What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-11-18 10:24:41 | Chinese hackers use Google Drive to drop malware on govt networks (lien direct) | State-backed Chinese hackers launched a spearphishing campaign to deliver custom malware stored in Google Drive to government, research, and academic organizations worldwide. [...] | Malware | ||
|
2022-11-17 13:19:17 | QBot phishing abuses Windows Control Panel EXE to infect devices (lien direct) | Phishing emails distributing the QBot malware are using a DLL hijacking flaw in the Windows 10 Control Panel to infect computers, likely as an attempt to evade detection by security software. [...] | Malware | ||
|
2022-11-16 15:15:45 | Updated RapperBot malware targets game servers in DDoS attacks (lien direct) | The Mirai-based botnet 'RapperBot' has re-emerged via a new campaign that infects IoT devices for DDoS (Distributed Denial of Service) attacks against game servers. [...] | Malware | ||
|
2022-11-15 17:24:49 | North Korean hackers target European orgs with updated malware (lien direct) | North Korean hackers are using a new version of the DTrack backdoor to attack organizations in Europe and Latin America. [...] | Malware | ||
|
2022-11-11 11:26:33 | New BadBazaar Android malware linked to Chinese cyberspies (lien direct) | A previously undocumented Android spyware tool named 'BadBazaar' has been discovered targeting ethnic and religious minorities in China, most notably the Uyghurs in Xinjiang. [...] | Malware Tool | ||
|
2022-11-10 17:58:42 | Phishing drops IceXLoader malware on thousands of home, corporate devices (lien direct) | A ongoing phishing campaign has infected thousands of home and corporate users with a new version of the 'IceXLoader' malware. [...] | Malware | ||
|
2022-11-10 17:18:10 | (Déjà vu) Microsoft fixes Windows zero-day bug exploited to push malware (lien direct) | Windows has fixed a bug that prevented Mark of the Web flags from propagating to files within downloaded ISO files, dealing a massive blow to malware distributors and developers. [...] | Malware | ||
|
2022-11-10 17:18:10 | Microsoft fixes MoTW zero-day used to drop malware via ISO files (lien direct) | Windows has fixed a bug that prevented Mark of the Web flags from propagating to files within downloaded ISO files, dealing a massive blow to malware distributors and developers. [...] | Malware | ||
|
2022-11-10 14:17:25 | Worok hackers hide new malware in PNGs using steganography (lien direct) | A threat group tracked as 'Worok' hides malware within PNG images to infect victims' machines with information-stealing malware without raising alarms. [...] | Malware Threat | ||
|
2022-11-09 17:51:08 | New StrelaStealer malware steals your Outlook, Thunderbird accounts (lien direct) | A new information-stealing malware named 'StrelaStealer' is actively stealing email account credentials from Outlook and Thunderbird, two widely used email clients. [...] | Malware | ||
|
2022-11-08 17:56:13 | LockBit affiliate uses Amadey Bot malware to deploy ransomware (lien direct) | A LockBit 3.0 ransomware affiliate is using phishing emails that install the Amadey Bot to take control of a device and encrypt devices. [...] | Ransomware Malware | ||
|
2022-11-03 15:36:50 | RomCom RAT malware campaign impersonates KeePass, SolarWinds NPM, Veeam (lien direct) | The threat actor behind the RomCom RAT (remote access trojan) has refreshed its attack vector and is now abusing well-known software brands for distribution. [...] | Malware Threat | ||
|
2022-11-02 16:35:15 | (Déjà vu) Hundreds of U.S. news sites push malware in supply-chain attack (lien direct) | The compromised infrastructure of an undisclosed media company is being used by threat actors to deploy the SocGholish JavaScript malware framework (also known as FakeUpdates) on the websites of hundreds of newspapers across the U.S. [...] | Malware Threat | ||
|
2022-11-02 16:35:15 | Hundreds of U.S. news sites hit in SocGholish supply-chain attack (lien direct) | The compromised infrastructure of an undisclosed media company is being used by threat actors to deploy the SocGholish JavaScript malware framework (also known as FakeUpdates) on the websites of hundreds of newspapers across the U.S. [...] | Malware Threat | ||
|
2022-11-02 14:41:42 | (Déjà vu) Emotet botnet starts blasting malware again after 4 month break (lien direct) | The Emotet malware operation is again spamming malicious emails after almost a four-month "vacation" that saw little activity from the notorious cybercrime operation. [...] | Malware | ||
|
2022-11-02 14:41:42 | Emotet botnet starts blasting malware again after 5 month break (lien direct) | The Emotet malware operation is again spamming malicious emails after almost a five-month "vacation" that saw little activity from the notorious cybercrime operation. [...] | Malware | ||
|
2022-11-02 13:21:26 | Dozens of PyPI packages caught dropping \'W4SP\' info-stealing malware (lien direct) | Researchers have discovered over two dozen Python packages on the PyPI registry that are pushing info-stealing malware. [...] | Malware | ||
|
