What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-10-19 23:04:02 | U.S. Charges 6 Russian Intelligence Officers Over Destructive Cyberattacks (lien direct) | The US government on Monday formally charged six Russian intelligence officers for carrying out destructive malware attacks with an aim to disrupt and destabilize other nations and cause monetary losses.
The individuals, who work for Unit 74455 of the Russian Main Intelligence Directorate (GRU), have been accused of perpetrating the "most disruptive and destructive series of computer attacks |
Malware | ||
|
2020-10-14 06:05:01 | FIN11 Hackers Spotted Using New Techniques In Ransomware Attacks (lien direct) | A financially-motivated threat actor known for its malware distribution campaigns has evolved its tactics to focus on ransomware and extortion.
According to FireEye's Mandiant threat intelligence team, the collective - known as FIN11 - has engaged in a pattern of cybercrime campaigns at least since 2016 that involves monetizing their access to organizations' networks, in addition to deploying |
Ransomware Malware Threat | ||
|
2020-10-07 02:51:25 | ALERT! Hackers targeting IoT devices with a new P2P botnet malware (lien direct) | Cybersecurity researchers have taken the wraps off a new botnet hijacking Internet-connected smart devices in the wild to perform nefarious tasks, mostly DDoS attacks, and illicit cryptocurrency coin mining.
Discovered by Qihoo 360's Netlab security team, the HEH Botnet - written in Go language and armed with a proprietary peer-to-peer (P2P) protocol, spreads via a brute-force attack of the |
Malware | ||
|
2020-10-06 01:33:43 | New \'MosaicRegressor\' UEFI Bootkit Malware Found Active in the Wild (lien direct) | Cybersecurity researchers have spotted a rare kind of potentially dangerous malware that targets a machine's booting process to drop persistent malware.
The campaign involved the use of a compromised UEFI (or Unified Extensible Firmware Interface) containing a malicious implant, making it the second known public case where a UEFI rootkit has been used in the wild.
According to Kaspersky, the |
Malware | ||
|
2020-10-05 07:08:16 | New Flaws in Top Antivirus Software Could Make Computers More Vulnerable (lien direct) | Cybersecurity researchers today disclosed details of security vulnerabilities found in popular antivirus solutions that could enable attackers to elevate their privileges, thereby helping malware sustain its foothold on the compromised systems.
According to a report published by CyberArk Labs today and shared with The Hacker News, the high privileges often associated with anti-malware products |
Malware | ||
|
2020-10-02 02:59:55 | Researchers Fingerprint Exploit Developers Who Help Several Malware Authors (lien direct) | Writing advanced malware for a threat actor requires different groups of people with diverse technical expertise to put them all together. But can the code leave enough clues to reveal the person behind it?
To this effect, cybersecurity researchers on Friday detailed a new methodology to identify exploit authors that use their unique characteristics as a fingerprint to track down other exploits |
Malware Threat | ||
|
2020-09-18 01:45:03 | U.S. Treasury Sanctions Hacking Group Backed by Iranian Intelligence (lien direct) | The U.S. government on Thursday imposed sweeping sanctions against an Iranian threat actor backed by the country's Ministry of Intelligence and Security (MOIS) for carrying out malware campaigns targeting Iranian dissidents, journalists, and international companies in the telecom and travel sectors.
According to the U.S. Treasury and the Federal Bureau of Investigation (FBI), the sanctions target |
Malware Threat | ||
|
2020-09-11 05:05:15 | New Linux Malware Steals Call Details from VoIP Softswitch Systems (lien direct) | Cybersecurity researchers have discovered an entirely new kind of Linux malware dubbed "CDRThief" that targets voice over IP (VoIP) softswitches in an attempt to steal phone call metadata.
"The primary goal of the malware is to exfiltrate various private data from a compromised softswitch, including call detail records (CDR)," ESET researchers said in a Thursday analysis.
"To steal this |
Malware | ||
|
2020-09-08 05:31:53 | Japan, France, New Zealand Warn of Sudden Uptick in Emotet Trojan Attacks (lien direct) | Cybersecurity agencies across Asia and Europe have issued multiple security alerts regarding the resurgence of email-based Emotet malware attacks targeting businesses in France, Japan, and New Zealand.
"The emails contain malicious attachments or links that the receiver is encouraged to download," New Zealand's Computer Emergency Response Team (CERT) said. "These links and attachments may |
Malware | ||
|
2020-08-28 03:36:28 | Iranian Hackers Pose as Journalists to Trick Victims Into Installing Malware (lien direct) | An Iranian cyberespionage group known for targeting government, defense technology, military, and diplomacy sectors is now impersonating journalists to approach targets via LinkedIn and WhatsApp and infect their devices with malware.
Detailing the new tactics of the "Charming Kitten" APT group, Israeli firm Clearsky said, "starting July 2020, we have identified a new TTP of the group, |
Malware Conference | APT 35 | |
|
2020-08-26 11:30:25 | Russian Arrested After Offering $1 Million to U.S. Company Employee for Planting Malware (lien direct) | Hackers always find a way in, even if there's no software vulnerability to exploit.
The FBI has arrested a Russian national who recently traveled to the United States and offered $1 million in bribe to an employee of a targeted company for his help in installing malware into the company's computer network manually.
Egor Igorevich Kriuchkov, 27-year-old, entered the United States as a tourist |
Malware Vulnerability | ||
|
2020-08-22 00:49:43 | A Google Drive \'Feature\' Could Let Attackers Trick You Into Installing Malware (lien direct) | An unpatched security weakness in Google Drive could be exploited by malware attackers to distribute malicious files disguised as legitimate documents or images, enabling bad actors to perform spear-phishing attacks comparatively with a high success rate.
The latest security issue-of which Google is aware but, unfortunately, left unpatched-resides in the "manage versions" functionality |
Malware | ||
|
2020-08-20 12:44:34 | Hackers Target Defence Contractors\' Employees By Posing as Recruiters (lien direct) | The United States Cybersecurity and Infrastructure Security Agency (CISA) has published a new report warning companies about a new in-the-wild malware that North Korean hackers are reportedly using to spy on key employees at government contracting companies.
Dubbed 'BLINDINGCAN,' the advanced remote access trojan acts as a backdoor when installed on compromised computers.
According to the FBI |
Malware | ||
|
2020-08-19 03:05:47 | A New Fileless P2P Botnet Malware Targeting SSH Servers Worldwide (lien direct) | Cybersecurity researchers today took the wraps off a sophisticated, multi-functional peer-to-peer (P2P) botnet written in Golang that has been actively targeting SSH servers since January 2020.
Called "FritzFrog," the modular, multi-threaded and file-less botnet has breached more than 500 servers to date, infecting well-known universities in the US and Europe, and a railway company, according |
Malware | ||
|
2020-08-17 05:45:27 | Researchers Exploited A Bug in Emotet to Stop the Spread of Malware (lien direct) | Emotet, a notorious email-based malware behind several botnet-driven spam campaigns and ransomware attacks, contained a flaw that allowed cybersecurity researchers to activate a kill-switch and prevent the malware from infecting systems for six months.
"Most of the vulnerabilities and exploits that you read about are good news for attackers and bad news for the rest of us," Binary Defense's |
Ransomware Spam Malware | ||
|
2020-08-10 02:25:38 | Researcher Demonstrates Several Zoom Vulnerabilities at DEF CON 28 (lien direct) | Popular video conferencing app Zoom has addressed several security vulnerabilities, two of which affect its Linux client that could have allowed an attacker with access to a compromised system to read and exfiltrate Zoom user data-and even run stealthy malware as a sub-process of a trusted application.
According to cybersecurity researcher Mazin Ahmed, who presented his findings at DEF CON |
Malware | ||
|
2020-08-04 01:32:36 | US Government Warns of a New Strain of Chinese \'Taidoor\' Virus (lien direct) | Intelligence agencies in the US have released information about a new variant of 12-year-old computer virus used by China's state-sponsored hackers targeting governments, corporations, and think tanks.
Named "Taidoor," the malware has done an 'excellent' job of compromising systems as early as 2008, with the actors deploying it on victim networks for stealthy remote access.
