging tools. [...] | Malware | ★★★★★ | |
|
2022-12-19 14:37:18 | (Déjà vu) Microsoft finds macOS bug that lets malware bypass security checks (lien direct) | Apple has fixed a vulnerability that could be leveraged to deploy malware on vulnerable macOS devices via untrusted applications capable of bypassing Gatekeeper application execution restrictions. [...] | Malware Vulnerability | ★★ | |
|
2022-12-19 14:37:18 | Microsoft: Achilles macOS bug lets hackers bypass Gatekeeper (lien direct) | Apple has fixed a vulnerability that could be leveraged to deploy malware on vulnerable macOS devices via untrusted applications capable of bypassing Gatekeeper application execution restrictions. [...] | Malware Vulnerability | ★★ | |
|
2022-12-19 12:39:27 | Ukraine\'s DELTA military system users targeted by info-stealing malware (lien direct) | A compromised Ukrainian Ministry of Defense email account was found sending phishing emails and instant messages to users of the 'DELTA' situational awareness program to infect systems with information-stealing malware. [...] | Malware | ★★★ | |
|
2022-12-17 11:08:16 | Glupteba malware is back in action after Google disruption (lien direct) | The Glupteba malware botnet has sprung back into action, infecting devices worldwide after its operation was disrupted by Google almost a year ago. [...] | Malware | ★★★ | |
|
2022-12-16 10:23:17 | Microsoft warns of new Minecraft DDoS malware infecting Windows, Linux (lien direct) | A new cross-platform malware botnet named 'MCCrash' is infecting Windows, Linux, and IoT devices to conduct distributed denial of service attacks on Minecraft servers. [...] | Malware | ★★ | |
|
2022-12-15 02:36:18 | Hackers target Japanese politicians with new MirrorStealer malware (lien direct) | A hacking group tracked as MirrorFace has been targeting Japanese politicians for weeks before the House of Councilors election in July 2022, using a previously undocumented credentials stealer named 'MirrorStealer.' [...] | Malware | ★ | |
|
2022-12-14 14:13:11 | Attackers use SVG files to smuggle QBot malware onto Windows systems (lien direct) | QBot malware phishing campaigns have adopted a new distribution method using SVG files to perform HTML smuggling that locally creates a malicious installer for Windows. [...] | Malware | ★★ | |
|
2022-12-14 13:24:00 | Microsoft patches Windows zero-day used to drop ransomware (lien direct) | Microsoft has fixed a security vulnerability used by threat actors to circumvent the Windows SmartScreen security feature and deliver Magniber ransomware and Qbot malware payloads. [...] | Ransomware Malware Vulnerability Threat | ★★ | |
|
2022-12-13 12:27:43 | New GoTrim botnet brute forces WordPress site admin accounts (lien direct) | A new Go-based botnet malware named 'GoTrim' is scanning the web for self-hosted WordPress websites and attempting to brute force the administrator's password and take control of the site. [...] | Malware | ★★ | |
|
2022-12-12 16:26:33 | New Python malware backdoors VMware ESXi servers for remote access (lien direct) | A previously undocumented Python backdoor targeting VMware ESXi servers has been spotted, enabling hackers to execute commands remotely on a compromised system. [...] | Malware | ★★★ | |
|
2022-12-11 11:22:33 | (Déjà vu) Clop ransomware uses TrueBot malware for access to networks (lien direct) | Security researchers have noticed a spike in devices infected with the TrueBot malware downloader created by a Russian-speaking hacking group known as Silence. [...] | Ransomware Malware | ★★ | |
|
2022-12-11 11:22:33 | Clop ransomware partners with TrueBot malware for access to networks (lien direct) | Security researchers have noticed a spike in devices infected with the TrueBot malware downloader created by a Russian-speaking hacking group known as Silence. [...] | Ransomware Malware | ★ | |
|
2022-12-09 09:00:00 | Holiday 2022 deal: 20% off Zero2Automated malware analysis training (lien direct) | Zero2Automated, the creators of the popular malware analysis and reverse-engineering course, is having a Christmas special where you can get 20% off all courses on their site, with additional goodies thrown in. [...] | Malware | ★★★ | |
|
2022-12-08 05:00:00 | New \'Zombinder\' platform binds Android malware with legitimate apps (lien direct) | A darknet platform dubbed 'Zombinder' allows threat actors to bind malware to legitimate Android apps, causing victims to infect themselves while still having the full functionality of the original app to evade suspicion. [...] | Malware Threat | ★★★ | |
|
2022-12-07 14:19:32 | New Zerobot malware has 21 exploits for BIG-IP, Zyxel, D-Link devices (lien direct) | A new Go-based malware named 'Zerobot' has been spotted in mid-November using exploits for almost two dozen vulnerabilities in a variety of devices that include F5 BIG-IP, Zyxel firewalls, Totolink and D-Link routers, and Hikvision cameras. [...] | Malware | ★★ | |
|
2022-12-04 10:11:22 | Android malware apps with 2 million installs spotted on Google Play (lien direct) | A new set of Android malware, phishing, and adware apps have infiltrated the Google Play store, tricking over two million people into installing them. [...] | Malware Mobile | ★★★ | |
|
2022-12-03 10:12:06 | Hackers use new, fake crypto app to breach networks, steal cryptocurrency (lien direct) | The North Korean 'Lazarus' hacking group is linked to a new attack spreading fake cryptocurrency apps under the made-up brand, "BloxHolder," to install the AppleJeus malware for initial access to networks and steal crypto assets. [...] | Malware | APT 38 | ★★★ |
|
2022-12-02 12:29:48 | New CryWiper malware wipes data in attack against Russian org (lien direct) | A previously undocumented data wiper named CryWiper is masquerading as ransomware, extorting victims to pay for a decrypter, but in reality, it just destroys data beyond recovery. [...] | Malware | ★★★ |
To see everything:
Our RSS (filtrered)
