Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-08-17 03:01:05 |
Open source VideoLAN media player asks why it\'s blocked in India (lien direct) |
Rubbishes suggestions poisoned clones or ancient malware are worthy reasons for ban Developers of the open source VideoLAN media player have started sniping at India's government over an apparent block on the project's website.… |
Malware
|
|
|
|
2022-08-11 18:30:13 |
Sonatype spots another PyPI package behaving badly (lien direct) |
Identity of a real person was used to lend credence to a package that dropped cryptominer in memory Sonatype has unearthed yet more malware lurking on PyPI, this time a fileless Linux nasty designed to mine Monero and using the identity of a real person to lend credibility to the package.… |
Malware
|
|
|
|
2022-08-04 13:00:09 |
US aims to step up security for federal datacenters: Both physical and cyber (lien direct) |
Bit barns threatened by malware flingers, but fire, storms, or bad guys arriving at the sites are also bad news Proposed legislation in the US will seek to ensure greater protection for government datacenters from the threat of cyberattacks, but also physical dangers such as natural disasters and terrorism.… |
Malware
Threat
|
|
|
|
2022-07-27 05:03:08 |
Vietnamese attacker circumvents Facebook security with \'DUCKTAIL\' malware (lien direct) |
Session cookies and 2FA subversion allow takeover of biz and ad accounts, lead to unauthorized ad buys Security vendor WithSecure, which was spun out in March 2022 as F-Secure's enterprise security arm, claims it's found malware that targets Facebook Business accounts.… |
Malware
Guideline
|
|
|
|
2022-07-26 17:00:08 |
Luca Stealer malware spreads rapidly after code handily appears on GitHub (lien direct) |
Cool, another Rust project ... Oh A new info-stealer malware is spreading rapidly in the wild as the developer behind it continues to add capabilities and recently released the source code on GitHub.… |
Malware
|
|
|
|
2022-07-26 14:26:53 |
Ransomware less popular this year, but malware up: SonicWall cyber threat report (lien direct) |
Be ready for a rebound, and protect yourself with patching and segmentation SonicWall has published its latest threat report, showing a drop in ransomware but an increase in malware attacks in the first half of 2022.… |
Ransomware
Malware
Threat
Patching
|
|
|
|
2022-07-21 20:29:10 |
US Cyber Command spots another 20 malware strains targeting Ukraine (lien direct) |
Plus Mandiant, Cisco Talos uncover digital espionage US Cyber Command has disclosed 20 new strains of malware among the numerous software nasties and cyberattacks being used against Ukrainian targets over the last few months.… |
Malware
|
|
|
|
2022-07-20 23:56:43 |
Suspected Gozi malware gang \'CIO\' extradited to US on fraud, hacking charges (lien direct) |
Euro man allegedly known as 'Virus' faces years behind bars if convicted A man suspected of providing the IT infrastructure behind the Gozi banking trojan has been extradited to the US to face a string of computer fraud charges.… |
Malware
|
|
|
|
2022-07-20 20:36:03 |
(Déjà vu) Google: Kremlin-backed goons spread Android malware disguised as pro-Ukraine app (lien direct) |
Don't. Download. Unknown. Apps. Kremlin-backed criminals are trying to trick people into downloading Android malware by spoofing a Ukrainian military group, according to Google security researchers.… |
Malware
|
|
|
|
2022-07-20 20:36:03 |
Google: Kremlin-backed goons spread Andriod malware disguised as pro-Ukraine app (lien direct) |
Don't. Download. Unknown. Apps. Kremlin-backed criminals are trying to trick people into downloading Android malware by spoofing a Ukrainian military group, according to Google security researchers.… |
Malware
|
|
|
|
2022-07-18 19:12:53 |
Botnet malware disguises itself as password cracker for industrial controllers (lien direct) |
Can't get into that machine? No problem, just trust this completely sketchy looking tool Industrial engineers and operators are being lured into running backdoor malware disguised as tools for recovering access to work systems.… |
Malware
|
|
|
|
2022-07-16 14:34:10 |
North Koreans spotted harassing SMBs with malware (lien direct) |
Also: Lawyers told to dissuade clients from paying off ransomware crooks, and more In brief SMBs, beware: Microsoft said this week it has discovered a North Korean crew targeting small businesses with ransomware since September of last year.… |
Ransomware
Malware
|
|
|
|
2022-07-06 22:51:04 |
Here today, gone to Maui: That\'s your data captured by North Korean ransomware (lien direct) |
CISA, FBI, US Treasury warn Kim Jong-un's latest malware has hit healthcare orgs For the past year, state-sponsored hackers operating on behalf of North Korea have been using ransomware called Maui to attack healthcare organizations, US cybersecurity authorities said on Wednesday.… |
Ransomware
Malware
|
|
|
|
2022-07-06 17:50:04 |
Hive ransomware gang rapidly evolves with complex encryption, Rust code (lien direct) |
RaaS malware devs have been busy bees The Hive group, which has become one of the most prolific ransomware-as-a-service (RaaS) operators, has significantly changed its malware, including migrating the code to the Rust programming language and using a more complex encryption technique.… |
Ransomware
Malware
|
|
|
|
2022-07-06 05:27:10 |
Near-undetectable malware linked to Russia\'s Cozy Bear (lien direct) |
The fun folk who attacked Solar Winds using a poisoned CV and tools from the murky world of commercial hackware Palo Alto Networks' Unit 42 threat intelligence team has claimed that a piece of malware that 56 antivirus products were unable to detect is evidence that state-backed attackers have found new ways to go about the evil business.… |