2022-11-01 06:48:34 | Google ad for GIMP.org served info-stealing malware via lookalike site (lien direct) | Searching for 'GIMP' on Google as recently as last week would show visitors an ad for 'GIMP.org,' the official website of the well known graphics editor, GNU Image Manipulation Program. But clicking on it drove visitors to a lookalike phishing website that provided them with a 700 MB executable disguised as GIMP which was malware. [...] | Malware | ||
|
2022-10-31 11:34:52 | Hacking group abuses antivirus software to launch LODEINFO malware (lien direct) | The Chinese Cicada hacking group, tracked as APT10, was observed abusing security software to install a new version of the LODEINFO malware against Japanese organizations. [...] | Malware | APT 10 | |
|
2022-10-28 16:08:28 | The Week in Ransomware - October 28th 2022 - Healthcare leaks (lien direct) | This week, we learned of healthcare data leaks out of Australia, information about existing attacks, and reports on how ransomware gangs operate and partner with malware developers for initial access. [...] | Ransomware Malware | ||
|
2022-10-28 06:00:00 | Android malware droppers with 130K installs found on Google Play (lien direct) | A set of Android malware droppers were found infiltrating the Google Play store to install malicious programs by pretending to be app updates. [...] | Malware | ||
|
2022-10-28 06:00:00 | Hackers use Microsoft IIS web server logs to control malware (lien direct) | The Cranefly hacking group, aka UNC3524, uses a previously unseen technique of controlling malware on infected devices via Microsoft Internet Information Services (IIS) web server logs. [...] | Malware | ||
|
2022-10-27 13:10:18 | Drinik Android malware now targets users of 18 Indian banks (lien direct) | A new version of the Drinik Android banking trojan targets 18 Indian banks, masquerading as the country's official tax management app to steal victims' personal information and banking credentials. [...] | Malware | ||
|
2022-10-25 15:02:37 | Ukrainian charged for operating Raccoon Stealer malware service (lien direct) | 26-year-old Ukrainian national Mark Sokolovsky has been charged for his involvement in the Raccoon Stealer malware-as-a-service (MaaS) cybercrime operation. [...] | Malware | ||
|
2022-10-23 11:15:19 | Thousands of GitHub repositories deliver fake PoC exploits with malware (lien direct) | Researchers at the Leiden Institute of Advanced Computer Science found thousands of repositories on GitHub that offer fake proof-of-concept (PoC) exploits for various vulnerabilities, some of them including malware. [...] | Malware | ||
|
2022-10-23 10:17:34 | Typosquat campaign mimics 27 brands to push Windows, Android malware (lien direct) | A massive, malicious campaign is underway using over 200 typosquatting domains that impersonate twenty-seven brands to trick visitors into downloading various Windows and Android malware. [...] | Malware | ||
|
2022-10-20 16:00:37 | Ursnif malware switches from bank account theft to initial access (lien direct) | A new version of the Ursnif malware (a.k.a. Gozi) emerged as a generic backdoor, stripped of its typical banking trojan functionality. [...] | Malware | ||
|
2022-10-20 11:03:41 | OldGremlin hackers use Linux ransomware to attack Russian orgs (lien direct) | OldGremlin, one of the few ransomware groups attacking Russian corporate networks, has expanded its toolkit with file-encrypting malware for Linux machines. [...] | Ransomware Malware | ||
|
2022-10-16 10:07:14 | New PHP information-stealing malware targets Facebook accounts (lien direct) | Threat analysts have spotted a new Ducktail campaign using a new infostealer variant and novel TTPs (tactics, techniques, and procedures), while the Facebook users it targets are no longer limited to holders of business accounts. [...] | Malware Threat | ||
|
2022-10-11 05:30:00 | Hacking group POLONIUM uses \'Creepy\' malware against Israel (lien direct) | Security researchers reveal previously unknown malware used by the cyber espionage hacking group 'POLONIUM,' threat actors who appear to target Israeli organizations exclusively. [...] | Malware Threat | ||
|
2022-10-10 16:24:51 | Hackers behind IcedID malware attacks diversify delivery tactics (lien direct) | The threat actors behind IcedID malware phishing campaigns are utilizing a wide variety of distribution methods, likely to determine what works best against different targets. [...] | Malware Threat | ||
|
2022-10-09 15:26:40 | (Déjà vu) Fake Solana Phantom security updates push crypto-stealing malware (lien direct) | Hackers are airdropping NFTs to Solana cryptocurrency owners pretending to be alerts for a new Phantom security update that lead to the installation of password-stealing malware and the theft of cryptocurrency wallets. [...] | Malware Guideline | ||
|
2022-10-09 15:26:40 | Solana Phantom security update NFTs push password-stealing malware (lien direct) | Hackers are airdropping NFTs to Solana cryptocurrency owners pretending to be alerts for a new Phantom security update that lead to the installation of password-stealing malware and the theft of cryptocurrency wallets. [...] | Malware Guideline | ||
|
2022-10-05 12:01:06 | Hundreds of Microsoft SQL servers backdoored with new malware (lien direct) | Security researchers have found a new piece of malware targeting Microsoft SQL servers. Named Maggie, the backdoor has already infected hundreds of machines all over the world. [...] | Malware | ||