"[The] FBI has |
Malware | ||
|
2020-07-28 05:56:43 | Undetectable Linux Malware Targeting Docker Servers With Exposed APIs (lien direct) | Cybersecurity researchers today uncovered a completely undetectable Linux malware that exploits undocumented techniques to stay under the radar and targets publicly accessible Docker servers hosted with popular cloud platforms, including AWS, Azure, and Alibaba Cloud.
Docker is a popular platform-as-a-service (PaaS) solution for Linux and Windows designed to make it easier for developers to |
Malware | ||
|
2020-07-27 23:57:33 | QSnatch Data-Stealing Malware Infected Over 62,000 QNAP NAS Devices (lien direct) | Cybersecurity agencies in the US and UK yesterday issued a joint advisory about a massive ongoing malware threat infecting Taiwanese company QNAP's network-attached storage (NAS) appliances.
Called QSnatch (or Derek), the data-stealing malware is said to have compromised 62,000 devices since reports emerged last October, with a high degree of infection in Western Europe and North America.
" |
Malware Threat | ||
|
2020-07-23 02:18:46 | North Korean Hackers Spotted Using New Multi-Platform Malware Framework (lien direct) | Lazarus Group, the notorious hacking group with ties to the North Korean regime, has unleashed a new multi-platform malware framework with an aim to infiltrate corporate entities around the world, steal customer databases, and distribute ransomware.
Capable of targeting Windows, Linux, and macOS operating systems, the MATA malware framework - so-called because of the authors' reference to the |
Malware Medical | APT 38 | |
|
2020-07-16 03:28:33 | New Android Malware Now Steals Passwords For Non-Banking Apps Too (lien direct) | Cybersecurity researchers today uncovered a new strain of banking malware that targets not only banking apps but also steals data and credentials from social networking, dating, and cryptocurrency apps-in total 337 non-financial Android applications on it's target list.
Dubbed "BlackRock" by ThreatFabric researchers, which discovered the trojan in May, its source code is derived from a leaked |
Malware | ||
|
2020-07-15 05:39:17 | 4 Dangerous Brazilian Banking Trojans Now Trying to Rob Users Worldwide (lien direct) | Cybersecurity researchers on Tuesday detailed as many as four different families of Brazilian banking trojans that have targeted financial institutions in Brazil, Latin America, and Europe.
Collectively called the "Tetrade" by Kaspersky researchers, the malware families - comprising Guildma, Javali, Melcoz, and Grandoreiro - have evolved their capabilities to function as a backdoor and adopt |
Malware | ||
|
2020-07-09 03:01:04 | Joker Malware Apps Once Again Bypass Google\'s Security to Spread via Play Store (lien direct) | Cybersecurity researchers took the wraps off yet another instance of Android malware hidden under the guise of legitimate applications to stealthily subscribe unsuspecting users for premium services without their knowledge.
In a report published by Check Point research today, the malware - infamously called Joker (or Bread) - has found another trick to bypass Google's Play Store protections: |
Malware | ||
|
2020-07-07 02:56:05 | Microsoft Launches Free Linux Forensics and Rootkit Malware Detection Service (lien direct) | Microsoft has announced a new free-to-use initiative aimed at uncovering forensic evidence of sabotage on Linux systems, including rootkits and intrusive malware that may otherwise go undetected.
The cloud offering, dubbed Project Freta, is a snapshot-based memory forensic mechanism that aims to provide automated full-system volatile memory inspection of virtual machine (VM) snapshots, with |
Malware | ||
|
2020-07-01 02:08:13 | A New Ransomware Targeting Apple macOS Users Through Pirated Apps (lien direct) | Cybersecurity researchers this week discovered a new type of ransomware targeting macOS users that spreads via pirated apps.
According to several independent reports from K7 Lab malware researcher Dinesh Devadoss, Patrick Wardle, and Malwarebytes, the ransomware variant - dubbed "EvilQuest" - is packaged along with legitimate apps, which upon installation, disguises itself as Apple's |
Ransomware Malware | ||
|
2020-06-25 03:42:20 | Docker Images Containing Cryptojacking Malware Distributed via Docker Hub (lien direct) | With Docker gaining popularity as a service to package and deploy software applications, malicious actors are taking advantage of the opportunity to target exposed API endpoints and craft malware-infested images to facilitate distributed denial-of-service (DDoS) attacks and mine cryptocurrencies.
According to a report published by Palo Alto Networks' Unit 42 threat intelligence team, the |
Malware Threat | ||
|
2020-06-23 04:03:32 | VirusTotal Adds Cynet\'s Artificial Intelligence-Based Malware Detection (lien direct) | VirusTotal, the famous multi-antivirus scanning service owned by Google, recently announced new threat detection capabilities it added with the help of an Israeli cybersecurity firm.
VirusTotal provides a free online service that analyzes suspicious files and URLs to detect malware and automatically shares them with the security community. With the onslaught of new malware types and samples, |
Malware Threat | ||
|
2020-06-17 05:48:14 | Hackers Target Military and Aerospace Staff by Posing as HRs Offering Jobs (lien direct) | Cybersecurity researchers today took the wraps off a new sophisticated cyber-espionage campaign directed against aerospace and military organizations in Europe and the Middle East with an aim to spy on key employees of the targeted firms and, in some case, even to siphon money.
The campaign, dubbed "Operation In(ter)ception" because of a reference to "Inception" in the malware sample, took |
Malware | ||
|
2020-06-11 14:35:49 | A Bug in Facebook Messenger for Windows Could\'ve Helped Malware Gain Persistence (lien direct) | Cybersecurity researchers at Reason Labs, the threat research arm of security solutions provider Reason Cybersecurity, today disclosed details of a vulnerability they recently discovered in the Facebook Messenger application for Windows.
The vulnerability, which resides in Messenger version 460.16, could allow attackers to leverage the app to potentially execute malicious files already |
Malware Vulnerability Threat | ||
|
2020-05-27 03:31:37 | Chinese Researchers Disrupt Malware Attack That Infected Thousands of PCs (lien direct) | Chinese security firm Qihoo 360 Netlab said it partnered with tech giant Baidu to disrupt a malware botnet infecting over hundreds of thousands of systems.
The botnet was traced back to a group it calls ShuangQiang (also called Double Gun), which has been behind several attacks since 2017 aimed at compromising Windows computers with MBR and VBR bootkits, and installing malicious drivers for |
Malware | ||
|
2020-05-26 02:48:01 | New ComRAT Malware Uses Gmail to Receive Commands and Exfiltrate Data (lien direct) | Cybersecurity researchers today uncovered a new advanced version of ComRAT backdoor, one of the earliest known backdoors used by the Turla APT group, that leverages Gmail's web interface to covertly receive commands and exfiltrate sensitive data.
"ComRAT v4 was first seen in 2017 and known still to be in use as recently as January 2020," cybersecurity firm ESET said in a report shared with |
Malware | ||
|
2020-05-15 02:43:00 | HTTP Status Codes Command This Malware How to Control Hacked Systems (lien direct) | A new version of COMpfun remote access trojan (RAT) has been discovered in the wild that uses HTTP status codes to control compromised systems targeted in a recent campaign against diplomatic entities in Europe.
The cyberespionage malware-traced to Turla APT with "medium-to-low level of confidence" based on the history of compromised victims-spread via an initial dropper that masks itself as |
Malware | ||
|
2020-05-13 07:54:43 | Researcher Spots New Malware Claimed to be \'Tailored for Air‑Gapped Networks\' (lien direct) | A cybersecurity researcher at ESET today published an analysis of a new piece of malware, a sample of which they spotted on the Virustotal malware scanning engine and believe the hacker behind it is likely interested in some high-value computers protected behind air‑gapped networks.
Dubbed 'Ramsay,' the malware is still under development with two more variants (v2.a and v2.b) spotted in the |
Malware | ||
|
2020-05-13 02:35:07 | U.S Defence Warns of 3 New Malware Used by North Korean Hackers (lien direct) | Yesterday, on the 3rd anniversary of the infamous global WannaCry ransomware outbreak for which North Korea was blamed, the U.S. government released information about three new malware strains used by state-sponsored North Korean hackers.
