Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-08-17 15:07:53 |
APT Lazarus Targets Engineers with macOS Malware (lien direct) |
The North Korean APT is using a fake job posting for Coinbase in a cyberespionage campaign targeting users of both Apple and Intel-based systems. |
Malware
|
APT 38
|
|
|
2022-08-12 18:20:38 |
Feds: Zeppelin Ransomware Resurfaces with New Compromise, Encryption Tactics (lien direct) |
The CISA has seen a resurgence of the malware targeting a range of verticals and critical infrastructure organizations by exploiting RDP, firewall vulnerabilities. |
Ransomware
Malware
|
|
|
|
2022-07-27 16:57:23 |
Messaging Apps Tapped as Platform for Cybercriminal Activity (lien direct) |
Built-in Telegram and Discord services are fertile ground for storing stolen data, hosting malware and using bots for nefarious purposes. |
Malware
|
|
|
|
2022-07-26 18:15:41 |
Novel Malware Hijacks Facebook Business Accounts (lien direct) |
Newly discovered malware linked to Vietnamese threat actors targets users through a LinkedIn phishing campaign to steal data and admin privileges for financial gain. |
Threat
Malware
|
|
|
|
2022-07-08 14:45:47 |
Sneaky Orbit Malware Backdoors Linux Devices (lien direct) |
The novel threat steals data and can affect all processes running on the OS, stealing information from different commands and utilities and then storing it on the affected machine. |
Threat
Malware
|
|
|
|
2022-06-24 11:02:00 |
Google Warns Spyware Being Deployed Against Android, iOS Users (lien direct) |
The company is warning victims in Italy and Kazakhstan that they have been targeted by the malware from Italian firm RCS Labs. |
Malware
|
|
|
|
2022-06-23 12:21:33 |
Fancy Bear Uses Nuke Threat Lure to Exploit 1-Click Bug (lien direct) |
The APT is pairing a known Microsoft flaw with a malicious document to load malware that nabs credentials from Chrome, Firefox and Edge browsers. |
Threat
Malware
|
APT 28
|
|
|
2022-06-14 10:55:47 |
Linux Malware Deemed \'Nearly Impossible\' to Detect (lien direct) |
Symbiote, discovered in November, parasitically infects running processes so it can steal credentials, gain rootlkit functionality and install a backdoor for remote access. |
Malware
|
|
|
|
2022-06-10 11:02:29 |
Potent Emotet Variant Spreads Via Stolen Email Credentials (lien direct) |
The dangerous malware appears to be well and truly back in action, sporting new variants and security-dodging behaviors in a wave of recent phishing campaigns. |
Malware
|
|
|
|
2022-06-08 11:17:40 |
Black Basta Ransomware Teams Up with Malware Stalwart Qbot (lien direct) |
The novel cybercriminal group tapped the ever-evolving info-stealing trojan to move laterally on a network in a recent attack, researchers have found. |
Ransomware
Malware
|
|
|
|
2022-06-02 11:18:47 |
International Authorities Take Down Flubot Malware Network (lien direct) |
The info-stealing trojan used SMS messages and lifted contact credentials to spread with unprecedented speed across Android devices globally since December 2020. |
Malware
|
|
|
|
2022-05-31 12:24:44 |
EnemyBot Malware Targets Web Servers, CMS Tools and Android OS (lien direct) |
Malware borrows generously from code used by other botnets such as Mirai, Qbot and Zbot. |
Malware
Tool
|
|
|
|
2022-05-30 14:53:18 |
Zero-Day \'Follina\' Bug Lays Older Microsoft Office Versions Open to Attack (lien direct) |
Malware loads itself from remote servers and bypasses Microsoft's Defender AV scanner, according to reports. |
Malware
|
|
|
|
2022-05-25 13:18:17 |
Link Found Connecting Chaos, Onyx and Yashma Ransomware (lien direct) |
A slip-up by a malware author has allowed researchers to taxonomize three ransomware variations going by different names. |
Ransomware
Malware
|
|
|
|
2022-05-18 14:36:57 |
DOJ Says Doctor is Malware Mastermind (lien direct) |
The U.S. Department of Justice indites middle-aged doctor, accusing him of being a malware mastermind. |
Malware
|
|
★★★
|
|
2022-05-12 13:01:07 |
Malware Builder Leverages Discord Webhooks (lien direct) |
Researchers discovered a simple malware builder designed to steal credentials, then pinging them to Discord webhooks. |
Malware
|
|
★★★
|
|
2022-05-12 10:45:06 |
Novel \'Nerbian\' Trojan Uses Advanced Anti-Detection Tricks (lien direct) |
The stealthy, feature-rich malware has multistage evasion tactics to fly under the radar of security analysis, researchers at Proofpoint have found. |
Malware
|
|
★★
|
|
2022-05-10 00:24:18 |
Low-rent RAT Worries Researchers (lien direct) |
Researchers say a hacker is selling access to quality malware for chump change. |
Malware
|
|
★★★
|
|
2022-05-06 11:10:22 |
USB-based Wormable Malware Targets Windows Installer (lien direct) |
Activity dubbed 'Raspberry Robin' uses Microsoft Standard Installer and other legitimate processes to communicate with threat actors and execute nefarious commands. |
Threat
Malware
|
|
★★★★
|
|
2022-05-04 13:24:00 |
Attackers Use Event Logs to Hide Fileless Malware (lien direct) |
A sophisticated campaign utilizes a novel anti-detection method. |
Malware
|
|
|
|
2022-04-26 11:38:17 |
Nation-state Hackers Target Journalists with Goldbackdoor Malware (lien direct) |
A campaign by APT37 used a sophisticated malware to steal information about sources , which appears to be a successor to Bluelight. |
Malware
Cloud
|
APT 37
|
|
|
2022-04-07 13:00:56 |
MacOS Malware: Myth vs. Truth – Podcast (lien direct) |
Huntress Labs R&D Director Jamie Levy busts the old “Macs don't get viruses” myth and offers tips on how MacOS malware differs and how to protect against it.
|
Malware
|
|
|
|
2022-04-05 13:30:50 |
No-Joke Borat RAT Propagates Ransomware, DDoS (lien direct) |
This fresh malware strain extends the functionality of typical trojans with advanced functionality and a series of modules for launching various types of threat activity. |
Threat
Malware
|
|
|
|
2022-03-29 14:02:41 |
Exchange Servers Speared in IcedID Phishing Campaign (lien direct) |
The ever-evolving malware shows off new tactics that use email thread hijacking and other obfuscation techniques to provide advanced evasion techniques.
|
Malware
|
|
|
|
2022-03-24 13:10:04 |
Microsoft Help Files Disguise Vidar Malware (lien direct) |
Attackers are hiding interesting malware in a boring place, hoping victims won't bother to look. |
Malware
|
|
|
|
2022-03-10 13:00:32 |
Qakbot Botnet Sprouts Fangs, Injects Malware into Email Threads (lien direct) |
The ever-shifting, ever-more-powerful malware is now hijacking email threads to download malicious DLLs that inject password-stealing code into webpages, among other foul things. |
Malware
|
|
|
|
2022-03-07 17:46:39 |
Nvidia\'s Stolen Code-Signing Certs Used to Sign Malware (lien direct) |
Nvidia certificates are being used to sign malware, enabling malicious programs to pose as legitimate and slide past security safeguards on Windows machines. |
Malware
|
|
|
|
2022-03-01 17:55:46 |
Daxin Espionage Backdoor Ups the Ante on Chinese Malware (lien direct) |
Via node-hopping, the espionage tool can reach computers that aren't even connected to the internet. |
Malware
Tool
|
|
|
|
2022-02-24 18:42:49 |
Microsoft App Store Sizzling with New \'Electron Bot\' Malware (lien direct) |
The SEO poisoning bot, capable of full system takeover, is actively taking over social media accounts, masquerading as popular games like Temple Run. |
Malware
|
|
|
|
2022-02-23 17:20:41 |
Sextortion Rears Its Ugly Head Again (lien direct) |
Attackers are sending email blasts with malware links in embedded PDFs as a way to evade email filters, lying about having fictional "video evidence." |
Malware
|
|
|
|
2022-02-22 21:00:36 |
Gaming, Banking Trojans Dominate Mobile Malware Scene (lien direct) |
The overall number of attacks on mobile users is down, but they're getting slicker, both in terms of malware functionality and vectors, researchers say. |
Malware
|
|
|
|
2022-02-22 18:00:30 |
Xenomorph Malware Burrows into Google Play Users, No Facehugger Required (lien direct) |
Researchers discovered a new, modular banking trojan with ties to Cerberus and Alien that has the capability to become a much larger threat than it is now. |
Threat
Malware
|
|
|
|
2022-02-15 14:02:07 |
TA2541: APT Has Been Shooting RATs at Aviation for Years (lien direct) |
Since 2017, the attacker has flung simple off-the-shelf malware in malicious email campaigns aimed at aviation, aerospace, transportation and defense.
|
Malware
|
|
|
|
2022-02-14 17:23:45 |
\'Cities: Skylines\' Gaming Modder Banned Over Hidden Malware (lien direct) |
35K+ players were exposed to an auto-updater that planted a trojan that choked performance for fellow modders and Colossal Order employees.
|
Malware
|
|
|
|
2022-02-09 21:56:49 |
Cybercriminals Swarm Windows Utility Regsvr32 to Spread Malware (lien direct) |
The living-off-the-land binary (LOLBin) is anchoring a rash of cyberattacks bent on evading security detection to drop Qbot and Lokibot. |
Malware
|
|
|
|
2022-02-09 14:03:18 |
MoleRats APT Flaunts New Trojan in Latest Cyberespionage Campaign (lien direct) |
Researchers from Proofpoint have spotted a new Middle East-targeted phishing campaign that delivers a novel malware dubbed NimbleMamba. |
Malware
|
|
|
|
2022-02-07 22:13:29 |
Medusa Malware Joins Flubot\'s Android Distribution Network (lien direct) |
Two powerful trojans with spyware and RAT capabilities are being delivered in side-by-side campaigns using a common infrastructure. |
Malware
|
|
|
|
2022-02-03 14:00:25 |
PowerPoint Files Abused to Take Over Computers (lien direct) |
Attackers are using socially engineered emails with .ppam file attachments that hide malware that can rewrite Windows registry settings on targeted machines.
|
Malware
|
|
|
|
2022-01-28 21:47:21 |
Lazarus APT Uses Windows Update to Spew Malware (lien direct) |
The group once again dangled fake job opportunities at engineers in a spear-phishing campaign that used Windows Update as a living-off-the-land technique and GitHub as a C2.
|
Malware
|
APT 38
|
|
|
2022-01-28 14:00:25 |
Shlayer and Bundlore MacOS Malware Strains – How Uptycs EDR Detection Can Help (lien direct) |
MacOS malware Shlayer and Bundlore may have variations, but the behavior of their attacks have not changed – attacking older macOS versions and poorly-protected websites. |
Malware
|
|
|
|
2022-01-27 17:19:49 |
BotenaGo Botnet Code Leaked to GitHub (lien direct) |
The malware had already put millions of routers and IoT devices at risk, and now any noob can have at it.
|
Malware
|
|
|
|
2022-01-27 15:00:07 |
Shipment-Delivery Scams a Fav Way to Spread Malware (lien direct) |
Attackers increasingly are spoofing the courier DHL and using socially engineered messages related to packages to trick users into downloading Trickbot and other malicious payloads.
|
Malware
|
|
|
|
2022-01-26 22:39:34 |
TrickBot Crashes Security Researchers\' Browsers in Latest Upgrade (lien direct) |
The malware has added an anti-debugging tool that crashes browser tabs when researchers use code beautifying for analysis. |
Malware
Tool
|
|
|
|
2022-01-26 21:24:36 |
\'Dark Herring\' Billing Malware Swims onto 105M Android Devices (lien direct) |
The mobile malware heisted hundreds of millions of dollars from unsuspecting users, thanks to 470 different well-crafted malicious app in Google Play. |
Malware
|
|
|
|
2022-01-25 18:54:42 |
New MacOS Malware \'DazzleSpy\' Used in Watering-Hole Attacks (lien direct) |
A pro-democracy Hong Kong site was used to launch watering-hole attacks that planted a new macOS backdoor that researchers dubbed DazzleSpy.
|
Malware
|
|
|
|
2022-01-24 10:00:56 |
Unusual \'Donald Trump\' Packer Malware Delivers RATs, Infostealers (lien direct) |
The 'DTPacker' downloader used fake Liverpool Football Club sites as lures for several weeks, a report finds. |
Malware
|
|
|
|
2022-01-21 14:10:07 |
Spyware Blitzes Compromise, Cannibalize ICS Networks (lien direct) |
The brief spearphishing campaigns spread malware and use compromised networks to steal credentials that can be sold or used to commit financial fraud.
|
Malware
|
|
|
|
2022-01-19 20:55:28 |
Destructive Wiper Targeting Ukraine Aimed at Eroding Trust, Experts Say (lien direct) |
Disruptive malware attacks on Ukrainian organizations (posing as ransomware attacks) are very likely part of Russia's wider effort to undermine Ukraine's sovereignty, according to analysts. |
Ransomware
Malware
|
|
|
|
2022-01-18 15:44:21 |
Critical ManageEngine Desktop Server Bug Opens Orgs to Malware (lien direct) |
Zoho's comprehensive endpoint-management platform suffers from an authentication-bypass bug (CVE-2021-44757) that could lead to remote code execution. |
Malware
Guideline
|
|
|
|
2022-01-13 17:35:34 |
US Military Ties Prolific MuddyWater Cyberespionage APT to Iran (lien direct) |
US Cyber Command linked the group to Iranian intelligence and detailed its multi-pronged, increasingly sophisticated suite of malware tools.
|
Malware
|
|
|