|
2022-10-05 07:00:00 | New Android malware \'RatMilad\' can steal your data, record audio (lien direct) | A new Android spyware named 'RatMilad' was discovered targeting mobile devices in the Middle East, used to spy on victims and steal data. [...] | Malware | ||
|
2022-10-04 19:08:56 | (Déjà vu) Hackers stole data from US defense org using Impacket, CovalentStealer (lien direct) | The U.S. Government today released an alert about state-backed hackers using a custom CovalentStealer malware and the Impacket framework to steal sensitive data from a U.S. organization in the Defense Industrial Base (DIB) sector. [...] | Malware | ||
|
2022-10-04 19:08:56 | US Govt: Hackers stole data from US defense org using new malware (lien direct) | The U.S. Government today released an alert about state-backed hackers using a custom CovalentStealer malware and the Impacket framework to steal sensitive data from a U.S. organization in the Defense Industrial Base (DIB) sector. [...] | Malware | ||
|
2022-10-03 13:58:56 | Live support service hacked to spread malware in supply chain attack (lien direct) | The official installer for the Comm100 Live Chat application, a widely deployed SaaS (software-as-a-service) that businesses use for customer communication and website visitors, was trojanized as part of a new supply-chain attack. [...] | Malware | ||
|
2022-09-29 17:14:07 | Hacking group hides backdoor malware inside Windows logo image (lien direct) | Security researchers have discovered a malicious campaign by the 'Witchetty' hacking group, which uses steganography to hide a backdoor malware in a Windows logo. [...] | Malware | ||
|
2022-09-29 09:00:18 | New malware backdoors VMware ESXi servers to hijack virtual machines (lien direct) | Hackers have found a new method to establish persistence on VMware ESXi hypervisors to control vCenter servers and virtual machines for Windows and Linux while avoiding detection. [...] | Malware | ||
|
2022-09-29 03:05:27 | Upgraded Prilex Point-of-Sale malware bypasses credit card security (lien direct) | Security analysts have observed three new versions of Prilex this year, indicating that the authors and operators of the PoS-targeting malware are back to action. [...] | Malware | ||
|
2022-09-28 11:22:22 | New Chaos malware infects Windows, Linux devices for DDoS attacks (lien direct) | A quickly expanding botnet called Chaos is targeting and infecting Windows and Linux devices to use them for cryptomining and launching DDoS attacks. [...] | Malware | ||
|
2022-09-27 17:08:49 | New NullMixer dropper infects your PC with a dozen malware families (lien direct) | A new malware dropper named 'NullMixer' is infecting Windows devices with a dozen different malware families simultaneously through fake software cracks promoted on malicious sites in Google Search results. [...] | Malware | ||
|
2022-09-27 14:55:43 | Lazarus hackers drop macOS malware via Crypto.com job offers (lien direct) | The North Korean Lazarus hacking group is now using fake 'Crypto.com' job offers to hack developers and artists in the crypto space, likely with a long-term goal of stealing digital assets and cryptocurrency. [...] | Malware Hack | APT 38 | |
|
2022-09-26 15:54:17 | New Erbium password-stealing malware spreads as game cracks, cheats (lien direct) | The new 'Erbium' information-stealing malware is being distributed as fake cracks and cheats for popular video games to steal victims' credentials and cryptocurrency wallets. [...] | Malware | ||
|
2022-09-26 14:40:47 | Hackers use PowerPoint files for \'mouseover\' malware delivery (lien direct) | Hackers believed to work for Russia have started using a new code execution technique that relies on mouse movement in Microsoft PowerPoint presentations to trigger a malicious PowerShell script. [...] | Malware | ||
|
2022-09-25 11:14:27 | Ransomware data theft tool may show a shift in extortion tactics (lien direct) | Data exfiltration malware known as Exmatter and previously linked with the BlackMatter ransomware group is now being upgraded with data corruption functionality that may indicate a new tactic that ransomware affiliates might switch to in the future. [...] | Ransomware Malware Tool | ||
|
2022-09-21 13:55:49 | Malwarebytes mistakenly blocks Google, YouTube for malware (lien direct) | Malwarebytes has addressed a false positive that was blocking users from accessing websites and services hosted on the google.com domain, including Google search and Youtube. [...] | Malware | ||
|
2022-09-20 18:12:15 | 2K Games says hacked help desk targeted players with malware (lien direct) | American video game publisher 2K has confirmed that its help desk platform was hacked and used to target customers with fake support tickets pushing malware via embedded links. [...] | Malware | ||
|
2022-09-20 12:13:10 | (Déjà vu) 2K game support hacked to email RedLine info-stealing malware (lien direct) | Hackers have compromised the support system of American video game publisher 2K and now are sending support tickets to gamers containing the RedLine password-stealing malware. [...] | Malware |
To see everything:
Our RSS (filtrered)
