What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-11-21 11:53:12 | DePriMon Malware Registers Itself as a Windows Print Monitor (lien direct) | A malware downloader being dubbed DePriMon registers itself as a Windows print monitor in order to gain persistence on infected user's computers. [...] | Malware | ||
|
2019-11-19 01:00:00 | Shade Ransomware Is the Most Actively Distributed Malware via Email (lien direct) | During the first half of 2019, the Shade Ransomware (also known as Troldesh) was the most actively distributed malware via malicious email phishing campaigns according to Singapore-based Group-IB security outfit. [...] | Ransomware Malware | ||
|
2019-11-18 14:23:48 | Linux, Windows Users Targeted With New ACBackdoor Malware (lien direct) | Researchers have discovered a new multi-platform backdoor that infects Windows and Linux systems allowing the attackers to run malicious code and binaries on the compromised machines. [...] | Malware | ||
|
2019-11-15 14:44:47 | US Govt Recommends Vendor System Configs To Block Malware Attacks (lien direct) | The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) today reminded users and system administrators to properly configure their systems to defend against malware that can exploit improper configurations. [...] | Malware | ||
|
2019-11-14 09:05:16 | New Threat Actor Impersonates Govt Agencies to Deliver Malware (lien direct) | A new threat actor is using email to impersonate government agencies in the United States, Germany, and Italy to deliver ransomware, backdoors, and banking Trojans through malicious attachments. [...] | Malware Threat | ||
|
2019-11-11 14:20:00 | TrickBot Malware Uses Fake Sexual Harassment Complaints as Bait (lien direct) | Fake sexual harassment complaints appearing to come from the U.S. Equal Employment Opportunity Commission are the latest baits used by attackers to disseminate TrickBot banking Trojan payloads onto computers of unsuspecting employees of large companies. [...] | Malware | ||
|
2019-11-09 14:14:32 | Malware Meets Politics With Trump and Clinton Themed Infections (lien direct) | Just as people express their political views through art, malware developers express their political ideologies, hopes, and frustrations through the computer infections they create. [...] | Malware | ||
|
2019-11-09 10:30:00 | US Govt Asks Users to Be Wary of Holiday Scams and Malware (lien direct) | US consumers are encouraged by the Department of Homeland Security (DHS) to be wary of malicious campaigns and scams that usually start targeting during each year's holiday season. [...] | Malware | ||
|
2019-11-08 12:53:10 | New Stealthy Backdoor Used by Platinum APT in Recent Attacks (lien direct) | The advanced persistent threat (APT) group tracked by Microsoft as Platinum is using a new stealthy backdoor malware dubbed Titanium to infiltrate and take control of their targets' systems. [...] | Malware Threat | ||
|
2019-11-08 12:22:58 | Clever WebEx Spam Use Cisco Redirect to Deliver RAT Malware (lien direct) | A clever spam campaign is underway that pretends to be a WebEx meeting invite and uses a Cisco open redirect that pushes a Remote Access Trojan to the recipient. Using open redirects add legitimacy to spam URLs and increases the chances that victims will click on an URL. [...] | Spam Malware | ||
|
2019-11-07 11:54:16 | QNAP Warns Users to Secure Devices Against QSnatch Malware (lien direct) | Network-attached storage (NAS) maker QNAP urges customers to secure their NAS devices against an ongoing malicious campaign that infects them with QSnatch malware capable of stealing user credentials. [...] | Malware | ||
|
2019-11-07 03:30:00 | Specially Crafted ZIP Files Used to Bypass Secure Email Gateways (lien direct) | Attackers are always looking for new tricks to distribute malware without them being detected by antivirus scanners and secure email gateways. This was illustrated in a new phishing campaign that utilized a specially crafted ZIP file that was designed to bypass secure email gateways to distribute the NanoCore RAT. [...] | Malware | ||
|
