What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-02-21 18:01:01 | Malware Campaigns Target Users of Pornhub, XVideos, Other Adult Websites (lien direct) | People who visit adult websites are being exposed on a daily basis to malware, phishing, and malicious spam campaigns, with premium accounts used on these websites that get stolen ending up on dark web markets. [...] | Spam Malware | ||
|
2019-02-18 15:55:02 | Multi-Stage Rietspoof Malware Drops Multiple Malicious Payloads (lien direct) | Rietspoof is a new malware family which uses a multi-stage delivery system, is designed to drop multiple payloads on the systems it infects, and that offers very little to no information on what audience it targets. [...] | Malware | ||
|
2019-02-13 14:26:05 | Shlayer Malware Disables macOS Gatekeeper to Run Unsigned Payloads (lien direct) | A new variant of the multi-stage Shlayer malware known to target macOS users has been observed in the wild, now being capable to escalate privileges using a two-year-old technique and to disable the Gatekeeper protection mechanism to run unsigned second stage payloads. [...] | Malware | ||
|
2019-02-12 10:59:02 | Windows Malware Runs on Macs, Bypasses Gatekeeper to Target Software Pirates (lien direct) | If it wasn't already obvious, pirating software is a risky business and this was again proven by a set of malicious executables targeting macOS users with info stealers and adware, and compiled as Windows EXE binaries with the help of the open source Mono framework. [...] | Malware | ||
|
2019-02-08 12:16:02 | Coinminer Targets Linux, Kills Competition to Maximize Profits (lien direct) | A new coinminer malware strain which targets the Linux platform and installs the XMR-Stak Cryptonight cryptocurrency miner has been observed while searching for and killing other Linux malware and coin miners present on the compromised machine. [...] | Malware | ||
|
2019-01-30 03:03:00 | New LockerGoga Ransomware Allegedly Used in Altran Attack (lien direct) | Hackers have infected the systems of Altran Technologies with malware that spread through the company network, affecting operations in some European countries. To protect client data and its assets, Altran decided to shut down its network and applications. [...] | Ransomware Malware | ||
|
2019-01-29 11:06:00 | Hackers Stole $1.7 Billion in Cryptocurrency Last Year (lien direct) | Cybercriminals going after digital coins had a good 2018, stealing a whopping $1.7 billion in cryptocurrency from exchange services, users, or investors. Different forms of scamming, extortion, hacking, and malware were the main methods used to get the money. [...] | Malware | ||
|
2019-01-25 06:45:00 | VeryMal Malvertiser Delivers Image-Based Malware (lien direct) | A malvertising group recently targeted Apple users in a campaign that delivered a payload hidden in advertisement images. The attack triggered at least 5 million times a day. [...] | Malware | ||
|
2019-01-24 18:55:00 | (Déjà vu) Google Chrome Adding Malicious Drive-By-Downloads Protection (lien direct) | Google is in the process of adding support for blocking drive-by downloads originating from website iframes, one of the techniques preferred by attackers to drop malware payloads on vulnerable machines [...] | Malware | ||
|
2019-01-24 18:55:00 | (Déjà vu) Drive-By-Download Protection Coming to Google Chrome (lien direct) | Google is in the process of adding support for blocking drive-by downloads originating from website iframes, one of the techniques preferred by attackers behind malvertising campaigns to drop malware payloads on vulnerable machines [...] | Malware | ||
|
2019-01-24 16:42:04 | New Ursnif Malware Campaign Uses Fileless Infection to Avoid Detection (lien direct) | A new malware campaign distributing the Ursnif banking Trojan using PowerShell to achieve fileless persistence to hide from anti-malware solutions was detected by Cisco's Advanced Malware Protection Exploit Prevention engine [...] | Malware | ||
|
2019-01-23 03:31:00 | 265 Researchers Take Down 100,000 Malware Distribution Websites (lien direct) | Security researchers across the globe united in a project dedicated to sharing URLs used in malicious campaigns managed to take down close to 100,000 websites actively engaged in malware distribution. [...] | Malware | ||
