What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-07-03 13:36:04 | New Godlua Malware Evades Traffic Monitoring via DNS over HTTPS (lien direct) | A Lua-based backdoor malware capable of targeting both Linux and Windows users while securing its communication channels via DNS over HTTPS (DoH) was discovered by researchers at Network Security Research Lab of Qihoo 360. [...] | Malware | ||
|
2019-07-01 13:10:00 | Malware Loader Goes Through Heaven\'s Gate to Avoid Detection (lien direct) | Researchers discovered a malware loader specifically designed by its developers to hide in plain sight and allow the payload to evade detection by anti-malware solutions by injecting into the memory of compromised computers. [...] | Malware | ||
|
2019-06-26 18:26:00 | New Silex Malware Trashes IoT Devices Using Default Passwords (lien direct) | A teen coder and his team developed a new malware named Silex that bricked poorly protected IoT devices by the thousands in a short period of time. [...] | Malware | ||
|
2019-06-25 09:55:04 | Malspam Campaigns Hide Infostealers in ISO Image Files (lien direct) | Multiple malicious campaigns observed in April concealed LokiBot and Nanocore malware inside ISO image files small enough to fit into an email attachment. [...] | Malware | ||
|
2019-06-21 11:44:02 | Microsoft Warns of Campaign Dropping Flawedammyy Rat in Memory (lien direct) | Microsoft issued a warning about an active spam campaign that tries to infect Korean targets with a FlawedAmmyy RAT malware distributed via malicious XLS attachments. [...] | Spam Malware | ||
|
2019-06-20 13:31:01 | DanaBot Banking Trojan Upgraded with \'Non Ransomware\' Module (lien direct) | A new malicious campaign is distributing an upgraded variant of DanaBot that comes with a new ransomware module used to target potential victims from Italy and Poland via phishing emails which deliver malware droppers. [...] | Ransomware Malware | ||
|
2019-06-20 11:50:02 | Firefox 0-day Used in Targeted Attacks Against Cryptocurrency Firms (lien direct) | The employees of Coinbase and other cryptocurrency firms were the target of an attack utilizing a recent Firefox zero-day and malware payloads in order to gain access to victim's computers, networks, and sensitive information. [...] | Malware | ||
|
2019-06-20 11:01:05 | Linux Cryptominer Uses Virtual Machines to Attack Windows, macOS (lien direct) | A new cryptocurrency mining malware dubbed LoudMiner uses virtualization software to deploy a Linux XMRig coinminer variant on Windows and macOS systems via a Tiny Core Linux virtual machine. [...] | Malware | ||
|
2019-06-19 17:40:02 | (Déjà vu) Cryptominer Uses Cron To Reinfect Linux Host After Removal (lien direct) | A cryptomining dropper malware has been spotted by security researchers while gaining persistence on Linux hosts by adding cron jobs to reinfect the compromised machines after being removed. [...] | Malware | ||
|
2019-06-19 17:40:02 | (Déjà vu) Malware Dropper Infects Linux Hosts with Resilient Cryptominer (lien direct) | A cryptomining dropper malware has been spotted by security researchers while gaining persistence on Linux hosts by adding cron jobs to reinfect the compromised machines after being removed. [...] | Malware | ||
|
2019-06-19 15:38:05 | Modular Plurox Malware Is a Wormable Backdoor Cryptominer (lien direct) | A new modular backdoor malware strain capable of mining cryptocurrencies and of spreading to other machines on the local network with the help of SMB and UPnP plugins has been detected by Kaspersky security researchers. [...] | Malware | ||
|
2019-06-17 11:55:00 | Android Malware Bypasses 2FA by Stealing One-Time Passwords (lien direct) | Researchers monitoring malware that affects Android devices discovered malicious apps that can steal one-time passwords (OTP) from the notification system. This development bypasses Google's ban on apps that access SMS and call logs without justification. [...] | Malware | ||
|
2019-06-17 10:12:00 | Samsung\'s Smart TV Malware Scan Reminder Met by User Criticism (lien direct) | Samsung issued a reminder for customers to scan their Internet-connected Smart QLED TVs for malware to prevent malicious campaigns from targeting their devices and use them as part of cyber attacks. [...] | Malware | ||
|