2019-11-06 09:00:00 | Subpoena Phishing Emails Serve Nasty Predator Thief Infection (lien direct) | Phishers have been spotted delivering subpoena-themed emails spoofed to look like they're coming from the UK Ministry of Justice and attempting to infect their targets with Predator the Thief information stealer malware payloads. [...] | Malware | ||
|
2019-11-05 19:28:50 | DarkUniverse APT Stayed Hidden for 8 Years, Updated Regularly (lien direct) | Security researchers today published technical details about malware used by a new threat actor that matches a signature in a scanner likely built by the U.S. National Security Agency and leaked more than two years ago. [...] | Malware Threat | ||
|
2019-11-05 12:50:59 | WordPress Admins Infect Their Sites With WP-VCD via Pirated Plugins (lien direct) | WordPress sites have been the target of a highly active malicious campaign that infects them with a malware dubbed WP-VCD that hides in plain sight and quickly spreads to the entire website. [...] | Malware | ||
|
2019-11-01 12:33:31 | GandCrab RaaS Was a Training Ground for Malware Distributors (lien direct) | GandCrab operators changed the ransomware business from the ground up, establishing a model that is embraced and continued by other cybercriminals. [...] | Ransomware Malware | ||
|
2019-10-31 17:55:58 | Emotet Trojan Brings a Malware Scare with Halloween Emails (lien direct) | The Emotet Trojan is celebrating Halloween by pushing out new spam templates that want to invite you to a neighborhood party. While these emails promise you a treat, in reality Emotet is tricking you into installing an infection. [...] | Spam Malware | ||
|
2019-10-31 15:17:57 | Discord Abused to Spread Malware and Harvest Stolen Data (lien direct) | Malware developers and attackers are abusing the Discord chat service by using it to host their malware, act as command and control servers, or by modifying the chat client to perform malicious behavior. [...] | Malware | ||
|
2019-10-31 10:20:51 | QSnatch Malware Infects Thousands of NAS Devices, Steals Credentials (lien direct) | Thousands of QNAP NAS devices are getting infected with a malware dubbed QSnatch that injects into their firmware and proceeds to steal credentials and load malicious code retrieved from its command and control (C2) servers. [...] | Malware | ||
|
2019-10-31 09:29:24 | New Gafgyt Variant Recruits Routers to DDoS Servers for Valve Games (lien direct) | A new version of Gafgyt botnet malware has been enlisting routers from Zyxel and Huawei, as well as devices with Realtek RTL81xx chipset, using them for denial-of-service (DoS) attacks against servers running the Valve Source engine. [...] | Malware | ||
|
2019-10-27 14:26:41 | How to Perform Windows Defender Offline Scan in Windows 10 (lien direct) | If your PC is infected with persistent malware such as Rootkits, you should consider using Windows Defender Offline scan feature. In this article, you'll learn how Windows Defender Offline scan works and why you should use it for Rootkits. [...] | Malware | ||
|
2019-10-24 09:00:00 | iOS Clicker Trojan Malware Found in 17 Apps in Apple\'s App Store (lien direct) | More than a dozen iOS apps infected with clicker Trojan malware and distributed via the Apple App Store were found to perform ad fraud-related tasks in the background, using the command and control servers of a similar Android ad fraud campaign. [...] | Malware | ||
|
2019-10-23 17:08:27 | Discord Turned Into an Info-Stealing Backdoor by New Malware (lien direct) | A new malware is targeting Discord users by modifying the Windows Discord client so that it is transformed into a backdoor and an information-stealing Trojan. [...] | Malware | ||
|
2019-10-23 11:51:59 | Office 365 Adds Malware ZAP Toggle to Security & Compliance Center (lien direct) | Microsoft's developers are adding a new malware Zero-hour Auto Purge (ZAP) toggle to the Office 365 Security & Compliance Center to allow configuration without using a PowerShell cmdlet. [...] | Malware | ||
|
2019-10-22 13:41:11 | Billing Provider Billtrust Suffers Outage After Malware Attack (lien direct) | U.S. financial services provider Billtrust experienced an outage affecting all of its services after some of the company's computing systems were impacted by a malware attack on October 17. [...] | Malware | ||
|