|
2019-01-17 12:00:00 | Android Apps Steal Banking Info, Use Motion Sensor to Evade Detection (lien direct) | Two Android apps infected with a banking malware dropper were found on the Google Play Store, already having been installed on thousands of Android devices and sporting dozens of fake five-star ratings. [...] | Malware | ||
|
2019-01-17 11:00:00 | Rocke\'s Cryptominers Kills Competition, Uninstall Cloud Security Products (lien direct) | Analysis of new malware samples used by the Rocke group for cryptojacking reveals code that uninstalls from Linux servers multiple cloud security and monitoring products developed by Tencent Cloud and Alibaba Cloud [...] | Malware | ||
|
2019-01-17 08:37:00 | Flaw in Telegram Reveals Awful OpSec from Malware Author (lien direct) | A weakness in the protection of messages delivered using the Telegram Bot API gave researchers access to the communication flow between a piece of malware and its operator. [...] | Malware | ||
|
2019-01-12 16:39:01 | Ryuk Ransomware Partners with TrickBot to Gain Access to Infected Networks (lien direct) | Ryuk has historically been considered a a targeted ransomware where the actors scope out networks in order to gain access and install their ransomware. New research now indicates that the Ryuk actors may be using other malware as an Access-as-a-Service to gain access to networks. [...] | Ransomware Malware | ||
|
2019-01-11 15:55:03 | Del Rio City Hall Forced to Use Paper After Ransomware Attack (lien direct) | The City Hall of Del Rio, Texas was hit by a ransomware attack on the morning of January 10, which led to dozens of computers on the network being turned off and disconnected from the Internet to contain and analyze the malware [...] | Ransomware Malware | ||
|
2019-01-10 04:26:00 | (Déjà vu) TA505 Group Adopts New ServHelper Backdoor and FlawedGrace RAT (lien direct) | Malware researchers discovered two new malware families distributed through phishing campaigns last year carried out by the TA505 cybercriminal group: ServHelper backdoor with two variants and FlawedGrace remote access trojan (RAT). [...] | Malware | ||
|
2019-01-10 04:26:00 | (Déjà vu) New ServHelper Backdoor and FlawedGrace RAT Pushed by Necurs Botnet (lien direct) | Malware researchers discovered two new malware families distributed through phishing campaigns last year from the Necurs botnet: ServHelper backdoor with two variants and FlawedGrace remote access trojan (RAT). [...] | Malware | ||
|
2019-01-07 10:14:01 | (Déjà vu) Apple iOS Games Found Talking to Golduck Malware C&C Servers (lien direct) | Researchers found 14 retro games in Apple's App Store that communicated with command-and-control servers previously used by the Android Golduck Loader [...] | Malware | ||
|
2019-01-07 10:14:01 | (Déjà vu) App Store Games Found Communicating with Golduck Malware C&C servers (lien direct) | Researchers found 14 retro games in Apple's App Store that communicated with command-and-control servers previously used by the Android Golduck Loader [...] | Malware | ★★ | |
|
2019-01-06 10:30:01 | Opera Blacklists Tampermonkey Extension Being Installed by Malware (lien direct) | Opera blacklisted the version of Tampermonkey that is currently offered on the Chrome Web Store as it is being installed by Windows malware. This prevents the extension from working in the Opera browser. [...] | Malware | ||
|
2019-01-03 17:00:04 | New Android Malware Combines Info-Stealing and Phishing Features (lien direct) | Android malware that combines info/data-stealing and phishing capabilities lurked in Google Play using the guise of legitimate looking apps; one of them was installed at least 100,000 times. [...] | Malware | ||
|
2018-12-27 09:47:03 | New Shamoon Sample from France Signed with Baidu Certificate (lien direct) | A new sample of Shamoon disk-wiping malware was uploaded from France recently to the VirusTotal scanning platform. It tries to pass as a system optimization tool from Chinese technology company Baidu. [...] | Malware Tool | ||
|