2019-06-14 13:59:03 | New WSH RAT Malware Targets Bank Customers with Keyloggers (lien direct) | Security researchers have discovered an ongoing phishing campaign distributing a new remote access trojan (RAT) and actively targeting commercial banking customers with keyloggers and information stealers. [...] | Malware | ||
|
2019-06-14 11:48:00 | Exposed Docker APIs Abused by DDoS, Cryptojacking Botnet Malware (lien direct) | Attackers are actively scanning for exposed Docker APIs on port 2375 and use them to deploy a malicious payload which drops a Dofloo Trojan variant, a malware known as a popular tool for building large scale botnets. [...] | Malware Tool | ||
|
2019-06-13 17:09:03 | Twitter URLs Can Be Manipulated to Spread Fake News and Scams (lien direct) | The way Twitter creates URLs to a tweet could be abused for unscrupulous purposes that range from running disinformation campaigns to spreading malware or tricking users into landing on a malicious web page. [...] | Malware | ||
|
2019-06-05 12:57:05 | Fake Cryptocurrency Trading Site Pushes Crypto Stealing Malware (lien direct) | Malware distributors have setup a site that impersonates the legitimate Cryptohopper cryptocurrency trading platform in order to distribute malware payloads such as information-stealing Trojans, miners, and clipboard hijackers. [...] | Malware | ||
|
2019-06-04 13:30:00 | Attackers Stitch Together Frankenstein Campaign Using Free Tools (lien direct) | Threat actors behind a highly-targeted series of cyber attacks spanning from January to April 2019 have been seen employing malicious tools built using freely available components to infect victims with malware designed to harvest credentials. [...] | Malware Threat | ||
|
2019-06-01 13:31:00 | Microsoft Azure Being Used to Host Malware and C2 Servers (lien direct) | Microsoft's Azure cloud services have become an attractive option for cybercriminals to store malicious content. From phishing templates to malware and command and control services, it seems that crooks found a new place for them. [...] | Malware | ||
|
2019-05-30 12:36:05 | POS Malware Steals Payment Info From 103 Checkers Restaurants (lien direct) | The Checkers and Rally's chain of double drive-thru restaurants disclosed a security breach which allowed attackers to steal payment card data from customers after infecting the point-of-sale (POS) systems in 103 locations from 20 states with malware. [...] | Malware | ||
|
2019-05-29 15:45:00 | YouTube Cryptocurrency Videos Pushing Info-Stealing Trojan (lien direct) | A scam and malware campaign is underway on YouTube that uses videos to promote a "bitcoin generator" tool that promises to generate free bitcoins for its users. In reality, this scam is pushing the Qulab information-stealing and clipboard hijacking Trojan. [...] | Malware Tool | ||
|
2019-05-28 12:08:04 | Emotet Botnet Behind Most Email-Based Threats in Q1 2019 (lien direct) | The multifunctional Emotet botnet malware was the most prevalent email-based threat in the first three months of the year, showing it is among the top choices for cybercriminals. [...] | Malware Threat | ★★★★★ | |
|
2019-05-27 12:20:01 | Malspam Campaigns Use HawkEye Keylogger to Target Businesses (lien direct) | Attackers have been observed targeting businesses on a worldwide scale during the last two months with the HawkEye keylogger malware according to a report from IBM X-Force. [...] | Malware | ||
|
2019-05-25 14:14:00 | Sectigo Responds to Chronicle\'s Report About Malware Signed by Their Certs (lien direct) | Following Chronicle's study on signed malware registered on VirusTotal scanning service over a one-year period, Sectigo carried their own investigation to identify abused certificates and revoke them. [...] | Malware | ||
|
2019-05-23 15:55:04 | Upgraded JasperLoader Malware Adds Anti-Analysis Mechanisms (lien direct) | A new and upgraded variant of the JasperLoader malware downloader has been observed in the wild actively targeting Italian victims and featuring new capabilities such as extra layers of obfuscation, anti-analysis mechanisms, and geofencing abilities. [...] | Malware | ||
|
2019-05-22 11:15:05 | Volume of Signed Malware Increases, CAs Need Better Vetting (lien direct) | Digitally signed threats with a valid certificate are no longer the mark of a nation-state, sophisticated attacker. The number of malware samples signed with a valid certificate found on VirusTotal is in the thousands. [...] | Malware | ||
