Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-07-02 15:23:00 |
Windows 10 background image tool can be abused to download malware (lien direct) |
A binary in Windows 10 responsible for setting an image for the desktop and lock screen can help attackers download malware on a compromised system without raising the alarm. [...] |
Malware
Tool
|
|
|
|
2020-07-01 17:29:24 |
TrickBot malware now checks screen resolution to evade analysis (lien direct) |
The infamous TrickBot trojan has started to check the screen resolutions of victims to detect whether the malware is running in a virtual machine. [...] |
Malware
|
|
|
|
2020-07-01 15:38:19 |
Windows POS malware uses DNS to smuggle stolen credit cards (lien direct) |
A Windows Point-of-Sale (POS) malware has been discovered using the DNS protocol to smuggle stolen credit cards to a remote server under attacker's control. [...] |
Malware
|
|
|
|
2020-06-28 09:30:00 |
Chinese malware used in attacks against Australian orgs (lien direct) |
The Australian government released an advisory late last week about increased cyber activity from a state actor against networks belonging to its agencies and companies in the country. [...] |
Malware
|
|
|
|
2020-06-25 12:46:08 |
New Lucifer DDoS malware creates a legion of Windows minions (lien direct) |
A new botnet identified in the wild leverages close to a dozen exploits for high and critical-severity vulnerabilities against Windows systems to turn them into cryptomining clients and sources for distributed denial-of-service (DDoS) attacks. [...] |
Malware
|
|
|
|
2020-06-15 09:00:00 |
Intel adds CPU-level malware protection to Tiger Lake processors (lien direct) |
Intel today announced a new CPU-level security capability known as Control-Flow Enforcement Technology (Intel CET) that offers protection against malware using control-flow hijacking attack methods on devices with Intel's future Tiger Lake mobile processors. [...] |
Malware
|
|
|
|
2020-06-11 06:28:38 |
Gamaredon hackers use Outlook macros to spread malware to contacts (lien direct) |
New tools attributed to the Russia-linked Gamaredon hacker group include a module for Microsoft Outlook that creates custom emails with malicious documents and sends them to a victim's contacts. [...] |
Malware
|
|
|
|
2020-06-10 19:18:01 |
Fake Black Lives Matter voting campaign spreads Trickbot malware (lien direct) |
A phishing email campaign asking you to vote anonymously about Black Lives Matter is spreading the TrickBot information-stealing malware. [...] |
Malware
|
|
|
|
2020-06-09 12:00:00 |
Valak malware gets new plugin to steal Outlook login credentials (lien direct) |
Authors of the Valak information stealer are focusing more and more on stealing email credentials as researchers find a new module specifically built for this purpose. [...] |
Malware
|
|
|
|
2020-06-08 14:45:00 |
US energy providers hit with new malware in targeted attacks (lien direct) |
Several U.S. energy providers were targeted by spear-phishing campaigns delivering a new remote access trojan (RAT) capable of providing attackers with full control over infected systems. [...] |
Malware
|
|
|
|
2020-06-04 09:43:57 |
USBCulprit malware targets air-gapped systems to steal govt info (lien direct) |
The newly revealed USBCulprit malware is used by a group known as Cycldek, Conimes, or Goblin Panda and is designed for compromising air-gapped devices via USB. [...] |
Malware
|
|
|
|
2020-06-04 09:13:56 |
Bruteforce malware probes login for popular web platforms (lien direct) |
The malware looks for various systems for managing content, databases, and file transfers as well as backup files and administrator login paths. [...] |
Malware
|
|
|
|
2020-05-31 11:25:54 |
Here are the new security features in Windows 10 2004 (lien direct) |
Windows 10's May 2020 Update is rolling out to seekers, and it comes with new security features that offer better malware protection, easier logins, and stronger encryption for your wireless connections. [...] |
Malware
|
|
|
|
2020-05-31 09:35:00 |
Office 365 to give detailed info on malicious email attachments (lien direct) |
Microsoft will provide Office 365 Advanced Threat Protection (ATP) users with more details on malware samples and malicious URLs discovered following detonation. [...] |
Malware
Threat
|
|
|
|
2020-05-29 14:36:46 |
Nworm: TrickBot gang\'s new stealthy malware spreading module (lien direct) |
The Trickbot banking trojan has evolved once again with a new malware spreading module that uses a stealth mode to quietly infect Windows domain controllers without being detected. [...] |
Malware
|
|
|
|
2020-05-29 12:57:47 |
Valak malware steals credentials from Microsoft Exchange servers (lien direct) |
Classified initially as a malware loader, Valak has morphed into an information stealer that targets Microsoft Exchange servers to rob email login credentials and certificates from enterprises. [...] |
Malware
|
|
|
|
2020-05-28 11:00:00 |
New Octopus Scanner malware spreads via GitHub supply chain attack (lien direct) |
Security researchers have found a new malware that finds and backdoors open-source NetBeans projects hosted on the GitHub web-based code hosting platform to spread to Windows, Linux, and macOS systems and deploy a Remote Administration Tool (RAT). [...] |
Malware
Tool
|
|
★★
|
|
2020-05-26 11:22:03 |
Hacking group builds new Ketrum malware from recycled backdoors (lien direct) |
The Ke3chang hacking group historically believed to be operating out of China has developed new malware dubbed Ketrum by merging features and source code from their older Ketrican and Okrum backdoors. [...] |
Malware
|
APT 15
APT 25
|
|
|
2020-05-26 05:30:00 |
Russian cyberspies use Gmail to control updated ComRAT malware (lien direct) |
ESET security researchers have discovered a new version of the ComRAT backdoor controlled using the Gmail web interface and used by the state-backed Russian hacker group Turla for harvesting and stealing in attacks against governmental institutions. [...] |
Malware
|
|
|
|
2020-05-24 09:27:58 |
(Déjà vu) Discord client turned into a password stealer by updated malware (lien direct) |
A threat actor converted the AnarchyGrabber trojan into a new malware that steals passwords and user tokens, disables 2FA, and spreads malware to a victim's friends. [...] |
Malware
Threat
|
|
|
|
2020-05-24 09:27:58 |
Discord client turned into a password stealer by new malware (lien direct) |
A threat actor converted the AnarchyGrabber trojan into a new malware that steals passwords and user tokens, disables 2FA, and spreads malware to a victim's friends. [...] |
Malware
Threat
|
|
|
|
2020-05-22 03:28:00 |
ZLoader banking malware is back, deployed in over 100 campaigns (lien direct) |
A banking malware called ZLoader, last seen in early 2018, has been spotted in more than 100 email campaigns since the beginning of the year. [...] |
Malware
|
|
|
|
2020-05-21 07:40:09 |
New PipeMon malware uses Windows print processors for persistence (lien direct) |
Video game companies are once again victims of the Winnti hacking group, who used new malware that researchers named PipeMon and a novel method to achieve persistence. [...] |
Malware
|
|
|
|
2020-05-20 12:46:05 |
GhostDNS exploit kit source code leaked to antivirus company (lien direct) |
Malware analysts received unrestricted access to the components of GhostDNS exploit kit after the malware package essentially fell into their lap. [...] |
Malware
|
|
★★★★★
|
|
2020-05-19 11:27:39 |
NetWalker adjusts ransomware operation to only target enterprise (lien direct) |
NetWalker ransomware group is moving away from phishing for malware distribution and has adopted a network-intrusion model focusing on huge businesses only. [...] |
Ransomware
Malware
|
|
|
|
2020-05-18 12:17:03 |
Fake U.S. Dept of Treasury emails spreads new Node.js malware (lien direct) |
A new Node.js based remote access trojan and password-stealing malware is being distributed through malicious emails pretending to be from the U.S. Department of the Treasury. [...] |
Malware
|
|
|
|
2020-05-15 15:23:20 |
WordPress malware finds WooCommerce sites for Magecart attacks (lien direct) |
Researchers at website security firm Sucuri have discovered a new WordPress malware used by threat actors to scan for and identify WooCommerce online shops with a lot of customers. [...] |
Malware
Threat
|
|
|
|
2020-05-15 10:25:57 |
RATicate drops info stealing malware and RATs on industrial targets (lien direct) |
Security researchers from Sophos have identified a hacking group that abused NSIS installers to deploy remote access tools (RATs) and information-stealing malware in attacks targeting industrial companies. [...] |
Malware
|
|
|
|
2020-05-15 05:32:00 |
Backdoors in recent espionage attempts link to Microcin malware (lien direct) |
Antivirus engines foiled an advanced attacker's attempts to infiltrate a governmental institution and corporate networks of two companies in the telecommunications and gas sector. [...] |
Malware
|
|
|
|
2020-05-15 03:00:00 |
Microsoft Office 365 ATP getting malware campaign analysis (lien direct) |
Microsoft is in the process of expanding the Office 365 Advanced Threat Protection (ATP) capabilities with attack flow overviews of malware attacks targeting organizations. [...] |
Malware
Threat
|
|
|
|
2020-05-14 16:32:56 |
New COMpfun malware variant gets commands from HTTP error codes (lien direct) |
A new COMpfun remote access trojan (RAT) variant controlled using uncommon HTTP status codes was used in attacks targeting European diplomatic entities. [...] |
Malware
|
|
|
|
2020-05-14 12:02:44 |
ProLock Ransomware teams up with QakBot trojan for network access (lien direct) |
ProLock is a relatively new malware on the ransomware scene but has quickly attracted attention by targeting businesses and local governments and demanding huge ransoms for file decryption. [...] |
Ransomware
Malware
|
|
|
|
2020-05-13 16:03:13 |
New Ramsay malware steals files from air-gapped computers (lien direct) |
Malware analysts have found multiple samples of a new malware toolkit that can collect sensitive files from systems isolated from the internet. They call it Ramsay and there are few known victims to date. [...] |
Malware
|
|
|
|
2020-05-13 12:00:52 |
Microsoft warns of COVID-19 phishing spreading info-stealing malware (lien direct) |
Microsoft has discovered a new COVID-19 themed phishing campaign using economic concerns to target businesses with the LokiBot information-stealing Trojan. [...] |
Malware
|
|
|
|
2020-05-12 11:36:58 |
US govt exposes new North Korean malware, phishing attacks (lien direct) |
The US government today released information on three new malware variants used in malicious cyber activity campaigns by a North Korean government-backed hacker group tracked as HIDDEN COBRA. [...] |
Malware
Medical
|
APT 38
|
|
|
2020-05-11 15:28:15 |
Texas Courts hit by ransomware, network disabled to limit spread (lien direct) |
The Texas court system was hit by ransomware on Friday night, May 8th, which led to the branch network including websites and servers being disabled to block the malware from spreading to other systems. [...] |
Ransomware
Malware
|
|
|
|
2020-05-09 12:39:40 |
North Korean hackers infect real 2FA app to compromise Macs (lien direct) |
Hackers have hidden malware in a legitimate two-factor authentication (2FA) app for macOS to distribute Dacls, a remote access trojan associated with the North Korean Lazarus group. [...] |
Malware
Medical
|
APT 38
|
|
|
2020-05-05 16:38:07 |
Cyber volunteers release blocklists for 26,000 COVID-19 threats (lien direct) |
The COVID-19 Cyber Threat Coalition has released a block list of known URLs and domain names associated with Coronavirus-themed scams, phishing attacks, and malware threats. [...] |
Malware
Threat
|
|
|
|
2020-05-01 15:50:00 |
Hackers breach company\'s MDM server to spread Android malware (lien direct) |
Attackers infected more than 75% of a multinational conglomerate's managed Android devices with the Cerberus banking trojan using the company's compromised Mobile Device Manager (MDM) server. [...] |
Malware
|
|
|
|
2020-05-01 13:00:25 |
New phishing campaign packs an info-stealer, ransomware punch (lien direct) |
A new phishing campaign is distributing a double-punch of a LokiBot information-stealing malware along with a second payload in the form of the Jigsaw Ransomware. [...] |
Ransomware
Malware
|
|
|
|
2020-04-30 14:21:09 |
New Android malware steals financial information, bypasses 2FA (lien direct) |
A new banking Trojan can steal financial information from Android users across the United States and several European countries, including the UK, Germany, Italy, Spain, Switzerland, and France. [...] |
Malware
|
|
|
|
2020-04-28 17:00:30 |
Microsoft warns of malware surprise pushed via pirated movies (lien direct) |
Microsoft warns that malicious actors are taking advantage of the boost in traffic seen by movie piracy sites to infect victims with malware delivered via fake movie torrents. [...] |
Malware
|
|
|
|
2020-04-28 07:24:28 |
Lucy malware for Android adds file-encryption for ransomware ops (lien direct) |
A threat actor focusing on Android systems has expanded their malware-as-a-service (MaaS) business with file-encrypting capabilities for ransomware operations. [...] |
Ransomware
Malware
Threat
|
|
|
|
2020-04-27 11:07:06 |
Asnarök malware exploits firewall zero-day to steal credentials (lien direct) |
Some Sophos firewall products were attacked with a new Trojan malware, dubbed Asnarök by researchers cyber-security firm Sophos, to steal usernames and hashed passwords starting with April 22 according to an official timeline. [...] |
Malware
|
|
|
|
2020-04-24 15:18:37 |
Researchers: 30,000% increase in pandemic-related threats (lien direct) |
An increase of 30,000% in pandemic-related malicious attacks and malware was seen in March by security researchers at cloud security firm Zscaler when compared to the beginning of 2020 when the first threats started using COVID-19-related lures and themes. [...] |
Malware
|
|
|
|
2020-04-24 13:14:33 |
BazarBackdoor: TrickBot gang\'s new stealthy network-hacking malware (lien direct) |
A new phishing campaign is delivering a new stealthy backdoor from the developers of TrickBot that is used to compromise and gain full access to corporate networks. [...] |
Malware
|
|
|
|
2020-04-24 12:48:04 |
US universities targeted with malware used by state-backed actors (lien direct) |
Faculty and students at several U.S. colleges and universities were targeted in phishing attacks with a remote access Trojan (RAT) previously used by Chinese state-sponsored threat actors. [...] |
Malware
Threat
|
|
|
|
2020-04-22 18:00:01 |
Customer complaint phishing pushes network hacking malware (lien direct) |
A new phishing campaign is underway that targets a company's employees with fake customer complaints that install a new backdoor used to compromise a network. [...] |
Malware
|
|
|
|
2020-04-21 08:30:00 |
New Coronavirus screenlocker malware is extremely annoying (lien direct) |
A fake WiFi hacking program is being used to distribute a new Coronavirus-themed malware that tries to lock you out of Windows while making some very annoying sounds. [...] |
Malware
|
|
★★★
|
|
2020-04-21 04:00:00 |
Spearphishing campaigns target oil, gas companies with spyware (lien direct) |
Cybercriminals are targeting the oil and gas industry sector with highly targeted spearphishing campaigns impersonating shipment companies and engineering contractors while attempting to infect their targets with Agent Tesla info-stealer malware payloads. [...] |
Malware
|
|
|