2018-12-25 15:27:03 | 18 Months Later, WannaCry Still Lurks on Infected Computers (lien direct) | Eighteen months after the initial outbreak of the WannaCry Ransomware infection, the malware continues to rear its head on thousands, if not hundreds of thousands, of infected computers. [...] | Malware | Wannacry | |
|
2018-12-14 13:19:03 | Microsoft Launches AI Malware Prediction Competition with $25K Prize (lien direct) | Microsoft is challenging the data science community to come up with AI models that can accurately predict whether a computer would become infected based on the device's configuration. The team who successfully predicts the most malware will win a prize of $25,000 USD. [...] | Malware | ||
|
2018-12-13 05:04:05 | (Déjà vu) Shamoon Disk-Wiping Malware Re-Emerges with a Third Variant (lien direct) | Two new samples of the Shamoon data have been discovered in the wild, after a period of silence that lasted for about two years. [...] | Malware | ||
|
2018-12-13 05:04:05 | (Déjà vu) Shamoon Disk-Wiping Malware Re-emerges with Two New Variants (lien direct) | Two new samples of the Shamoon data have been discovered in the wild, after a period of silence that lasted for about two years. [...] | Malware | ||
|
2018-12-13 02:47:00 | New LamePyre macOS Malware Sends Screenshots to Attacker (lien direct) | The world of macOS malware has a new member that makes no effort to keep appearances and looks rather like a bare-bones version that is still under development. [...] | Malware | ||
|
2018-12-12 11:26:05 | Op \'Sharpshooter\' Uses Lazarus Group Tactics, Techniques, and Procedures (lien direct) | A new advanced threat actor has emerged on the radar, targeting organizations in the defense and the critical infrastructure sectors with fileless malware and an exploitation tool that borrows code from a trojan associated with the Lazarus group [...] | Malware Tool Threat Medical | APT 38 | |
|
2018-12-12 02:51:00 | Android Malware Tricks User to Log into PayPal to Steal Funds (lien direct) | An Android malware posing as a battery optimization app social engineers its way into stealing funds from PayPal users, despite two-factor authentication protection, by simply prompting them to log into the app. [...] | Malware | ||
|
2018-12-07 11:57:05 | DanaBot Banking Trojan Gets into Spam Business (lien direct) | Authors of the DanaBot banking trojans updated the malware with new features that enabled it to harvest email addresses and send out spam straight from the victim's mailbox. [...] | Spam Malware | ||
|
2018-12-05 14:59:04 | SNDBOX - an AI Powered Malware Analysis Site is Launched (lien direct) | Today at Blackhat Europe, a new malware analysis service was unveiled called SNDBOX that utilizes artificial intelligence and a hardened virtual environment to perform static and dynamic analysis of malware samples. [...] | Malware | ||
|
2018-11-20 18:51:00 | Emotet Returns with Thanksgiving Theme and Better Phishing Tricks (lien direct) | After a short break, Emotet malware has been observed concealed in documents delivered through emails that pretended to be from financial institutions or disguised as Thanksgiving-themed greetings for employees. [...] | Malware | ||
|
2018-11-20 09:26:01 | New Cannon Trojan Is the Latest Asset of Sofacy APT Group (lien direct) | Advanced threat group Sofacy delivers a new malware sample dubbed Cannon in a spear-phishing attack that targets government organizations in North America, Europe and in a former Soviet state. [...] | Malware Threat | ||
|
2018-11-13 03:30:00 | HookAds Malvertising Installing Malware via the Fallout Exploit Kit (lien direct) | The HookAds malvertising campaign has been active lately and redirecting visitors to the Fallout Exploit Kit. Once the kit is activated, it will attempt to exploit known vulnerabilities in Windows to install different malware such as the DanaBot banking Trojan, the Nocturnal information stealer, and GlobeImposter ransomware. [...] | Malware | ||
|
2018-11-05 16:10:05 | Microsoft is Porting Sysinternals Tools to Linux - ProcDump Released (lien direct) | If you have administered Windows computers or assisted in Windows malware removal, then there is a good chance you have heard of the popular free Sysinternals utilities. [...] | Malware | ||
|