|
2019-05-22 06:36:01 | Zebrocy Operators Also Look for Browser and Email Databases (lien direct) | Malware researchers analyzing the Zebrocy kit determined that the operators run commands manually to collect information of interest from infected systems. [...] | Malware | ||
|
2019-05-16 09:17:04 | GozNym Cybercrime Group Behind $100 Million Damages Dismantled (lien direct) | Ten members of the GozNym cybercriminal group which used the Avalanche malware distribution network to launch malware attacks against businesses and financial institutions were indicted today for computer fraud conspiracy, wire and bank fraud conspiracy, and money laundering. [...] | Malware | ||
|
2019-05-14 13:00:00 | Microsoft Fixes Critical Remote Desktop Flaw, Blocks Worm Malware (lien direct) | Microsoft patched today a critical Remote Code Execution vulnerability found in the Remote Desktop Services platform which can allow malicious actors to create malware designed to propagate between computers running vulnerable RDS installations. [...] | Malware | ||
|
2019-05-10 16:36:00 | Nigerian BEC Scammers Shifting to RATs As Tool of Choice (lien direct) | Scammers running business email compromise (BEC) fraud have grown in number, attack more often, and turn to remote access trojans as the preferred malware type to accompany their raids. [...] | Malware Tool | ||
|
2019-05-09 16:59:05 | (Déjà vu) North Korean Hackers Use ELECTRICFISH Malware to Steal Data (lien direct) | The Federal Bureau of Investigation (FBI) and the U.S. Department of Homeland Security (DHS) have issued a joint malware analysis report (MAR) on a new malware strain dubbed ELECTRICFISH and used by the North-Korean APT group Lazarus to exfiltrate data from victims. [...] | Malware | APT 38 | |
|
2019-05-09 16:39:05 | Site Promoting KeePass Password Manager Pushes Malware (lien direct) | A site that pretends to promote the popular KeePass password management software is actually distributing malware on unsuspecting visitors. This site is part of a larger network of sites distributing adware bundles as free programs. [...] | Malware | ||
|
2019-05-07 11:29:04 | Confluence Servers Hacked to Install Miners and Rootkits (lien direct) | After getting pounded with ransomware and malware for deploying distributed denial-of-service (DDoS) attacks, unpatched Confluence servers are now compromised to mine for cryptocurrency. [...] | Ransomware Malware | ★★★★ | |
|
2019-04-29 16:44:00 | Botnet of Over 100K Devices Used to DDoS Electrum Servers (lien direct) | The malicious actors behind the DDoS attacks against Electrum Bitcoin wallet users have switched to a new malware loader for their botnet Trojan, after previously using the Smoke Loader tool and the RIG exploit kit. [...] | Malware Tool | ||
|
2019-04-27 14:05:01 | Europeans Hit with Multi-Stage Malware Loader via Signed Malspam (lien direct) | Multiple malicious spam campaigns using signed emails have been observed while distributing the GootKit (aka talalpek or Xswkit) banking Trojan with the help of a multi-stage malware loader dubbed JasperLoader over the past few months. [...] | Spam Malware | ||
|
2019-04-12 13:10:04 | Malware Creates Cryptominer Botnet Using EternalBlue and Mimikatz (lien direct) | A malware campaign is actively attacking Asian targets using the EternalBlue exploit and taking advantage of Living off the Land obfuscated PowerShell-based scripts to drop Trojans and a Monero coinminer on compromised machines. [...] | Malware | ||
|
2019-04-11 08:55:04 | VSDC Site Hacked Again to Spread Password Stealing Malware (lien direct) | The website of the free multimedia editor VSDC was breached again by hackers, this time the download links being used to distribute a banking trojan and an info stealer. [...] | Malware | ||
|
2019-04-10 16:03:00 | Threat Group Uses Pastebin, GitHub In SneakyPastes Operation (lien direct) | A threat group considered the runt of the litter in terms of the complexity of its operations, in 2018 launched operation SneakyPastes, relying to a large extent on services like Pastebin and GitHub to host malware for various stages of the infection chain. [...] | Malware Threat | ||
|
