What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-02-25 04:08:15 | Free Download: The Ultimate Security Pros\' Checklist (lien direct) | You are a cybersecurity professional with the responsibility to keep your organization secured, you know your job chapter and verse, from high level reporting duties to the bits and bytes of what malware targeted your endpoints a week ago.
But it's a lot to hold in one's mind, so to make your life easier, The Ultimate Security Pros' Checklist, created by Cynet, provides you with a concise and |
Malware | ||
|
2020-02-12 04:47:20 | Emotet Malware Now Hacks Nearby Wi-Fi Networks to Infect New Victims (lien direct) | Emotet, the notorious trojan behind a number of botnet-driven spam campaigns and ransomware attacks, has found a new attack vector: using already infected devices to identify new victims that are connected to nearby Wi-Fi networks.
According to researchers at Binary Defense, the newly discovered Emotet sample leverages a "Wi-Fi spreader" module to scan Wi-Fi networks, and then attempts to |
Ransomware Spam Malware | ||
|
2020-01-02 12:13:32 | Landry\'s Restaurant Chain Suffers Payment Card Theft Via PoS Malware (lien direct) | Landry's, a popular restaurant chain in the United States, has announced a malware attack on its point of sale (POS) systems that allowed cybercriminals to steal customers' payment card information.
Landry's owns and operates more than 600 bars, restaurants, hotels, casinos, food and beverage outlets with over 60 different brands such as Landry's Seafood, Chart House, Saltgrass Steak House, |
Malware | ||
|
2019-12-21 05:56:48 | Hackers Behind GozNym Malware Sentenced for Stealing $100 Million (lien direct) | Three members of an international organized cybercrime group that was behind a multi-million dollar theft primarily against U.S. businesses and financial institutions have been sentenced to prison, the U.S. Justice Department announced.
The criminals used the GozNym banking Trojan to break into more than 4,000 victim computers globally, primarily in the United States and Europe, between 2015 |
Malware | ||
|
2019-12-18 05:34:27 | 14 Ways to Evade Botnet Malware Attacks On Your Computers (lien direct) | Cybercriminals are busy innovators, adapting their weapons and attack strategies, and ruthlessly roaming the web in search of their next big score.
Every manner of sensitive information, such as confidential employee records, customers' financial data, protected medical documents, and government files, are all subject to their relentless threats to cybersecurity.
Solutions span a broad |
Malware | ||
|
2019-12-05 11:16:51 | FBI Puts $5 Million Bounty On Russian Hackers Behind Dridex Banking Malware (lien direct) | The United States Department of Justice today disclosed the identities of two Russian hackers and charged them for developing and distributing the Dridex banking Trojan using which the duo stole more than $100 million over a period of 10 years.
Maksim Yakubets, the leader of 'Evil Corp' hacking group, and his co-conspirator Igor Turashev primarily distributed Dridex - also known as 'Bugat' |
Malware Guideline | ||
|
2019-12-05 01:07:48 | ZeroCleare: New Iranian Data Wiper Malware Targeting Energy Sector (lien direct) | Cybersecurity researchers have uncovered a new, previously undiscovered destructive data-wiping malware that is being used by state-sponsored hackers in the wild to target energy and industrial organizations in the Middle East.
Dubbed ZeroCleare, the data wiper malware has been linked to not one but two Iranian state-sponsored hacking groups-APT34, also known as ITG13 and Oilrig, and Hive0081, |
Malware | APT 34 | |
|
2019-11-22 00:06:46 | Russian Hacker Behind NeverQuest Banking Malware Gets 4 Years in U.S. Prison (lien direct) | A Russian hacker who created and used Neverquest banking malware to steal money from victims' bank accounts has finally been sentenced to 4 years in prison by the United States District Court for the Southern District of New York.
Stanislav Vitaliyevich Lisov, 34, was arrested by Spanish authorities at Barcelona–El Prat Airport in January 2017 on the request of the FBI and extradited to the |
Malware | ||
|
2019-11-20 00:58:38 | Official Monero Site Hacked to Distribute Cryptocurrency Stealing Malware (lien direct) | What an irony - someone hacked the official website of the Monero cryptocurrency project and quietly replaced legitimate Linux and Windows binaries available for download with malicious versions designed to steal funds from users' wallets.
The latest supply-chain cyberattack was revealed on Monday after a Monero user spotted that the cryptographic hash for binaries he downloaded from the |
Malware | ||
|
2019-11-14 06:01:49 | Hackers Impersonating Financial Agencies Target German, Italian, US Firms (lien direct) | Security researchers have tracked down activities of a new group of financially-motivated hackers that are targeting several businesses and organizations in Germany, Italy, and the United States in an attempt to infect them with backdoor, banking Trojan, or ransomware malware.
Though the new malware campaigns are not customized for each organization, the threat actors appear to be more |
Ransomware Malware Threat | ||
|
2019-10-31 07:26:14 | Chinese Hackers Compromise Telecom Servers to Spy on SMS Messages (lien direct) | A group of Chinese hackers carrying out political espionage for Beijing has been found targeting telecommunications companies with a new piece of malware designed to spy on text messages sent or received by highly targeted individuals.
Dubbed "MessageTap," the backdoor malware is a 64-bit ELF data miner that has recently been discovered installed on a Linux-based Short Message Service Center |
Malware | ||
|
2019-10-30 12:48:59 | Hackers Target Indian Nuclear Power Plant – Everything We Know So Far (lien direct) | A story has been making the rounds on the Internet since yesterday about a cyber attack on an Indian nuclear power plant.
Due to some experts commentary on social media even after lack of information about the event and overreactions by many, the incident received factually incorrect coverage widely suggesting a piece of malware has compromised "mission-critical systems" at the Kudankulam |
Malware | ||
|
2019-10-29 10:55:32 | Mysterious malware that re-installs itself infected over 45,000 Android Phones (lien direct) | Over the past few months, hundreds of Android users have been complaining online of a new piece of mysterious malware that hides on the infected devices and can reportedly reinstall itself even after users delete it, or factory reset their devices.
Dubbed Xhelper, the malware has already infected more than 45,000 Android devices in just the last six months and is continuing to spread by |
Malware | ||
|
2019-10-22 04:50:06 | Stealthy Microsoft SQL Server Backdoor Malware Spotted in the Wild (lien direct) | Cybersecurity researchers claim to have discovered a previously undocumented backdoor specifically designed for Microsoft SQL servers that could allow a remote attacker to control an already compromised system stealthily.
Dubbed Skip-2.0, the backdoor malware is a post-exploitation tool that runs in the memory and lets remote attackers connect to any account on the server running MSSQL version |
Malware Tool | ||
|
2019-10-16 06:23:03 | Phorpiex Botnet Sending Out Millions of Sextortion Emails Using Hacked Computers (lien direct) | A decade-old botnet malware that currently controls over 450,000 computers worldwide has recently shifted its operations from infecting machines with ransomware or crypto miners to abusing them for sending out sextortion emails to millions of innocent people.
Extortion by email is growing significantly, with a large number of users recently complaining about receiving sextortion emails that |
Ransomware Malware | ||
|
2019-10-02 01:53:26 | How SMBs Can Mitigate the Growing Risk of File-based Attacks (lien direct) | Cases of document-based malware are steadily rising. 59 percent of all malicious files detected in the first quarter of 2019 were contained in documents.
Due to how work is done in today's offices and workplaces, companies are among those commonly affected by file-based attacks. Since small to medium businesses (SMBs) usually lack the kind of security that protects their larger counterparts, |
Malware | ||
|
2019-09-27 05:29:32 | Microsoft Warns of a New Rare Fileless Malware Hijacking Windows Computers (lien direct) | Watch out Windows users!
There's a new strain of malware making rounds on the Internet that has already infected thousands of computers worldwide and most likely, your antivirus program would not be able to detect it.
Why? That's because, first, it's an advanced fileless malware and second, it leverages only legitimate built-in system utilities and third-party tools to extend its |
Malware | ||
|
2019-09-26 12:21:53 | Outlook for Web Bans 38 More File Extensions in Email Attachments (lien direct) | Malware or computer virus can infect your computer in several different ways, but one of the most common methods of its delivery is through malicious file attachments over emails that execute the malware when you open them.
Therefore, to protect its users from malicious scripts and executable, Microsoft is planning to blacklist 38 additional file extensions by adding them to its list of file |
Malware | ||
|
2019-09-24 06:03:15 | Russian APT Map Reveals 22,000 Connections Between 2000 Malware Samples (lien direct) | Though Russia still has an undiversified and stagnant economy, it was one of the early countries in the world to realize the value of remotely conducted cyber intrusions.
In recent years, many Russia hacking groups have emerged as one of the most sophisticated nation-state actors in cyberspace, producing highly specialized hacking techniques and toolkits for cyber espionage.
Over the past |
Malware | ||
|
2019-09-24 03:41:23 | Cynet 360: The Next Generation of EDR (lien direct) | Many organizations regard Endpoint Detection and Response (EDR) as their main protection against breaches. EDR, as a category, emerged in 2012 and was rapidly acknowledged as the best answer to the numerous threats that legacy AV unsuccessfully struggled to overcome – exploits, zero-day malware and fileless attacks are prominent examples.
While there is no dispute on EDR's efficiency against a |
Malware | ||
|
2019-09-11 10:03:18 | (Déjà vu) The Hottest Malware Hits of the Summer (lien direct) | It's been a summer of ransomware hold-ups, supply chain attacks and fileless attacks flying under the radar of old-school security. With malware running amok while we were lying on the beach, here's a recap of the most burning strains and trends seen in the wild during the months of July and August 2019.
Malware Evolution Trends
The heat must have had an effect as this summer saw malware |
Ransomware Malware | ||
|
2019-09-11 06:09:04 | NetCAT: New Attack Lets Hackers Remotely Steal Data From Intel CPUs (lien direct) | Unlike previous side-channel vulnerabilities disclosed in Intel CPUs, researchers have discovered a new flaw that can be exploited remotely over the network without requiring an attacker to have physical access or any malware installed on a targeted computer.
Dubbed NetCAT, short for Network Cache ATtack, the new network-based side-channel vulnerability could allow a remote attacker to sniff |
Malware Vulnerability | ||
|
2019-09-09 06:18:04 | New Malware Uses Windows BITS Service to Stealthy Exfiltrate Data (lien direct) | Cybersecurity researchers have discovered a new computer virus associated with the Stealth Falcon state-sponsored cyber espionage group that abuses a built-in component of the Microsoft Windows operating system to stealthily exfiltrate stolen data to attacker-controlled server.
Active since 2012, Stealth Falcon is a sophisticated hacking group known for targeting journalists, activists, and |
Malware | ||
|
2019-09-06 06:02:01 | A Summer of Discontent: The Hottest Malware Hits (lien direct) | It's been a summer of ransomware hold-ups, supply chain attacks and fileless attacks flying under the radar of old-school security. With malware running amok while we were lying on the beach, here's a recap of the most burning strains and trends seen in the wild during the months of July and August 2019.
Malware Evolution Trends
The heat must have had an effect as this summer saw malware |
Ransomware Malware | ||
|
2019-08-29 11:38:00 | Google Will Now Pay Anyone Who Reports Apps Abusing Users\' Data (lien direct) | In the wake of data abuse scandals and several instances of malware app being discovered on the Play Store, Google today expanded its bug bounty program to beef up the security of Android apps and Chrome extensions distributed through its platform.
The expansion in Google's vulnerability reward program majorly includes two main announcements.
First, a new program, dubbed 'Developer Data |
Malware Vulnerability | ||
|
2019-08-28 03:17:05 | French Police Remotely Removed RETADUP Malware from 850,000 Infected PCs (lien direct) | The French law enforcement agency, National Gendarmerie, today announced the successful takedown of one of the largest wide-spread RETADUP botnet malware and how it remotely disinfected more than 850,000 computers worldwide with the help of researchers.
Earlier this year, security researchers at Avast antivirus firm, who were actively monitoring the activities of RETADUP botnet, discovered a |
Malware | ||
|
2019-08-13 05:19:00 | Cerberus: A New Android \'Banking Malware For Rent\' Emerges (lien direct) | After a few popular Android Trojans like Anubis, Red Alert 2.0, GM bot, and Exobot, quit their malware-as-a-service businesses, a new player has emerged on the Internet with similar capabilities to fill the gap, offering Android bot rental service to the masses.
Dubbed "Cerberus," the new remote access Trojan allows remote attackers to take total control over the infected Android devices and |
Malware | ||
|
2019-08-06 11:01:00 | Pakistani Man Bribed AT&T Insiders to Plant Malware and Unlock 2 Million Phones (lien direct) | United States federal government has charged a Pakistani national for bribing employees at AT&T telecommunication company over a period of five years to help unlock more than 2 million phones and plant malware on the company's network.
Muhammad Fahd, a 34-year-old man from Pakistan, was arrested in Hong Kong last year in February at the request of the U.S. government and just extradited to the |
Malware | ||
|
2019-07-26 07:31:01 | Just Opening A Document in LibreOffice Can Hack Your Computer (Unpatched) (lien direct) | Are you using LibreOffice?
You should be extra careful about what document files you open using the LibreOffice software over the next few days.
That's because LibreOffice contains a severe unpatched code execution vulnerability that could sneak malware into your system as soon as you open a maliciously-crafted document file.
LibreOffice is one of the most popular and open source |
Malware Hack Vulnerability | ||
|
2019-07-25 06:45:04 | Popular Malware Families Using \'Process Doppelgänging\' to Evade Detection (lien direct) | The fileless code injection technique called Process Doppelgänging is actively being used by not just one or two but a large number of malware families in the wild, a new report shared with The Hacker News revealed.
Discovered in late 2017, Process Doppelgänging is a fileless variation of Process Injection technique that takes advantage of a built-in Windows function to evade detection and |
Malware | ||
|
2019-07-25 02:38:03 | Linux Botnet Adding BlueKeep-Flawed Windows RDP Servers to Its Target List (lien direct) | Cybersecurity researchers have discovered a new variant of WatchBog, a Linux-based cryptocurrency mining malware botnet, which now also includes a module to scan the Internet for Windows RDP servers vulnerable to the Bluekeep flaw.
BlueKeep is a highly-critical, wormable, remote code execution vulnerability in the Windows Remote Desktop Services that could allow an unauthenticated remote |
Malware Vulnerability | ||
|
2019-07-25 00:16:01 | New Android Spyware Created by Russian Defense Contractor Found in the Wild (lien direct) | Cybersecurity researchers have uncovered a new piece of mobile surveillance malware believed to be developed by a Russian defense contractor that has been sanctioned for interfering with the 2016 U.S. presidential election.
Dubbed Monokle, the mobile remote-access trojan has been actively targeting Android phones since at least March 2016 and is primarily being used in highly targeted attacks on |
Malware | ||
|
2019-07-17 07:32:05 | EvilGnome: A New Backdoor Implant Spies On Linux Desktop Users (lien direct) | Security researchers have discovered a rare piece of Linux spyware that's currently fully undetected across all major antivirus security software products, and includes rarely seen functionalities with regards to most Linux malware, The Hacker News learned.
It's a known fact that there are a very few strains of Linux malware exist in the wild as compared to Windows viruses because of its core |
Malware | ||
|
2019-07-11 06:04:00 | New Malware Replaced Legit Android Apps With Fake Ones On 25 Million Devices (lien direct) | Are you sure the WhatsApp app you are using on your Android device is legitimate, even if it's working perfectly as intended?
...Or the JioTV, AppLock, HotStar, Flipkart, Opera Mini or Truecaller app-if you have installed any of these?
I'm asking this because cybersecurity researchers just yesterday revealed eye-opening details about a widespread Android malware campaign wherein attackers |
Malware | ||
|
2019-07-10 23:57:04 | Magecart Hackers Infect 17,000 Sites Through Misconfigured Amazon S3 Buckets (lien direct) | Magecart strikes again!
Cybersecurity researchers have identified yet another supply-chain attack carried out by payment card hackers against more than 17,000 web domains, which also include websites in the top 2,000 of Alexa rankings.
Since Magecart is neither a single group nor a specific malware instead an umbrella term given to all those cyber criminal groups and individuals who inject |
Malware | ||
|
2019-07-09 01:17:00 | Watch Out! Microsoft Spotted Spike in Astaroth Fileless Malware Attacks (lien direct) | Security researchers at Microsoft have released details of a new widespread campaign distributing an infamous piece of fileless malware that was primarily being found targeting European and Brazilian users earlier this year.
Dubbed Astaroth, the malware trojan has been making the rounds since at least 2017 and designed to steal users' sensitive information like their credentials, keystrokes, |
Malware | ||
|
2019-06-26 04:45:05 | \'Legit Apps Turned into Spyware\' Targeting Android Users in Middle East (lien direct) | Cybersecurity researchers are warning about an ongoing Android malware campaign that has been active since 2016 and was first publicly reported in August 2018.
Dubbed "ViceLeaker" by researchers at Kaspersky, the campaign has recently been found targeting Israeli citizens and some other middle eastern countries with a powerful surveillance malware designed to steal almost all accessible |
Malware | ||
|
2019-06-25 05:30:00 | New Mac Malware Exploits GateKeeper Bypass Bug that Apple Left Unpatched (lien direct) | Cybersecurity researchers are warning about possible active exploitation of an unpatched security vulnerability in Apple's macOS Gatekeeper security feature details and PoC for which were publicly disclosed late last month.
Joshua Long, a security researcher at Intego, last week discovered four samples of new macOS malware on VirusTotal that leverage the GateKeeper bypass vulnerability to |
Malware Vulnerability | ||
|
2019-06-21 07:52:03 | This Cryptomining Malware Launches Linux VMs On Windows and macOS (lien direct) | Cybersecurity researchers from at least two firms today unveiled details of a new strain of malware that targets Windows and macOS systems with a Linux-based cryptocurrency mining malware.
It may sound strange, but it's true.
Dubbed "LoudMiner" and also "Bird Miner," the attack leverages command-line based virtualization software on targeted systems to silently boot an image of Tiny Core |
Malware | ||
|
2019-05-29 11:53:04 | Hackers Infect 50,000 MS-SQL and PHPMyAdmin Servers with Rootkit Malware (lien direct) | Cyber Security researchers at Guardicore Labs today published a detailed report on a widespread cryptojacking campaign attacking Windows MS-SQL and PHPMyAdmin servers worldwide.
Dubbed Nansh0u, the malicious campaign is reportedly being carried out by an APT-style Chinese hacking group who has already infected nearly 50,000 servers and are installing a sophisticated kernel-mode rootkit on |
Malware | ||
|
2019-05-16 05:55:03 | \'GozNym\' Banking Malware Gang Dismantled by International Law Enforcement (lien direct) | In a joint effort by several law enforcement agencies from 6 different countries, officials have dismantled a major cybercrime network behind GozNym banking malware.
GozNym banking malware is responsible for stealing nearly $100 million from over 41,000 victims across the globe for years.
GozNym was created by combining two known powerful Trojans-Gozi ISFB malware, a banking |
Malware | ||
|
2019-05-14 11:31:05 | Microsoft Releases Patches For A Critical \'Wormable Flaw\' and 78 Other Issues (lien direct) | It's Patch Tuesday-the day when Microsoft releases monthly security updates for its software.
Microsoft has software updates to address a total of 79 CVE-listed vulnerabilities in its Windows operating systems and other products, including a critical wormable flaw that can propagate malware from computer to computer without requiring users' interaction.
Out of 79 vulnerabilities, 18 issues |
Malware | ||
|
2019-05-13 23:10:02 | Hackers Used WhatsApp 0-Day Flaw to Secretly Install Spyware On Phones (lien direct) | Whatsapp has recently patched a severe vulnerability that was being exploited by attackers to remotely install surveillance malware on a few "selected" smartphones by simply calling the targeted phone numbers over Whatsapp audio call.
Discovered, weaponized and then sold by the Israeli company NSO Group that produces the most advanced mobile spyware on the planet, the WhatsApp exploit installs |
Malware Vulnerability | ||
|
2019-05-10 03:04:03 | North Korean Hackers Using ELECTRICFISH Tunnels to Exfiltrate Data (lien direct) | The U.S. Department of Homeland Security (DHS) and the FBI have issued another joint alert about a new piece of malware that the prolific North Korean APT hacking group Hidden Cobra has actively been using in the wild.
Hidden Cobra, also known as Lazarus Group and Guardians of Peace, is believed to be backed by North Korean government and known to launch cyber attacks against media |
Malware Medical | APT 38 | |
|
2019-04-24 00:30:05 | \'Karkoff\' Is the New \'DNSpionage\' With Selective Targeting Strategy (lien direct) | The cybercriminal group behind the infamous DNSpionage malware campaign has been found running a new sophisticated operation that infects selected victims with a new variant of the DNSpionage malware.
First uncovered in November last year, the DNSpionage attacks used compromised sites and crafted malicious documents to infect victims' computers with DNSpionage-a custom remote administrative |
Malware | ||
|
2019-04-23 01:20:05 | Source Code for CARBANAK Banking Malware Found On VirusTotal (lien direct) | Security researchers have discovered the full source code of the Carbanak malware-yes, this time it's for real.
Carbanak-sometimes referred as FIN7, Anunak or Cobalt-is one of the most full-featured, dangerous malware that belongs to an APT-style cybercriminal group involved in several attacks against banks, financial institutions, hospitals, and restaurants.
In July last year, there was a |
Malware | ||
|
2019-04-16 05:05:03 | Google Makes it Tough for Rogue App Developers Get Back on Android Play Store (lien direct) | Even after Google's security oversight over its already-huge Android ecosystem has evolved over the years, malware apps still keep coming back to Google Play Store.
Sometimes just reposting an already detected malware app from a newly created Play Store account, or using other developers' existing accounts, is enough for 'bad-faith' developers to trick the Play Store into distributing unsafe |
Malware | ||
|
2019-04-16 01:45:05 | Scranos: New Rapidly Evolving Rootkit-Enabled Spyware Discovered (lien direct) | A new powerful rootkit-enabled spyware operation has been discovered wherein hackers are distributing multifunctional malware disguised as cracked software or trojanized app posing as legitimate software like video players, drivers and even anti-virus products.
While the rootkit malware-dubbed Scranos-which was first discovered late last year, still appears to be a work in progress, it is |
Malware | ||
|
2019-04-10 01:20:00 | Sophisticated \'TajMahal APT Framework\' Remained Undetected for 5 Years (lien direct) | Cybersecurity researchers yesterday unveiled the existence of a highly sophisticated spyware framework that has been in operation for at least last 5 years-but remained undetected until recently.
Dubbed TajMahal by researchers at Kaspersky Lab, the APT framework is a high-tech modular-based malware toolkit that not only supports a vast number of malicious plugins for distinct espionage |
Malware | ||
|
2019-04-09 00:19:04 | \'Exodus\' Surveillance Malware Found Targeting Apple iOS Users (lien direct) | Cybersecurity researchers have discovered an iOS version of the powerful mobile phone surveillance app that was initially targeting Android devices through apps on the official Google Play Store.
Dubbed Exodus, as the malware is called, the iOS version of the spyware was discovered by security researchers at LookOut during their analysis of its Android samples they had found last year. |
Malware |
To see everything:
Our RSS (filtrered)