2019-10-21 15:29:10 | Russian Hackers Use Iranian Threat Group\'s Tools, Servers as Cover (lien direct) | The Russian-backed Turla cyber-espionage group used stolen malware and hijacked infrastructure from the Iranian-sponsored OilRig to attack targets from dozens of countries according to a joint United Kingdom's National Cyber Security Centre (NCSC) and U.S. National Security Agency (NSA) advisory published today. [...] | Malware Threat | APT 34 | |
|
2019-10-21 09:15:00 | Chinese Hackers Use New Malware to Backdoor Microsoft SQL Servers (lien direct) | New malware created by Chinese-backed Winnti Group has been discovered by researchers at ESET while being used to gain persistence on Microsoft SQL Server (MSSQL) systems. [...] | Malware | ||
|
2019-10-18 10:50:35 | (Déjà vu) REvil Ransomware Affiliates Partner with Corporate Intruders (lien direct) | Experienced network intruders and ransomware groups have struck an alliance helping each other monetize their skills by spreading malware to company networks. [...] | Ransomware Malware | ||
|
2019-10-18 10:50:35 | REvil/Sodinokibi Ransomware Partners with Access-as-a-Service Providers (lien direct) | Experienced network intruders and ransomware groups have struck an alliance helping each other monetize their skills by spreading malware to company networks. [...] | Ransomware Malware | ★★★★★ | |
|
2019-10-17 11:47:11 | European Airport Systems Infected With Monero-Mining Malware (lien direct) | More than 50% of all computing systems at a European international airport were recently found to be infected with a Monero cryptominer linked to the Anti-CoinMiner campaign spotted during August 2018 by Zscaler. [...] | Malware | ||
|
2019-10-17 09:39:47 | Cozy Bear Russian Hackers Spotted After Staying Undetected for Years (lien direct) | Cyber-espionage operations from Cozy Bear, a threat actor believed to work for the Russian government, continued undetected for the past years by using malware families previously unknown to security researchers. [...] | Malware Threat | APT 29 | |
|
2019-10-16 09:04:06 | Malware Uses Your PC to Send 30K Sextortion Emails Per Hour (lien direct) | Sextortion emails stating that your computer was hacked and video was created of you on porn sites have become so common that they are treated simply as another spam. That does not mean, though, that they are not profitable as a new report shows attackers are generating revenue by utilizing infected PCs to do their dirty work. [...] | Malware | ||
|
2019-10-16 09:01:55 | New SDBot Remote Access Trojan Used in TA505 Malspam Campaigns (lien direct) | Researchers discovered two new malware strains distributed via phishing campaigns carried out by the TA505 hacking group during the last two months, a new downloader dubbed Get2 and an undocumented remote access Trojan (RAT) named SDBbot. [...] | Malware | ||
|
2019-10-15 10:00:34 | Chinese Hackers Use New Cryptojacking Tactics to Evade Detection (lien direct) | Chinese-speaking cybercrime group Rocke, known for operating multiple large-scale malicious crypto-mining campaigns, has now switched to new Tactics, Techniques, and Procedures (TTPs), including new C2 infrastructure and updated malware to evade detection. [...] | Malware | ||
|
2019-10-14 12:54:44 | Winnti Group Uses New PortReuse Malware Against Asian Manufacturer (lien direct) | Winnti Group hackers have updated their arsenal with a new modular Windows backdoor that they used to infect the servers of a high-profile Asian mobile hardware and software manufacturer. [...] | Malware | ||
|
2019-10-12 10:30:00 | Attackers Create Elaborate Crypto Trading Scheme to Install Malware (lien direct) | Attackers have created an elaborate scheme to distribute a cryptocurrency trading program that installs a backdoor on a victim's Mac or Windows PC. [...] | Malware | ||
|
2019-10-11 17:44:20 | FIN7 Hackers Load New RAT Malware Into ATM Maker\'s Software (lien direct) | The FIN7 hacking group has added new tools to its malicious toolkit, a malware loader that will deliver payloads straight into memory and a module that hooks into the legitimate remote administration software of ATM maker NCR Corporation. [...] | Malware | ||
|