Malware
Tool
Threat
|
APT 29
|
|
|
2022-06-10 14:50:38 |
Symbiote Linux malware spotted, and infections are \'very hard to detect\' (lien direct) |
'Performing live forensics on an infected machine may not turn anything up' warn researchers Intezer security researcher Joakim Kennedy and the BlackBerry Threat Research and Intelligence Team have analyzed an unusual piece of Linux malware they say is unlike most seen before - it isn't a standalone executable file.… |
Malware
Threat
|
|
|
|
2022-06-10 07:57:06 |
Emotet malware gang re-emerges with Chrome-based credit card heistware (lien direct) |
Crimeware groups are re-inventing themselves The criminals behind the Emotet botnet – which rose to fame as a banking trojan before evolving into spamming and malware delivery – are now using it to target credit card information stored in the Chrome web browser.… |
Malware
|
|
|
|
2022-06-09 11:45:09 |
Symantec: More malware operators moving in to exploit Follina (lien direct) |
Meanwhile Microsoft still hasn't patched the fatal flaw While enterprises are still waiting for Microsoft to issue a fix for the critical "Follina" vulnerability in Windows, yet more malware operators are moving in to exploit it.… |
Malware
Vulnerability
|
|
|
|
2022-06-09 00:29:36 |
Now Windows Follina zero-day exploited to infect PCs with Qbot (lien direct) |
Data-stealing malware also paired with Black Basta ransomware gang Miscreants are reportedly exploiting the recently disclosed critical Windows Follina zero-day flaw to infect PCs with Qbot, thus aggressively expanding their reach.… |
Ransomware
Malware
|
|
|
|
2022-06-03 22:55:42 |
Even Russia\'s Evil Corp now favors software-as-a-service (lien direct) |
Albeit to avoid US sanctions hitting it in the wallet The Russian-based Evil Corp is jumping from one malware strain to another in hopes of evading sanctions placed on it by the US government in 2019.… |
Malware
|
|
|
|
2022-06-03 12:30:11 |
Clipminer rakes in $1.7m in crypto hijacking scam (lien direct) |
Crooks divert transactions to own wallets while running mining on the side A crew using malware that performs cryptomining and clipboard-hacking operations have made off with at least $1.7 million in stolen cryptocurrency.… |
Malware
|
|
|
|
2022-06-02 08:03:13 |
Super-spreader FluBot squashed by Europol (lien direct) |
Your package is delayed. Click this innocent-looking link to reschedule FluBot, the super-spreader Android malware that infected tens of thousands of phones globally, has been reportedly squashed by an international law enforcement operation.… |
Malware
|
|
|
|
2022-06-01 10:02:09 |
Watch out for phishing emails that inject spyware trio (lien direct) |
You wait for one infection and then three come along at once An emailed report seemingly about a payment will, when opened in Excel on a Windows system, attempt to inject three pieces of file-less malware that steal sensitive information.… |
Malware
|
|
|
|
2022-06-01 03:47:40 |
EnemyBot malware adds enterprise flaws to exploit arsenal (lien direct) |
Fast-evolving botnet targets critical VMware, F5 BIG-IP bugs, we're told The botnet malware EnemyBot has added exploits to its arsenal, allowing it to infect and spread from enterprise-grade gear.… |
Malware
|
|
|
|
2022-05-27 11:26:09 |
This Windows malware uses PowerShell to inject malicious extension into Chrome (lien direct) |
And that's a bit odd, says Red Canary A strain of Windows uses PowerShell to add a malicious extension to a victim's Chrome browser for nefarious purposes. A macOS variant exists that uses Bash to achieve the same and also targets Safari.… |
Malware
|
|
|
|
2022-05-24 21:33:21 |
Patch now: Zoom chat messages can infect PCs, Macs, phones with malware (lien direct) |
Google Project Zero blows lid off bug involving that old chestnut: XML parsing Zoom has fixed a security flaw in its video-conferencing software that a miscreant could exploit with chat messages to potentially execute malicious code on a victim's device.… |
Malware
|
|
|
|
2022-05-24 10:04:08 |
It\'s 2022 and there are still malware-laden PDFs in emails exploiting bugs from 2017 (lien direct) |
Crafty file names, encrypted malicious code, Office flaws – ah, it's like the Before Times HP's cybersecurity folks have uncovered an email campaign that ticks all the boxes: messages with a PDF attached that embeds a Word document that upon opening infects the victim's Windows PC with malware by exploiting a four-year-old code-execution vulnerability in Microsoft Office.… |
Malware
Vulnerability
|
|
|
|
2022-05-23 06:57:13 |
Microsoft sounds the alarm on - wait for it - a Linux botnet (lien direct) |
Redmond claims the numbers are scary, but won't release them Microsoft has sounded the alarm on DDoS malware called XorDdos that targets Linux endpoints and servers.… |
Malware
|
|
|
|
2022-05-18 21:01:02 |
Meet Wizard Spider, the multimillion-dollar gang behind Conti, Ryuk malware (lien direct) |
Russia-linked crime-as-a-service crew is rich, professional – and investing in R&D Analysis Wizard Spider, the Russia-linked crew behind high-profile malware Conti, Ryuk and Trickbot, has grown over the past five years into a multimillion-dollar organization that has built a corporate-like operating model, a year-long study has found.… |
Malware
|
|
|
|
2022-05-18 07:27:05 |
Monero-mining botnet targets Windows, Linux web servers (lien direct) |
Sysrv-K malware infects unpatched tin, Microsoft warns The latest variant of the Sysrv botnet malware is menacing Windows and Linux systems with an expanded list of vulnerabilities to exploit, according to Microsoft.… |
Malware
|
|
|