Called COPPERHEDGE, TAINTEDSCRIBE, and PEBBLEDASH, the malware variants are capable of remote reconnaissance and exfiltration of sensitive information from |
Ransomware Malware | Wannacry | |
|
2020-05-04 04:59:47 | New Malware Jumps Air-Gapped Devices by Turning Power-Supplies into Speakers (lien direct) | A researcher from Israel's Ben Gurion University of the Negev recently demonstrated a new kind of malware that could be used to covertly steal highly sensitive data from air-gapped and audio-gapped systems using a novel acoustic quirk in power supply units that come with modern computing devices.
Dubbed 'POWER-SUPPLaY,' the latest research builds on a series of techniques leveraging |
Malware | ||
|
2020-04-30 05:14:47 | New Android Malware Steals Banking Passwords, Private Data and Keystrokes (lien direct) | A new type of mobile banking malware has been discovered abusing Android's accessibility features to exfiltrate sensitive data from financial applications, read user SMS messages, and hijack SMS-based two-factor authentication codes.
Called "EventBot" by Cybereason researchers, the malware is capable of targeting over 200 different financial apps, including banking, money transfer services, |
Malware | ||
|
2020-04-24 03:38:56 | Malicious USB Drives Infect 35,000 Computers With Crypto-Mining Botnet (lien direct) | Cybersecurity researchers from ESET on Thursday said they took down a portion of a malware botnet comprising at least 35,000 compromised Windows systems that attackers were secretly using to mine Monero cryptocurrency.
The botnet, named "VictoryGate," has been active since May 2019, with infections mainly reported in Latin America, particularly Peru accounting for 90% of the compromised |
Malware | ||
|
2020-04-20 03:58:02 | COVID-Themed Lures Target SCADA Sectors With Data Stealing Malware (lien direct) | A new malware campaign has been found using coronavirus-themed lures to strike government and energy sectors in Azerbaijan with remote access trojans (RAT) capable of exfiltrating sensitive documents, keystrokes, passwords, and even images from the webcam.
The targeted attacks employ Microsoft Word documents as droppers to deploy a previously unknown Python-based RAT dubbed "PoetRAT" due to |
Malware | ||
|
2020-04-08 03:55:51 | Dark Nexus: A New Emerging IoT Botnet Malware Spotted in the Wild (lien direct) | Cybersecurity researchers have discovered a new emerging IoT botnet threat that leverages compromised smart devices to stage 'distributed denial-of-service' attacks, potentially triggered on-demand through platforms offering DDoS-for-hire services.
The botnet, named "dark_nexus" by Bitdefender researchers, works by employing credential stuffing attacks against a variety of devices, such as |
Malware Threat | ||
|
2020-04-07 06:48:57 | Unveiled: How xHelper Android Malware Re-Installs Even After Factory Reset (lien direct) | Remember xHelper?
A mysterious piece of Android malware that re-installs itself on infected devices even after users delete it or factory reset their devices-making it nearly impossible to remove.
xHelper reportedly infected over 45,000 devices last year, and since then, cybersecurity researchers have been trying to unfold how the malware survives factory reset and how it infected so many |
Malware | ||
|
2020-03-30 03:33:19 | COVID-19: Hackers Begin Exploiting Zoom\'s Overnight Success to Spread Malware (lien direct) | As people increasingly work from home and online communication platforms such as Zoom explode in popularity in the wake of coronavirus outbreak, cybercriminals are taking advantage of the spike in usage by registering new fake "Zoom" domains and malicious "Zoom" executable files in an attempt to trick people into downloading malware on their devices.
According to a report published by Check |
Malware | ||
|
2020-03-26 02:52:22 | Watch Out: Android Apps in Google Play Store Capitalizing on Coronavirus Outbreak (lien direct) | Preying on public fears, the ongoing coronavirus outbreak is proving to be a goldmine of opportunity for attackers to stage a variety of malware attacks, phishing campaigns, and create scam sites and malicious tracker apps.
Now in a fresh twist, third-party Android app developers too have begun to take advantage of the situation to use coronavirus-related keywords in their app names, |
Malware | ||
|
2020-03-25 08:53:40 | TrickBot Mobile App Bypasses 2‐Factor Authentication for Net Banking Services (lien direct) | The malware authors behind TrickBot banking Trojan have developed a new Android app that can intercept one-time authorization codes sent to Internet banking customers via SMS or relatively more secure push notifications, and complete fraudulent transactions.
The Android app, called "TrickMo" by IBM X-Force researchers, is under active development and has exclusively targeted German users |
Malware | ||
|
2020-03-24 03:00:25 | Over 50 Android Apps for Kids on Google Play Store Caught in Ad Fraud Scheme (lien direct) | More than 50 Android apps on the Google Play Store-most of which were designed for kids and had racked up almost 1 million downloads between them-have been caught using a new trick to secretly click on ads without the knowledge of smartphone users.
Dubbed "Tekya," the malware in the apps imitated users' actions to click ads from advertising networks such as Google's AdMob, AppLovin', |
Malware | ||
|
2020-03-21 00:57:30 | Mukashi: A New Mirai IoT Botnet Variant Targeting Zyxel NAS Devices (lien direct) | A new version of the infamous Mirai botnet is exploiting a recently uncovered critical vulnerability in network-attached storage (NAS) devices in an attempt to remotely infect and control vulnerable machines.
Called "Mukashi," the new variant of the malware employs brute-force attacks using different combinations of default credentials to log into Zyxel NAS, UTM, ATP, and VPN firewall |
Malware Vulnerability | ||
|
2020-03-18 03:38:50 | Hackers Created Thousands of Coronavirus (COVID-19) Related Sites As Bait (lien direct) | As the world comes to grips with the coronavirus pandemic, the situation has proven to be a blessing in disguise for threat actors, who've taken advantage of the opportunity to target victims with scams or malware campaigns.
Now, according to a new report published by Check Point Research today and shared with The Hacker News, hackers are exploiting the COVID-19 outbreak to spread their own |
Malware Threat | ||
|
2020-03-17 03:37:42 | Researchers Uncover a Nigerian Hacker\'s Pursuit of his Million Dollar Dream (lien direct) | Social engineering-driven malware threats continue to be a big threat, but new research details how cybercriminals profit off such schemes to launder hundreds of thousands of dollars from stolen credit cards of unsuspecting victims.
Cybersecurity firm Check Point Research, in a report published today and shared with The Hacker news, uncovered the digital trail of a Nigerian cybercriminal, who |
Malware | ||
|
2020-03-13 01:52:36 | New Android Cookie-Stealing Malware Found Hijacking Facebook Accounts (lien direct) | A new simple but dangerous strain of Android malware has been found in the wild that steals users' authentication cookies from the web browsing and other apps, including Chrome and Facebook, installed on the compromised devices.
Dubbed "Cookiethief" by Kaspersky researchers, the Trojan works by acquiring superuser root rights on the target device, and subsequently, transfer stolen cookies to |
Malware | ||
|
2020-03-11 09:57:10 | Beware of \'Coronavirus Maps\' – It\'s a malware infecting PCs to steal passwords (lien direct) | Cybercriminals will stop at nothing to exploit every chance to prey on internet users.
Even the disastrous spread of SARS-COV-II (the virus), which causes COVID-19 (the disease), is becoming an opportunity for them to likewise spread malware or launch cyber attacks.
Reason Cybersecurity recently released a threat analysis report detailing a new attack that takes advantage of internet users' |
Malware Threat | ||
|
2020-03-11 01:00:26 | L1ght Looks to Protect Internet Users from Toxic and Predatory Behavior (lien direct) | Cybersecurity has been regarded as a necessity for all computer users, especially today when data breaches and malware attacks have become rampant.
However, one of the more overlooked aspects of cybersecurity is the prevention of other forms of cybercrime, such as the spread of harmful content and predatory behavior.
Most current discussions on cybersecurity revolve around organizations |
Malware | ★★★ |
To see everything:
Our RSS (filtrered)