2019-10-11 15:36:34 | Nemty 1.6 Ransomware Released and Pushed via RIG Exploit Kit (lien direct) | The RIG exploit kit is now pushing a cocktail of malware that includes a new variant of the Nemty Ransomware. [...] | Ransomware Malware | ||
|
2019-10-10 16:20:47 | New Malware Spies on Diplomats, High-Profile Government Targets (lien direct) | A new modular and malware designed to target diplomatic and government entities was spotted by ESET researchers while being utilized in attacks aimed at Russian-speaking individuals for at least 7 years. [...] | Malware | ||
|
2019-10-03 20:15:27 | Four U.S. Food Chains Disclose Payment Card Theft via PoS Malware (lien direct) | Hackers caused havoc at four restaurant chains in the U.S. over the summer after compromising their payment systems with malware that stole customers' payment card information. [...] | Malware | ||
|
2019-09-30 18:16:27 | Under-Detected ODT Files Deliver Common Remote Access Trojans (lien direct) | Security researchers noticed multiple cybercriminal operations using OpenDocument Text (ODT) files to distribute malware that is typically blocked by antivirus engines. The campaigns target English and Arabic-speaking users. [...] | Malware | ||
|
2019-09-27 15:27:14 | New Masad Stealer Malware Exfiltrates Crypto Wallets via Telegram (lien direct) | A new and actively distributed malware strain dubbed Masad Stealer steals files, browser information, and cryptocurrency wallet data from infected computers that get sent back to its masters using Telegram as a communication channel. [...] | Malware | ||
|
2019-09-26 18:15:00 | New WhiteShadow Downloader Uses MSSQL Servers for Malware Delivery (lien direct) | A new malware downloader delivered via multiple campaigns uses detection evasion techniques and Microsoft SQL queries to drop malicious payloads onto compromised machines. [...] | Malware | ||
|
2019-09-26 14:45:49 | Microsoft Spots Nodersok Malware Campaign That Zombifies PCs (lien direct) | A new fileless malicious campaign, dubbed Nodersok by Microsoft Defender ATP Research Team researchers who discovered it, drops its own LOLBins to infect Windows computers with a Node.js-based malware that will turn the devices into proxies. [...] | Malware | ||
|
2019-09-24 12:58:50 | Fake Employment Site Created to Target Veterans With Malware (lien direct) | A fake web site pretending to be an organization that offers job opportunities for U.S. veterans is distributing malware that let's the attackers gain full control over a victim's computer. [...] | Malware | ||
|
2019-09-24 11:23:41 | State-Backed Attackers Target US Entities with LookBack Malware (lien direct) | A spear-phishing campaign spanning more than five months has been targeting roughly 17 U.S. utility providers between April 5 and August 29 according to research from Proofpoint's Threat Insight Team. [...] | Malware Threat | ||
|
2019-09-23 17:28:25 | Beware of Google Alert Links Leading to Malware and Scams (lien direct) | Google Alerts is s useful service that allows you to receive emails or an updated RSS feed when new pages appear in the Google search index that are related to specified keywords you are following. Unfortunately, whenever there is a good thing, people try to take advantage of them to push users towards scams and malware [...] | Malware | ||
|
2019-09-18 10:06:47 | Amadey Botnet Targets U.S. Taxpayers with Tax Refund Notice (lien direct) | A phishing campaign has been spotted recently delivering Amadey botnet malware to taxpayers in the U.S. through fake income tax refund emails. [...] | Malware | ||
|
2019-09-18 09:04:53 | Smominru Mining Botnet In Cyber Turf War With Rival Malware (lien direct) | The Smominru mining botnet continues to wreck havoc on corporate machines by not only installing cryptominers, but also stealing credentials, installing backdoors, and making system configuration modifications that could affect the proper operation of an infected machine. [...] | Malware | ||
|
2019-09-14 15:11:58 | Nemty Ransomware Update Lets It Kill Processes and Services (lien direct) | Nemty ransomware is under active development, although its version number may not show it. Its authors are clearly making efforts to make it a more efficient and sophisticated malware and it begins wider distribution. [...] | Ransomware Malware |
To see everything:
