What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-07-27 23:57:33 | QSnatch Data-Stealing Malware Infected Over 62,000 QNAP NAS Devices (lien direct) | Cybersecurity agencies in the US and UK yesterday issued a joint advisory about a massive ongoing malware threat infecting Taiwanese company QNAP's network-attached storage (NAS) appliances.
Called QSnatch (or Derek), the data-stealing malware is said to have compromised 62,000 devices since reports emerged last October, with a high degree of infection in Western Europe and North America.
" |
Malware Threat | ||
|
2020-07-23 02:18:46 | North Korean Hackers Spotted Using New Multi-Platform Malware Framework (lien direct) | Lazarus Group, the notorious hacking group with ties to the North Korean regime, has unleashed a new multi-platform malware framework with an aim to infiltrate corporate entities around the world, steal customer databases, and distribute ransomware.
Capable of targeting Windows, Linux, and macOS operating systems, the MATA malware framework - so-called because of the authors' reference to the |
Malware Medical | APT 38 | |
|
2020-07-16 03:28:33 | New Android Malware Now Steals Passwords For Non-Banking Apps Too (lien direct) | Cybersecurity researchers today uncovered a new strain of banking malware that targets not only banking apps but also steals data and credentials from social networking, dating, and cryptocurrency apps-in total 337 non-financial Android applications on it's target list.
Dubbed "BlackRock" by ThreatFabric researchers, which discovered the trojan in May, its source code is derived from a leaked |
Malware | ||
|
2020-07-15 05:39:17 | 4 Dangerous Brazilian Banking Trojans Now Trying to Rob Users Worldwide (lien direct) | Cybersecurity researchers on Tuesday detailed as many as four different families of Brazilian banking trojans that have targeted financial institutions in Brazil, Latin America, and Europe.
Collectively called the "Tetrade" by Kaspersky researchers, the malware families - comprising Guildma, Javali, Melcoz, and Grandoreiro - have evolved their capabilities to function as a backdoor and adopt |
Malware | ||
|
2020-07-09 03:01:04 | Joker Malware Apps Once Again Bypass Google\'s Security to Spread via Play Store (lien direct) | Cybersecurity researchers took the wraps off yet another instance of Android malware hidden under the guise of legitimate applications to stealthily subscribe unsuspecting users for premium services without their knowledge.
In a report published by Check Point research today, the malware - infamously called Joker (or Bread) - has found another trick to bypass Google's Play Store protections: |
Malware | ||
|
2020-07-07 02:56:05 | Microsoft Launches Free Linux Forensics and Rootkit Malware Detection Service (lien direct) | Microsoft has announced a new free-to-use initiative aimed at uncovering forensic evidence of sabotage on Linux systems, including rootkits and intrusive malware that may otherwise go undetected.
The cloud offering, dubbed Project Freta, is a snapshot-based memory forensic mechanism that aims to provide automated full-system volatile memory inspection of virtual machine (VM) snapshots, with |
Malware | ||
|
2020-07-01 02:08:13 | A New Ransomware Targeting Apple macOS Users Through Pirated Apps (lien direct) | Cybersecurity researchers this week discovered a new type of ransomware targeting macOS users that spreads via pirated apps.
According to several independent reports from K7 Lab malware researcher Dinesh Devadoss, Patrick Wardle, and Malwarebytes, the ransomware variant - dubbed "EvilQuest" - is packaged along with legitimate apps, which upon installation, disguises itself as Apple's |
Ransomware Malware | ||
|
2020-06-25 03:42:20 | Docker Images Containing Cryptojacking Malware Distributed via Docker Hub (lien direct) | With Docker gaining popularity as a service to package and deploy software applications, malicious actors are taking advantage of the opportunity to target exposed API endpoints and craft malware-infested images to facilitate distributed denial-of-service (DDoS) attacks and mine cryptocurrencies.
According to a report published by Palo Alto Networks' Unit 42 threat intelligence team, the |
Malware Threat | ||
|
2020-06-23 04:03:32 | VirusTotal Adds Cynet\'s Artificial Intelligence-Based Malware Detection (lien direct) | VirusTotal, the famous multi-antivirus scanning service owned by Google, recently announced new threat detection capabilities it added with the help of an Israeli cybersecurity firm.