2019-04-10 14:06:04 | DHS and FBI Issue Advisory on North Korean HOPLIGHT Malware (lien direct) | The U.S. Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued a joint malware analysis report (MAR) on a new Trojan dubbed HOPLIGHT, used by the North-Korean APT group Lazarus. [...] | Malware | APT 38 | |
|
2019-04-10 05:01:00 | Chrome Saying It\'s Managed by Your Organization May Indicate Malware (lien direct) | Recently users have noticed that Google Chrome has started stating that it is "Managed by your organization", which is a confusing for home computers who are not part of any organization. It turns out that with the release of Chrome 73, the browser will display this message whenever a group policy is configured for Chrome. [...] | Malware | ||
|
2019-04-04 03:34:00 | New Xwo Web Scanner Helps MongoLock Ransomware Find Victims (lien direct) | Code and infrastructure from two known malware families have been observed with a new threat named Xwo, which helps operators of the MongoLock ransomware discover unprotected web services reachable over the internet. [...] | Ransomware Malware Threat | ||
|
2019-03-28 07:37:05 | Gustuff Android Malware Targets 100+ Banking and 32 Cryptocurrency Apps (lien direct) | A previously unreported advanced banking trojan named Gustuff can steal funds from accounts at over 100 banks across the world and rob users of 32 cryptocurrency Android apps. [...] | Malware | ||
|
2019-03-27 18:42:02 | Office Depot Pays $25 Million To Settle Deceptive Tech Support Lawsuit (lien direct) | Office Depot and Support.com, Inc, a tech support software provided from California, agreed to pay $25 million and $10 million respectively for allegedly tricking their customers into paying for millions of US dollars worth of computer repair services using fake malware scans. [...] | Malware | ||
|
2019-03-25 03:04:00 | The AZORult Legacy Lives On. Hello AZORult++! (lien direct) | Earlier this month, malware researchers noticed a new variant of the infamous information stealer AZORult that indicates a transition to a new developer and carries the promise of a more dangerous threat. [...] | Malware | ||
|
2019-03-13 14:21:05 | DMSniff Point-of-Sale Malware Silently Attacked SMBs For Years (lien direct) | A new Point-of-Sale (POS) malware which uses a domain generation algorithm to create command-and-control domains on the fly was detected in attacks against small and medium-sized businesses for the past four years according to a team of security researchers from Flashpoint. [...] | Malware | ||
|
2019-03-12 12:32:00 | Malware Spreads As a Worm, Uses Cryptojacking Module to Mine for Monero (lien direct) | A modular malware with worm capabilities exploits known vulnerabilities in servers running ElasticSearch, Hadoop, Redis, Spring, Weblogic, ThinkPHP, and SqlServer to spread from one server to another and mine for Monero cryptocurrency. [...] | Malware | ||
|
2019-03-08 13:35:05 | 1.8 Million Users Attacked by Android Banking Malware, 300% Increase Since 2017 (lien direct) | The number of Android users attacked by banking malware saw an alarming 300% increase in 2018, with 1.8 million of them being impacted by at least one such attack during the last year. [...] | Malware | ||
|
2019-03-07 04:48:05 | #Opfail: Phisher Attaches Powershell Exec Instead of Malware (lien direct) | The security community has seen its share of mistakes made by cybercriminals, and quickly took advantage of them to stop the threat. But some of them have reached blooper level. [...] | Malware | ||
|
2019-03-06 15:11:02 | StealthWorker Malware Uses Windows, Linux Bots to Hack Websites (lien direct) | Hackers are running a new campaign which drops the StealthWorker brute-force malware on Windows and Linux machines that end up being used to brute force other computers in a series of distributed brute force attacks. [...] | Malware Hack | ||
|
2019-03-06 10:35:01 | NSA\'s Ghidra Reverse Engineering Framework Stirs Up Malware Researchers (lien direct) | The National Security Agency released a free, public version of Ghidra, a set of tools developed internally for software reverse engineering. The agency will also release Ghidra's source code, allowing users to improve the framework's feature set and turn it into a more effective tool. [...] | Malware |
To see everything:
