What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-07-09 01:17:00 | Watch Out! Microsoft Spotted Spike in Astaroth Fileless Malware Attacks (lien direct) | Security researchers at Microsoft have released details of a new widespread campaign distributing an infamous piece of fileless malware that was primarily being found targeting European and Brazilian users earlier this year.
Dubbed Astaroth, the malware trojan has been making the rounds since at least 2017 and designed to steal users' sensitive information like their credentials, keystrokes, |
Malware | ||
|
2019-06-26 04:45:05 | \'Legit Apps Turned into Spyware\' Targeting Android Users in Middle East (lien direct) | Cybersecurity researchers are warning about an ongoing Android malware campaign that has been active since 2016 and was first publicly reported in August 2018.
Dubbed "ViceLeaker" by researchers at Kaspersky, the campaign has recently been found targeting Israeli citizens and some other middle eastern countries with a powerful surveillance malware designed to steal almost all accessible |
Malware | ||
|
2019-06-25 05:30:00 | New Mac Malware Exploits GateKeeper Bypass Bug that Apple Left Unpatched (lien direct) | Cybersecurity researchers are warning about possible active exploitation of an unpatched security vulnerability in Apple's macOS Gatekeeper security feature details and PoC for which were publicly disclosed late last month.
Joshua Long, a security researcher at Intego, last week discovered four samples of new macOS malware on VirusTotal that leverage the GateKeeper bypass vulnerability to |
Malware Vulnerability | ||
|
2019-06-21 07:52:03 | This Cryptomining Malware Launches Linux VMs On Windows and macOS (lien direct) | Cybersecurity researchers from at least two firms today unveiled details of a new strain of malware that targets Windows and macOS systems with a Linux-based cryptocurrency mining malware.
It may sound strange, but it's true.
Dubbed "LoudMiner" and also "Bird Miner," the attack leverages command-line based virtualization software on targeted systems to silently boot an image of Tiny Core |
Malware | ||
|
2019-05-29 11:53:04 | Hackers Infect 50,000 MS-SQL and PHPMyAdmin Servers with Rootkit Malware (lien direct) | Cyber Security researchers at Guardicore Labs today published a detailed report on a widespread cryptojacking campaign attacking Windows MS-SQL and PHPMyAdmin servers worldwide.
Dubbed Nansh0u, the malicious campaign is reportedly being carried out by an APT-style Chinese hacking group who has already infected nearly 50,000 servers and are installing a sophisticated kernel-mode rootkit on |
Malware | ||
|
2019-05-16 05:55:03 | \'GozNym\' Banking Malware Gang Dismantled by International Law Enforcement (lien direct) | In a joint effort by several law enforcement agencies from 6 different countries, officials have dismantled a major cybercrime network behind GozNym banking malware.
GozNym banking malware is responsible for stealing nearly $100 million from over 41,000 victims across the globe for years.
GozNym was created by combining two known powerful Trojans-Gozi ISFB malware, a banking |
Malware | ||
|
2019-05-14 11:31:05 | Microsoft Releases Patches For A Critical \'Wormable Flaw\' and 78 Other Issues (lien direct) | It's Patch Tuesday-the day when Microsoft releases monthly security updates for its software.
Microsoft has software updates to address a total of 79 CVE-listed vulnerabilities in its Windows operating systems and other products, including a critical wormable flaw that can propagate malware from computer to computer without requiring users' interaction.
Out of 79 vulnerabilities, 18 issues |
Malware | ||
|
2019-05-13 23:10:02 | Hackers Used WhatsApp 0-Day Flaw to Secretly Install Spyware On Phones (lien direct) | Whatsapp has recently patched a severe vulnerability that was being exploited by attackers to remotely install surveillance malware on a few "selected" smartphones by simply calling the targeted phone numbers over Whatsapp audio call.
Discovered, weaponized and then sold by the Israeli company NSO Group that produces the most advanced mobile spyware on the planet, the WhatsApp exploit installs |
Malware Vulnerability | ||
|
2019-05-10 03:04:03 | North Korean Hackers Using ELECTRICFISH Tunnels to Exfiltrate Data (lien direct) | The U.S. Department of Homeland Security (DHS) and the FBI have issued another joint alert about a new piece of malware that the prolific North Korean APT hacking group Hidden Cobra has actively been using in the wild.
Hidden Cobra, also known as Lazarus Group and Guardians of Peace, is believed to be backed by North Korean government and known to launch cyber attacks against media |
Malware Medical | APT 38 | |
|
2019-04-24 00:30:05 | \'Karkoff\' Is the New \'DNSpionage\' With Selective Targeting Strategy (lien direct) | The cybercriminal group behind the infamous DNSpionage malware campaign has been found running a new sophisticated operation that infects selected victims with a new variant of the DNSpionage malware.
First uncovered in November last year, the DNSpionage attacks used compromised sites and crafted malicious documents to infect victims' computers with DNSpionage-a custom remote administrative |
Malware | ||
|
2019-04-23 01:20:05 | Source Code for CARBANAK Banking Malware Found On VirusTotal (lien direct) | Security researchers have discovered the full source code of the Carbanak malware-yes, this time it's for real.
Carbanak-sometimes referred as FIN7, Anunak or Cobalt-is one of the most full-featured, dangerous malware that belongs to an APT-style cybercriminal group involved in several attacks against banks, financial institutions, hospitals, and restaurants.
In July last year, there was a |
Malware | ||
|
2019-04-16 05:05:03 | Google Makes it Tough for Rogue App Developers Get Back on Android Play Store (lien direct) | Even after Google's security oversight over its already-huge Android ecosystem has evolved over the years, malware apps still keep coming back to Google Play Store.
Sometimes just reposting an already detected malware app from a newly created Play Store account, or using other developers' existing accounts, is enough for 'bad-faith' developers to trick the Play Store into distributing unsafe |
Malware | ||
|
2019-04-16 01:45:05 | Scranos: New Rapidly Evolving Rootkit-Enabled Spyware Discovered (lien direct) | A new powerful rootkit-enabled spyware operation has been discovered wherein hackers are distributing multifunctional malware disguised as cracked software or trojanized app posing as legitimate software like video players, drivers and even anti-virus products.
While the rootkit malware-dubbed Scranos-which was first discovered late last year, still appears to be a work in progress, it is |
Malware | ||
|
2019-04-10 01:20:00 | Sophisticated \'TajMahal APT Framework\' Remained Undetected for 5 Years (lien direct) | Cybersecurity researchers yesterday unveiled the existence of a highly sophisticated spyware framework that has been in operation for at least last 5 years-but remained undetected until recently.
Dubbed TajMahal by researchers at Kaspersky Lab, the APT framework is a high-tech modular-based malware toolkit that not only supports a vast number of malicious plugins for distinct espionage |
Malware | ||
|
2019-04-09 00:19:04 | \'Exodus\' Surveillance Malware Found Targeting Apple iOS Users (lien direct) | Cybersecurity researchers have discovered an iOS version of the powerful mobile phone surveillance app that was initially targeting Android devices through apps on the official Google Play Store.
Dubbed Exodus, as the malware is called, the iOS version of the spyware was discovered by security researchers at LookOut during their analysis of its Android samples they had found last year. |
Malware | ||
|
2019-04-04 11:34:01 | Hackers Could Turn Pre-Installed Antivirus App on Xiaomi Phones Into Malware (lien direct) | What could be worse than this, if the software that's meant to protect your devices leave backdoors open for hackers or turn into malware?
Researchers today revealed that a security app that comes pre-installed on more than 150 million devices manufactured by Xiaomi, China's biggest and world's 4th largest smartphone company, was suffering from multiple issues that could have allowed remote |
Malware | ||
|
2019-03-29 03:58:00 | Here\'s the List of ~600 MAC Addresses Targeted in Recent ASUS Hack (lien direct) | EXCLUSIVE - While revealing details of a massive supply chain cyber attack against ASUS customers, Russian security firm Kaspersky last week didn't release the full list all MAC addresses that hackers hardcoded into their malware to surgically target a specific pool of users.
Instead, Kaspersky released a dedicated offline tool and launched an online web page where ASUS PC users can search |
Malware Hack Tool | ||
|
2019-03-25 09:39:05 | Warning: ASUS Software Update Server Hacked to Distribute Malware (lien direct) | Remember the CCleaner hack?
CCleaner hack was one of the largest supply chain attacks that infected more than 2.3 million users with a backdoored version of the software in September 2017.
Security researchers today revealed another massive supply chain attack that compromised over 1 million computers manufactured by Taiwan-based tech giant ASUS.
A group of state-sponsored |
Malware Hack | CCleaner | |
|
2019-03-20 06:31:05 | New MageCart Attacks Target Bedding Retailers My Pillow and Amerisleep (lien direct) | Cybersecurity researchers today disclosed details of two newly identified Magecart attacks targeting online shoppers of bedding retailers MyPillow and Amerisleep.
Magecart is an umbrella term researchers gave to at least 11 different hacking groups that are specialized in implanting malware code on e-commerce websites with an intent to steal payment card details of their customers silently. |
Malware | ||
|
2019-02-13 01:59:04 | Researchers Implant "Protected" Malware On Intel SGX Enclaves (lien direct) | Cybersecurity researchers have discovered a way to hide malicious code in Intel SGX enclaves, a hardware-based memory encryption feature in modern processors that isolates sensitive code and data to protect it from disclosure or modification.
In other words, the technique allows attackers to implant malware code in a secure memory that uses protection features of SGX which are otherwise |
Malware | ★★ | |
|
2019-02-11 23:09:05 | Beware!! New Windows .exe Malware Found Targeting macOS Computers (lien direct) | A malicious Windows EXE file can even infect your Mac computer as well.
Yes, you heard me right - a .exe malware on macOS.
Security researchers at antivirus firm Trend Micro have discovered a novel way hackers are using in the wild to bypass Apple's macOS security protection and infect Mac computers by deploying malicious EXE files that normally run only on Windows computers.
Researchers
|
Malware | ||
|
2019-02-11 03:22:02 | First Android Clipboard Hijacking Crypto Malware Found On Google Play Store (lien direct) | A security researcher has discovered yet another cryptocurrency-stealing malware on the official Google Play Store that was designed to secretly steal bitcoin and cryptocurrency from unwitting users.
The malware, described as a "Clipper," masqueraded as a legitimate cryptocurrency app and worked by replacing cryptocurrency wallet addresses copied into the Android clipboard with one belonging
|
Malware | ||
|
2019-02-01 02:32:00 | New Mac Malware Targets Cookies to Steal From Cryptocurrency Wallets (lien direct) | Mac users need to beware of a newly discovered piece of malware that steals their web browser cookies and credentials in an attempt to withdraw funds from their cryptocurrency exchange accounts.
Dubbed CookieMiner due to its capability of stealing cookies-related to cryptocurrency exchanges, the malware has specifically been designed to target Mac users and is believed to be based on
|
Malware | ||
|
2019-01-25 03:29:05 | GandCrab ransomware and Ursnif virus spreading via MS Word macros (lien direct) | Security researchers have discovered two separate malware campaigns, one of which is distributing the Ursnif data-stealing trojan and the GandCrab ransomware in the wild, whereas the second one is only infecting victims with Ursnif malware.
Though both malware campaigns appear to be a work of two separate cybercriminal groups, we find many similarities in them. Both attacks start from
|
Ransomware Malware | ||
|
2019-01-21 07:37:04 | New malware found using Google Drive as its command-and-control server (lien direct) | Since most security tools also keep an eye on the network traffic to detect malicious IP addresses, attackers are increasingly adopting infrastructure of legitimate services in their attacks to hide their malicious activities.
Cybersecurity researchers have now spotted a new malware attack campaign linked to the notorious DarkHydrus APT group that uses Google Drive as its command-and-control (
|
Malware | ||
|
2019-01-18 03:37:05 | New Android Malware Apps Use Motion Sensor to Evade Detection (lien direct) | Even after so many efforts by Google for preventing its Play Store from malware, shady apps somehow managed to fool its anti-malware protections and get into its service to infect Android users with malware.
Two such Android apps have recently been spotted on the Google Play Store by security researchers with the Trend Micro malware research team, infecting thousands of Android users who have
|
Malware | ||
|
2019-01-10 03:00:05 | Hackers Using Zero-Width Spaces to Bypass MS Office 365 Protection (lien direct) | Security researchers have been warning about a simple technique that cybercriminals and email scammers are already being using in the wild to bypass security features of Microsoft Office 365, including Safe Links, which are originally designed to protect users from malware and phishing attacks.
Safe Links has been included by Microsoft in Office 365 as part of its ATP (Advanced Threat
|
Malware | ||
|
2018-12-18 01:54:04 | New Malware Takes Commands From Memes Posted On Twitter (lien direct) | Security researchers have discovered yet another example of how cybercriminals disguise their malware activities as regular traffic by using legitimate cloud-based services.
Trend Micro researchers have uncovered a new piece of malware that retrieves commands from memes posted on a Twitter account controlled by the attackers.
Most malware relies on communication with their
|
Malware | ||
|
2018-12-14 08:19:01 | New Shamoon Malware Variant Targets Italian Oil and Gas Company (lien direct) | Shamoon is back… one of the most destructive malware families that caused damage to Saudi Arabia's largest oil producer in 2012 and this time it has targeted energy sector organizations primarily operating in the Middle East.
Earlier this week, Italian oil drilling company Saipem was attacked and sensitive files on about 10 percent of its servers were destroyed, mainly in the Middle East,
|
Malware | ||
|
2018-11-08 03:13:00 | StatCounter Analytics Code Hijacked to Steal Bitcoins from Cryptocurrency Users (lien direct) | Late last week an unknown hacker or a group of hackers successfully targeted a cryptocurrency exchange with an aim to steal Bitcoins by compromising the web analytics service it was using.
ESET malware researcher Matthieu Faou this weekend spotted malicious JavaScript code on up to 700,000 websites that were bundled with the traffic tracking code from the leading web analytics platform
|
Malware Guideline | ||
|
2018-10-30 03:16:01 | Unpatched MS Word Flaw Could Allow Hackers to Infect Your Computer (lien direct) | Cybersecurity researchers have revealed an unpatched logical flaw in Microsoft Office 2016 and older versions that could allow an attacker to embed malicious code inside a document file, tricking users into running malware onto their computers.
Discovered by researchers at Cymulate, the bug abuses the 'Online Video' option in Word documents, a feature that allows users to embedded an online
|
Malware | ||
|
2018-10-24 04:32:02 | FireEye: Russian Research Lab Aided the Development of TRITON Industrial Malware (lien direct) | Cybersecurity firm FireEye claims to have discovered evidence that proves the involvement of a Russian-owned research institute in the development of the TRITON malware that caused some industrial systems to unexpectedly shut down last year, including a petrochemical plant in Saudi Arabia.
TRITON, also known as Trisis, is a piece of ICS malware designed to target the Triconex Safety
|
Malware | ||
|
2018-10-12 05:11:00 | Fortnite for Android Released, But Make Sure You Don\'t Download Malware (lien direct) | Yes, it is official. The massively popular battle royale video game from Epic Games, Fortnite: Battle Royale is finally available for Android devices.
Epic announced Thursday that the Android version of Fortnite is now available for everyone to download for free, so you no longer require an invite to play the most popular battle royale game on your phone.
Epic Games have provided a list of
|
Malware | ||
|
2018-10-01 05:50:03 | GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers (lien direct) | Chinese cybersecurity researchers have uncovered a widespread, ongoing malware campaign that has already hijacked over 100,000 home routers and modified their DNS settings to redirect users to malicious web pages-especially if they visit banking sites-and steal their login credentials.
Dubbed GhostDNS, the campaign has many similarities with the infamous DNSChanger malware that works by changing
|
Malware | ★★★★ | |
|
2018-09-27 10:40:03 | Cybersecurity Researchers Spotted First-Ever UEFI Rootkit in the Wild (lien direct) | Cybersecurity researchers at ESET have unveiled what they claim to be the first-ever UEFI rootkit being used in the wild, allowing hackers to implant persistent malware on the targeted computers that could survive a complete hard-drive wipe.
Dubbed LoJax, the UEFI rootkit is part of a malware campaign conducted by the infamous Sednit group, also known as APT28, Fancy Bear, Strontium, and
|
Malware | APT 28 | ★★★★★ |
|
2018-09-27 03:30:00 | VPNFilter Router Malware Adds 7 New Network Exploitation Modules (lien direct) | Security researchers have discovered even more dangerous capabilities in VPNFilter-the highly sophisticated multi-stage malware that infected 500,000 routers worldwide in May this year, making it much more widespread and sophisticated than earlier.
Attributed to Russia's APT 28, also known as 'Fancy Bear,' VPNFilter is a malware platform designed to infect routers and network-attached storage
|
Malware | VPNFilter APT 28 | ★★★★★ |
|
2018-09-19 08:32:05 | New Malware Combines Ransomware, Coin Mining and Botnet Features in One (lien direct) | Windows and Linux users need to beware, as an all-in-one, destructive malware strain has been discovered in the wild that features multiple malware capabilities including ransomware, cryptocurrency miner, botnet, and self-propagating worm targeting Linux and Windows systems.
Dubbed XBash, the new malware, believed to be tied to the Iron Group, a.k.a. Rocke-the Chinese speaking APT threat
|
Malware | ||
|
2018-09-07 12:04:03 | No.1 Adware Removal Tool On Apple App Store Caught Spying On Mac Users (lien direct) | A highly popular top-tier app in Apple's Mac App Store that's designed to protect its users from adware and malware threats has been, ironically, found surreptitiously stealing their browsing history without their consent, and sending it to a server in China.
What's more concerning? Even after Apple was warned a month ago, the company did not take any action against the app.
The app in
|
Malware Tool | ||
|
2018-09-04 02:53:01 | Thousands of MikroTik Routers Hacked to Eavesdrop On Network Traffic (lien direct) | Last month we reported about a widespread crypto-mining malware campaign that hijacked over 200,000 MikroTik routers using a previously disclosed vulnerability revealed in the CIA Vault 7 leaks.
Now Chinese security researchers at Qihoo 360 Netlab have discovered that out of 370,000 potentially vulnerable MikroTik routers, more than 7,500 devices have been compromised to enable Socks4 proxy
|
Malware Vulnerability | ||
|
2018-08-27 00:17:04 | Critical Flaw in Fortnite Android App Lets Hackers Install Malware (lien direct) | Security researchers from Google have publicly disclosed an extremely serious security flaw in the first Fortnite installer for Android that could allow other apps installed on the targeted devices to manipulate installation process and load malware, instead of the Fortnite APK.
Earlier this month, Epic Games announced not to make its insanely popular game 'Fortnite for Android' available
|
Malware | ||
|
2018-08-23 02:43:03 | New Android Malware Framework Turns Apps Into Powerful Spyware (lien direct) | Security researchers have uncovered a new, powerful Android malware framework that is being used by cybercriminals to turn legitimate apps into spyware with extensive surveillance capabilities-as part of what seems to be a targeted espionage campaign.
Legitimate Android applications when bundled with the malware framework, dubbed Triout, gain capabilities to spy on infected devices by recording
|
Malware | ||
|
2018-08-21 08:37:04 | Dark Tequila Banking Malware Uncovered After 5 Years of Activity (lien direct) | Security researchers at Kaspersky Labs have uncovered a new, complex malware campaign that has been targeting customers of several Mexican banking institutions since at least 2013.
Dubbed Dark Tequila, the campaign delivers an advanced keylogger malware that managed to stay under the radar for five years due to its highly targeted nature and a few evasion techniques.
Dark Tequila has
|
Malware | ||
|
2018-08-15 02:28:00 | Former Microsoft Engineer Gets Prison for Role in Reveton Ransomware (lien direct) | A former Microsoft network engineer who was charged in April this year has now been sentenced to 18 months in prison after pleading guilty to money laundering in connection with the Reveton ransomware.
Reveton malware is old ransomware, also known as scareware or police ransomware that instead of encrypting files locks the screen of victims' computers and displays a message purporting to come
|
Ransomware Malware Guideline | ||
|
2018-08-09 07:20:03 | Researchers Developed Artificial Intelligence-Powered Stealthy Malware (lien direct) | Artificial Intelligence (AI) has been seen as a potential solution for automatically detecting and combating malware, and stop cyber attacks before they affect any organization.
However, the same technology can also be weaponized by threat actors to power a new generation of malware that can evade even the best cyber-security defenses and infects a computer network or launch an attack only
|
Malware Threat | ||
|
2018-08-07 02:03:00 | TSMC Chip Maker Blames WannaCry Malware for Production Halt (lien direct) | Taiwan Semiconductor Manufacturing Company (TSMC)-the world's largest makers of semiconductors and processors-was forced to shut down several of its chip-fabrication factories over the weekend after being hit by a computer virus.
Now, it turns out that the computer virus outbreak at Taiwan chipmaker was the result of a variant of WannaCry-a massive ransomware attack that wreaked havoc across
|
Ransomware Malware | Wannacry | |
|
2018-08-03 02:16:01 | Hackers Infect Over 200,000 MikroTik Routers With Crypto Mining Malware (lien direct) | Security researchers have discovered at least three massive malware campaigns exploiting hundreds of thousands of unpatched MikroTik routers to secretly install cryptocurrency miners on computers connected to them.
In all, the malware campaigns have compromised more than 210,000 routers from Latvian network hardware provider Mikrotik across the world, with the number still increasing as of
|
Malware | ||
|
2018-08-01 03:32:01 | NSO Spyware Targets Saudi Human Rights Activists and Researchers (lien direct) | Amnesty International, one of the most prominent non-profit human rights organizations in the world, claims one of its staff members has been targeted by a sophisticated surveillance tool made by Israel's NSO Group.
The NSO Group is an Israeli firm that's mostly known for selling high-tech spyware and surveillance malware capable of remotely cracking into Apple's iPhones and Google's Android
|
Malware Tool | ||
|
2018-07-31 09:19:04 | SamSam Ransomware Attacks Extorted Nearly $6 Million (lien direct) | Ransomware has become a multimillion-dollar black market business for cybercriminals, and SamSam being a great example.
New research revealed that the SamSam ransomware had extorted nearly $6 million from its victims since December 2015, when the cyber gang behind the ransomware started distributing the malware in the wild.
Researchers at Sophos have tracked Bitcoin addresses owned by the
|
Ransomware Malware | ||
|
2018-07-25 04:54:05 | iPhone Hacking Campaign Using MDM Software Is Broader Than Previously Known (lien direct) | India-linked highly targeted mobile malware campaign, first unveiled two weeks ago, has been found to be part of a broader campaign targeting multiple platforms, including windows devices and possibly Android as well.
As reported in our previous article, earlier this month researchers at Talos threat intelligence unit discovered a group of Indian hackers abusing mobile device management (MDM)
|
Malware Threat | ||
|
2018-07-13 04:01:05 | Hackers Used Malicious MDM Solution to Spy On \'Highly Targeted\' iPhone Users (lien direct) | Security researchers have uncovered a "highly targeted" mobile malware campaign that has been operating since August 2015 and found spying on 13 selected iPhones in India.
The attackers, who are also believed to be operating from India, were found abusing mobile device management (MDM) protocol-a type of security software used by large enterprises to control and enforce policies on devices
|
Malware |
To see everything:
Our RSS (filtrered)