VirusTotal provides a free online service that analyzes suspicious files and URLs to detect malware and automatically shares them with the security community. With the onslaught of new malware types and samples, |
Malware Threat | ||
|
2020-06-17 05:48:14 | Hackers Target Military and Aerospace Staff by Posing as HRs Offering Jobs (lien direct) | Cybersecurity researchers today took the wraps off a new sophisticated cyber-espionage campaign directed against aerospace and military organizations in Europe and the Middle East with an aim to spy on key employees of the targeted firms and, in some case, even to siphon money.
The campaign, dubbed "Operation In(ter)ception" because of a reference to "Inception" in the malware sample, took |
Malware | ||
|
2020-06-11 14:35:49 | A Bug in Facebook Messenger for Windows Could\'ve Helped Malware Gain Persistence (lien direct) | Cybersecurity researchers at Reason Labs, the threat research arm of security solutions provider Reason Cybersecurity, today disclosed details of a vulnerability they recently discovered in the Facebook Messenger application for Windows.
The vulnerability, which resides in Messenger version 460.16, could allow attackers to leverage the app to potentially execute malicious files already |
Malware Vulnerability Threat | ||
|
2020-05-27 03:31:37 | Chinese Researchers Disrupt Malware Attack That Infected Thousands of PCs (lien direct) | Chinese security firm Qihoo 360 Netlab said it partnered with tech giant Baidu to disrupt a malware botnet infecting over hundreds of thousands of systems.
The botnet was traced back to a group it calls ShuangQiang (also called Double Gun), which has been behind several attacks since 2017 aimed at compromising Windows computers with MBR and VBR bootkits, and installing malicious drivers for |
Malware | ||
|
2020-05-26 02:48:01 | New ComRAT Malware Uses Gmail to Receive Commands and Exfiltrate Data (lien direct) | Cybersecurity researchers today uncovered a new advanced version of ComRAT backdoor, one of the earliest known backdoors used by the Turla APT group, that leverages Gmail's web interface to covertly receive commands and exfiltrate sensitive data.
"ComRAT v4 was first seen in 2017 and known still to be in use as recently as January 2020," cybersecurity firm ESET said in a report shared with |
Malware | ||
|
2020-05-15 02:43:00 | HTTP Status Codes Command This Malware How to Control Hacked Systems (lien direct) | A new version of COMpfun remote access trojan (RAT) has been discovered in the wild that uses HTTP status codes to control compromised systems targeted in a recent campaign against diplomatic entities in Europe.
The cyberespionage malware-traced to Turla APT with "medium-to-low level of confidence" based on the history of compromised victims-spread via an initial dropper that masks itself as |
Malware | ||
|
2020-05-13 07:54:43 | Researcher Spots New Malware Claimed to be \'Tailored for Air‑Gapped Networks\' (lien direct) | A cybersecurity researcher at ESET today published an analysis of a new piece of malware, a sample of which they spotted on the Virustotal malware scanning engine and believe the hacker behind it is likely interested in some high-value computers protected behind air‑gapped networks.
Dubbed 'Ramsay,' the malware is still under development with two more variants (v2.a and v2.b) spotted in the |
Malware | ||
|
2020-05-13 02:35:07 | U.S Defence Warns of 3 New Malware Used by North Korean Hackers (lien direct) | Yesterday, on the 3rd anniversary of the infamous global WannaCry ransomware outbreak for which North Korea was blamed, the U.S. government released information about three new malware strains used by state-sponsored North Korean hackers.
Called COPPERHEDGE, TAINTEDSCRIBE, and PEBBLEDASH, the malware variants are capable of remote reconnaissance and exfiltration of sensitive information from |
Ransomware Malware | Wannacry | |
|
2020-05-04 04:59:47 | New Malware Jumps Air-Gapped Devices by Turning Power-Supplies into Speakers (lien direct) | A researcher from Israel's Ben Gurion University of the Negev recently demonstrated a new kind of malware that could be used to covertly steal highly sensitive data from air-gapped and audio-gapped systems using a novel acoustic quirk in power supply units that come with modern computing devices.
Dubbed 'POWER-SUPPLaY,' the latest research builds on a series of techniques leveraging |
Malware | ||
|
2020-04-30 05:14:47 | New Android Malware Steals Banking Passwords, Private Data and Keystrokes (lien direct) | A new type of mobile banking malware has been discovered abusing Android's accessibility features to exfiltrate sensitive data from financial applications, read user SMS messages, and hijack SMS-based two-factor authentication codes.
Called "EventBot" by Cybereason researchers, the malware is capable of targeting over 200 different financial apps, including banking, money transfer services, |
Malware | ||
|
2020-04-24 03:38:56 | Malicious USB Drives Infect 35,000 Computers With Crypto-Mining Botnet (lien direct) | Cybersecurity researchers from ESET on Thursday said they took down a portion of a malware botnet comprising at least 35,000 compromised Windows systems that attackers were secretly using to mine Monero cryptocurrency.
The botnet, named "VictoryGate," has been active since May 2019, with infections mainly reported in Latin America, particularly Peru accounting for 90% of the compromised |
Malware | ||
|
2020-04-20 03:58:02 | COVID-Themed Lures Target SCADA Sectors With Data Stealing Malware (lien direct) | A new malware campaign has been found using coronavirus-themed lures to strike government and energy sectors in Azerbaijan with remote access trojans (RAT) capable of exfiltrating sensitive documents, keystrokes, passwords, and even images from the webcam.
The targeted attacks employ Microsoft Word documents as droppers to deploy a previously unknown Python-based RAT dubbed "PoetRAT" due to |
Malware | ||
|
2020-04-08 03:55:51 | Dark Nexus: A New Emerging IoT Botnet Malware Spotted in the Wild (lien direct) | Cybersecurity researchers have discovered a new emerging IoT botnet threat that leverages compromised smart devices to stage 'distributed denial-of-service' attacks, potentially triggered on-demand through platforms offering DDoS-for-hire services.
The botnet, named "dark_nexus" by Bitdefender researchers, works by employing credential stuffing attacks against a variety of devices, such as |
Malware Threat | ||
|
2020-04-07 06:48:57 | Unveiled: How xHelper Android Malware Re-Installs Even After Factory Reset (lien direct) | Remember xHelper?
A mysterious piece of Android malware that re-installs itself on infected devices even after users delete it or factory reset their devices-making it nearly impossible to remove.
xHelper reportedly infected over 45,000 devices last year, and since then, cybersecurity researchers have been trying to unfold how the malware survives factory reset and how it infected so many |
Malware | ||
|
2020-03-30 03:33:19 | COVID-19: Hackers Begin Exploiting Zoom\'s Overnight Success to Spread Malware (lien direct) | As people increasingly work from home and online communication platforms such as Zoom explode in popularity in the wake of coronavirus outbreak, cybercriminals are taking advantage of the spike in usage by registering new fake "Zoom" domains and malicious "Zoom" executable files in an attempt to trick people into downloading malware on their devices.
According to a report published by Check |
Malware | ||
|
2020-03-26 02:52:22 | Watch Out: Android Apps in Google Play Store Capitalizing on Coronavirus Outbreak (lien direct) | Preying on public fears, the ongoing coronavirus outbreak is proving to be a goldmine of opportunity for attackers to stage a variety of malware attacks, phishing campaigns, and create scam sites and malicious tracker apps.
Now in a fresh twist, third-party Android app developers too have begun to take advantage of the situation to use coronavirus-related keywords in their app names, |
Malware | ||
|
2020-03-25 08:53:40 | TrickBot Mobile App Bypasses 2‐Factor Authentication for Net Banking Services (lien direct) | The malware authors behind TrickBot banking Trojan have developed a new Android app that can intercept one-time authorization codes sent to Internet banking customers via SMS or relatively more secure push notifications, and complete fraudulent transactions.