2018-10-31 20:59:01 | New Stuxnet Variant Allegedly Struck Iran (lien direct) | A malware similar in nature to Stuxnet but more aggressive and sophisticated allegedly hit the infrastructure and strategic networks in Iran. [...] | Malware | ||
|
2018-10-30 05:58:04 | Compression File Formats of the past Come Haunting in Spam Campaigns (lien direct) | Some ancient filetypes are making a comeback due to unwanted attention from cybercriminals looking for more effective ways to hide malware distributed through spam campaigns. [...] | Spam Malware | ||
|
2018-10-25 12:24:01 | Malware Distributors Adopt DKIM to Bypass Mail Filters (lien direct) | A US-CERT alert provided recommendations on how businesses can mitigate their exposure to the Emotet Trojan. Unfortunately, it looks like criminals also reading the US-CERT's warnings as they have adopted new techniques to bypass these recommendations. [...] | Malware | ||
|
2018-10-17 07:03:04 | New GreyEnergy Malware Targets ICS, Tied with BlackEnergy and TeleBots (lien direct) | A new advanced threat actor is now on the public map of adversaries that target systems in the critical infrastructure sector. The name is GreyEnergy and it shows similarities with the BlackEnergy group. [...] | Malware Threat | ||
|
2018-10-15 19:47:01 | New Technique Recycles Exploit Chain to Keep Antivirus Silent (lien direct) | In a new malware campaign, cybercriminals modified a known exploit chain to push Agent Tesla info stealer without triggering detection from common antivirus products. [...] | Malware | Tesla | |
|
2018-10-11 11:54:03 | New Android Trojan Gplayed Adapts to Attacker\'s Needs (lien direct) | A newly discovered piece of malware for Android raises the bar in terms of sophistication and flexibility, offering its operator adaptability to various tasks. [...] | Malware | ||
|
2018-10-11 08:23:04 | New Backdoor Ties NotPetya and Industroyer to TeleBots Group (lien direct) | Security researchers found the missing link that helps them prove that the NotPetya disk-wiping malware and the Industroyer backdoor for electric power systems are the work of the TeleBots group. [...] | Malware | NotPetya | |
|
2018-10-02 20:36:01 | Cheap Android Phones and Poor Quality Control Leads to Malware Surprise (lien direct) | The abundance and variety of low cost Android phones is one of the reasons that Android has become so popular around the world. Unfortunately, low priced phones could also mean less operating revenue and thus possibly a lower quality control. Such is the case with a cheap Android phone and has a remote access trojan preinstalled. [...] | Malware | ||
|
2018-10-02 15:33:00 | Danabot Banking Malware Now Targeting Banks in the U.S. (lien direct) | The DanaBot banking Trojan traditionally ran campaigns that targeted Australia and European banks, but new research shows a new campaign that is targeting banks in the United States as well. [...] | Malware | ||
|
2018-10-01 11:00:00 | Report Ties North Korean Attacks to New Malware, Linked by Word Macros (lien direct) | Newly discovered malware from the world of cyberespionage connects the dots between the tools and operations of the little-known Reaper group believed to act on behalf of the North Korean government. [...] | Malware Cloud | APT 37 | |
|
2018-09-21 16:26:05 | Malware Disguised as Job Offers Distributed on Freelance Sites (lien direct) | Attackers are using freelance job sites such as fiverr and Freelancer to distribute malware disguised as job offers. These job offers contain attachments that pretends to be the job brief, but are actually installers for keyloggers such as Agent Tesla or Remote Access Trojan (RATs). [...] | Malware | Tesla | |
|
2018-09-18 18:35:05 | Xbash Malware Deletes Databases on Linux, Mines for Coins on Windows (lien direct) | What may very well be considered a cybercriminal's dream tool is now real and it is hunting Windows and Linux servers: a botnet with self-spreading capabilities that combines cryptomining and ransomware functions. [...] | Ransomware Malware Tool | ||
|
2018-09-13 09:50:03 | Malicious Kodi Add-ons Install Windows & Linux Coin Mining Trojans (lien direct) | Some unofficial add-ons for Kodi open-source media player come with malware that mines for Monero cryptocurrency on Windows and Linux platforms. [...] | Malware |
To see everything:
Our RSS (filtrered)