The Android app, called "TrickMo" by IBM X-Force researchers, is under active development and has exclusively targeted German users |
Malware | ||
|
2020-03-24 03:00:25 | Over 50 Android Apps for Kids on Google Play Store Caught in Ad Fraud Scheme (lien direct) | More than 50 Android apps on the Google Play Store-most of which were designed for kids and had racked up almost 1 million downloads between them-have been caught using a new trick to secretly click on ads without the knowledge of smartphone users.
Dubbed "Tekya," the malware in the apps imitated users' actions to click ads from advertising networks such as Google's AdMob, AppLovin', |
Malware | ||
|
2020-03-21 00:57:30 | Mukashi: A New Mirai IoT Botnet Variant Targeting Zyxel NAS Devices (lien direct) | A new version of the infamous Mirai botnet is exploiting a recently uncovered critical vulnerability in network-attached storage (NAS) devices in an attempt to remotely infect and control vulnerable machines.
Called "Mukashi," the new variant of the malware employs brute-force attacks using different combinations of default credentials to log into Zyxel NAS, UTM, ATP, and VPN firewall |
Malware Vulnerability | ||
|
2020-03-18 03:38:50 | Hackers Created Thousands of Coronavirus (COVID-19) Related Sites As Bait (lien direct) | As the world comes to grips with the coronavirus pandemic, the situation has proven to be a blessing in disguise for threat actors, who've taken advantage of the opportunity to target victims with scams or malware campaigns.
Now, according to a new report published by Check Point Research today and shared with The Hacker News, hackers are exploiting the COVID-19 outbreak to spread their own |
Malware Threat | ||
|
2020-03-17 03:37:42 | Researchers Uncover a Nigerian Hacker\'s Pursuit of his Million Dollar Dream (lien direct) | Social engineering-driven malware threats continue to be a big threat, but new research details how cybercriminals profit off such schemes to launder hundreds of thousands of dollars from stolen credit cards of unsuspecting victims.
Cybersecurity firm Check Point Research, in a report published today and shared with The Hacker news, uncovered the digital trail of a Nigerian cybercriminal, who |
Malware | ||
|
2020-03-13 01:52:36 | New Android Cookie-Stealing Malware Found Hijacking Facebook Accounts (lien direct) | A new simple but dangerous strain of Android malware has been found in the wild that steals users' authentication cookies from the web browsing and other apps, including Chrome and Facebook, installed on the compromised devices.
Dubbed "Cookiethief" by Kaspersky researchers, the Trojan works by acquiring superuser root rights on the target device, and subsequently, transfer stolen cookies to |
Malware | ||
|
2020-03-11 09:57:10 | Beware of \'Coronavirus Maps\' – It\'s a malware infecting PCs to steal passwords (lien direct) | Cybercriminals will stop at nothing to exploit every chance to prey on internet users.
Even the disastrous spread of SARS-COV-II (the virus), which causes COVID-19 (the disease), is becoming an opportunity for them to likewise spread malware or launch cyber attacks.
Reason Cybersecurity recently released a threat analysis report detailing a new attack that takes advantage of internet users' |
Malware Threat | ||
|
2020-03-11 01:00:26 | L1ght Looks to Protect Internet Users from Toxic and Predatory Behavior (lien direct) | Cybersecurity has been regarded as a necessity for all computer users, especially today when data breaches and malware attacks have become rampant.
However, one of the more overlooked aspects of cybersecurity is the prevention of other forms of cybercrime, such as the spread of harmful content and predatory behavior.
Most current discussions on cybersecurity revolve around organizations |
Malware | ★★★ | |
|
2020-02-25 04:08:15 | Free Download: The Ultimate Security Pros\' Checklist (lien direct) | You are a cybersecurity professional with the responsibility to keep your organization secured, you know your job chapter and verse, from high level reporting duties to the bits and bytes of what malware targeted your endpoints a week ago.
But it's a lot to hold in one's mind, so to make your life easier, The Ultimate Security Pros' Checklist, created by Cynet, provides you with a concise and |
Malware | ||
|
2020-02-12 04:47:20 | Emotet Malware Now Hacks Nearby Wi-Fi Networks to Infect New Victims (lien direct) | Emotet, the notorious trojan behind a number of botnet-driven spam campaigns and ransomware attacks, has found a new attack vector: using already infected devices to identify new victims that are connected to nearby Wi-Fi networks.
According to researchers at Binary Defense, the newly discovered Emotet sample leverages a "Wi-Fi spreader" module to scan Wi-Fi networks, and then attempts to |
Ransomware Spam Malware | ||
|
2020-01-02 12:13:32 | Landry\'s Restaurant Chain Suffers Payment Card Theft Via PoS Malware (lien direct) | Landry's, a popular restaurant chain in the United States, has announced a malware attack on its point of sale (POS) systems that allowed cybercriminals to steal customers' payment card information.
Landry's owns and operates more than 600 bars, restaurants, hotels, casinos, food and beverage outlets with over 60 different brands such as Landry's Seafood, Chart House, Saltgrass Steak House, |
Malware | ||
|
2019-12-21 05:56:48 | Hackers Behind GozNym Malware Sentenced for Stealing $100 Million (lien direct) | Three members of an international organized cybercrime group that was behind a multi-million dollar theft primarily against U.S. businesses and financial institutions have been sentenced to prison, the U.S. Justice Department announced.
The criminals used the GozNym banking Trojan to break into more than 4,000 victim computers globally, primarily in the United States and Europe, between 2015 |
Malware | ||
|
2019-12-18 05:34:27 | 14 Ways to Evade Botnet Malware Attacks On Your Computers (lien direct) | Cybercriminals are busy innovators, adapting their weapons and attack strategies, and ruthlessly roaming the web in search of their next big score.
Every manner of sensitive information, such as confidential employee records, customers' financial data, protected medical documents, and government files, are all subject to their relentless threats to cybersecurity.
Solutions span a broad |
Malware | ||
|
2019-12-05 11:16:51 | FBI Puts $5 Million Bounty On Russian Hackers Behind Dridex Banking Malware (lien direct) | The United States Department of Justice today disclosed the identities of two Russian hackers and charged them for developing and distributing the Dridex banking Trojan using which the duo stole more than $100 million over a period of 10 years.
Maksim Yakubets, the leader of 'Evil Corp' hacking group, and his co-conspirator Igor Turashev primarily distributed Dridex - also known as 'Bugat' |
Malware Guideline | ||
|
2019-12-05 01:07:48 | ZeroCleare: New Iranian Data Wiper Malware Targeting Energy Sector (lien direct) | Cybersecurity researchers have uncovered a new, previously undiscovered destructive data-wiping malware that is being used by state-sponsored hackers in the wild to target energy and industrial organizations in the Middle East.
Dubbed ZeroCleare, the data wiper malware has been linked to not one but two Iranian state-sponsored hacking groups-APT34, also known as ITG13 and Oilrig, and Hive0081, |
Malware | APT 34 | |
|
2019-11-22 00:06:46 | Russian Hacker Behind NeverQuest Banking Malware Gets 4 Years in U.S. Prison (lien direct) | A Russian hacker who created and used Neverquest banking malware to steal money from victims' bank accounts has finally been sentenced to 4 years in prison by the United States District Court for the Southern District of New York.
Stanislav Vitaliyevich Lisov, 34, was arrested by Spanish authorities at Barcelona–El Prat Airport in January 2017 on the request of the FBI and extradited to the |
Malware | ||
|
2019-11-20 00:58:38 | Official Monero Site Hacked to Distribute Cryptocurrency Stealing Malware (lien direct) | What an irony - someone hacked the official website of the Monero cryptocurrency project and quietly replaced legitimate Linux and Windows binaries available for download with malicious versions designed to steal funds from users' wallets.
The latest supply-chain cyberattack was revealed on Monday after a Monero user spotted that the cryptographic hash for binaries he downloaded from the |
Malware | ||
|
2019-11-14 06:01:49 | Hackers Impersonating Financial Agencies Target German, Italian, US Firms (lien direct) | Security researchers have tracked down activities of a new group of financially-motivated hackers that are targeting several businesses and organizations in Germany, Italy, and the United States in an attempt to infect them with backdoor, banking Trojan, or ransomware malware.
Though the new malware campaigns are not customized for each organization, the threat actors appear to be more |
Ransomware Malware Threat | ||
|
2019-10-31 07:26:14 | Chinese Hackers Compromise Telecom Servers to Spy on SMS Messages (lien direct) | A group of Chinese hackers carrying out political espionage for Beijing has been found targeting telecommunications companies with a new piece of malware designed to spy on text messages sent or received by highly targeted individuals.
Dubbed "MessageTap," the backdoor malware is a 64-bit ELF data miner that has recently been discovered installed on a Linux-based Short Message Service Center |
Malware | ||
|
2019-10-30 12:48:59 | Hackers Target Indian Nuclear Power Plant – Everything We Know So Far (lien direct) | A story has been making the rounds on the Internet since yesterday about a cyber attack on an Indian nuclear power plant.
Due to some experts commentary on social media even after lack of information about the event and overreactions by many, the incident received factually incorrect coverage widely suggesting a piece of malware has compromised "mission-critical systems" at the Kudankulam |
Malware | ||
|
2019-10-29 10:55:32 | Mysterious malware that re-installs itself infected over 45,000 Android Phones (lien direct) | Over the past few months, hundreds of Android users have been complaining online of a new piece of mysterious malware that hides on the infected devices and can reportedly reinstall itself even after users delete it, or factory reset their devices.
Dubbed Xhelper, the malware has already infected more than 45,000 Android devices in just the last six months and is continuing to spread by |
Malware | ||
|
2019-10-22 04:50:06 | Stealthy Microsoft SQL Server Backdoor Malware Spotted in the Wild (lien direct) | Cybersecurity researchers claim to have discovered a previously undocumented backdoor specifically designed for Microsoft SQL servers that could allow a remote attacker to control an already compromised system stealthily.
Dubbed Skip-2.0, the backdoor malware is a post-exploitation tool that runs in the memory and lets remote attackers connect to any account on the server running MSSQL version |
Malware Tool | ||
|
2019-10-16 06:23:03 | Phorpiex Botnet Sending Out Millions of Sextortion Emails Using Hacked Computers (lien direct) | A decade-old botnet malware that currently controls over 450,000 computers worldwide has recently shifted its operations from infecting machines with ransomware or crypto miners to abusing them for sending out sextortion emails to millions of innocent people.
Extortion by email is growing significantly, with a large number of users recently complaining about receiving sextortion emails that |
Ransomware Malware | ||
|
2019-10-02 01:53:26 | How SMBs Can Mitigate the Growing Risk of File-based Attacks (lien direct) | Cases of document-based malware are steadily rising. 59 percent of all malicious files detected in the first quarter of 2019 were contained in documents.
Due to how work is done in today's offices and workplaces, companies are among those commonly affected by file-based attacks. Since small to medium businesses (SMBs) usually lack the kind of security that protects their larger counterparts, |
Malware | ||
|
2019-09-27 05:29:32 | Microsoft Warns of a New Rare Fileless Malware Hijacking Windows Computers (lien direct) | Watch out Windows users!
There's a new strain of malware making rounds on the Internet that has already infected thousands of computers worldwide and most likely, your antivirus program would not be able to detect it.
Why? That's because, first, it's an advanced fileless malware and second, it leverages only legitimate built-in system utilities and third-party tools to extend its |
Malware | ||
|
2019-09-26 12:21:53 | Outlook for Web Bans 38 More File Extensions in Email Attachments (lien direct) | Malware or computer virus can infect your computer in several different ways, but one of the most common methods of its delivery is through malicious file attachments over emails that execute the malware when you open them.
Therefore, to protect its users from malicious scripts and executable, Microsoft is planning to blacklist 38 additional file extensions by adding them to its list of file |
Malware |
To see everything:
Our RSS (filtrered)
