What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-04-10 16:03:00 | Threat Group Uses Pastebin, GitHub In SneakyPastes Operation (lien direct) | A threat group considered the runt of the litter in terms of the complexity of its operations, in 2018 launched operation SneakyPastes, relying to a large extent on services like Pastebin and GitHub to host malware for various stages of the infection chain. [...] | Malware Threat | ||
|
2019-04-10 14:06:04 | DHS and FBI Issue Advisory on North Korean HOPLIGHT Malware (lien direct) | The U.S. Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued a joint malware analysis report (MAR) on a new Trojan dubbed HOPLIGHT, used by the North-Korean APT group Lazarus. [...] | Malware | APT 38 | |
|
2019-04-10 05:01:00 | Chrome Saying It\'s Managed by Your Organization May Indicate Malware (lien direct) | Recently users have noticed that Google Chrome has started stating that it is "Managed by your organization", which is a confusing for home computers who are not part of any organization. It turns out that with the release of Chrome 73, the browser will display this message whenever a group policy is configured for Chrome. [...] | Malware | ||
|
2019-04-04 03:34:00 | New Xwo Web Scanner Helps MongoLock Ransomware Find Victims (lien direct) | Code and infrastructure from two known malware families have been observed with a new threat named Xwo, which helps operators of the MongoLock ransomware discover unprotected web services reachable over the internet. [...] | Ransomware Malware Threat | ||
|
2019-03-28 07:37:05 | Gustuff Android Malware Targets 100+ Banking and 32 Cryptocurrency Apps (lien direct) | A previously unreported advanced banking trojan named Gustuff can steal funds from accounts at over 100 banks across the world and rob users of 32 cryptocurrency Android apps. [...] | Malware | ||
|
2019-03-27 18:42:02 | Office Depot Pays $25 Million To Settle Deceptive Tech Support Lawsuit (lien direct) | Office Depot and Support.com, Inc, a tech support software provided from California, agreed to pay $25 million and $10 million respectively for allegedly tricking their customers into paying for millions of US dollars worth of computer repair services using fake malware scans. [...] | Malware | ||
|
2019-03-25 03:04:00 | The AZORult Legacy Lives On. Hello AZORult++! (lien direct) | Earlier this month, malware researchers noticed a new variant of the infamous information stealer AZORult that indicates a transition to a new developer and carries the promise of a more dangerous threat. [...] | Malware | ||
|
2019-03-13 14:21:05 | DMSniff Point-of-Sale Malware Silently Attacked SMBs For Years (lien direct) | A new Point-of-Sale (POS) malware which uses a domain generation algorithm to create command-and-control domains on the fly was detected in attacks against small and medium-sized businesses for the past four years according to a team of security researchers from Flashpoint. [...] | Malware | ||
|
2019-03-12 12:32:00 | Malware Spreads As a Worm, Uses Cryptojacking Module to Mine for Monero (lien direct) | A modular malware with worm capabilities exploits known vulnerabilities in servers running ElasticSearch, Hadoop, Redis, Spring, Weblogic, ThinkPHP, and SqlServer to spread from one server to another and mine for Monero cryptocurrency. [...] | Malware | ||
|
2019-03-08 13:35:05 | 1.8 Million Users Attacked by Android Banking Malware, 300% Increase Since 2017 (lien direct) | The number of Android users attacked by banking malware saw an alarming 300% increase in 2018, with 1.8 million of them being impacted by at least one such attack during the last year. [...] | Malware | ||
|
2019-03-07 04:48:05 | #Opfail: Phisher Attaches Powershell Exec Instead of Malware (lien direct) | The security community has seen its share of mistakes made by cybercriminals, and quickly took advantage of them to stop the threat. But some of them have reached blooper level. [...] | Malware | ||
|
2019-03-06 15:11:02 | StealthWorker Malware Uses Windows, Linux Bots to Hack Websites (lien direct) | Hackers are running a new campaign which drops the StealthWorker brute-force malware on Windows and Linux machines that end up being used to brute force other computers in a series of distributed brute force attacks. [...] | Malware Hack | ||
|
2019-03-06 10:35:01 | NSA\'s Ghidra Reverse Engineering Framework Stirs Up Malware Researchers (lien direct) | The National Security Agency released a free, public version of Ghidra, a set of tools developed internally for software reverse engineering. The agency will also release Ghidra's source code, allowing users to improve the framework's feature set and turn it into a more effective tool. [...] | Malware | ||
|
2019-03-04 18:20:05 | Microsoft Sees 250% Phishing Increase, Malware Decline by 34% (lien direct) | Phishing attacks have seen an impressive 250% increase between January and December 2018, with attackers moving to multiple points of attacks during the same campaign, switching between malicious URLs, domains, and malware ridden attachments. [...] | Malware | ||
|
2019-02-28 16:04:01 | App Security Improvement Alerts Android Devs of 6 New Vulnerabilities (lien direct) | Google announced the addition of six extra vulnerability warnings to the Application Security Improvement (ASI) program after previously announcing updates for the Google Play Protect, the built-in malware protection for Android. [...] | Malware Vulnerability | ||
|
2019-02-25 17:57:02 | Apex Legends Fans Targeted with Malware and Scam Campaigns (lien direct) | Apex Legends fans who want to play the game on mobile devices are being actively targeted by scam and malware campaigns which promise to deliver a playable version of the game ready to install on iOS and Android devices. [...] | Malware | ||
|
2019-02-25 16:08:02 | Malspam Exploits WinRAR ACE Vulnerability to Install a Backdoor (lien direct) | Researchers have discovered a malspam campaign that is distributing a a malicious RAR archive that may be the first one to exploit the newly discovered WinRAR ACE vulnerability to install malware on a computer. [...] | Malware Vulnerability | ★★ | |
|
2019-02-23 12:00:00 | LinkedIn Messaging Abused to Target US Companies With Backdoors (lien direct) | A series of malware campaigns that push the More_eggs backdoor via fake jobs offers are targeting employees of US companies which use shopping portals and similar online payment systems. [...] | Malware | ||
|
2019-02-21 18:01:01 | Malware Campaigns Target Users of Pornhub, XVideos, Other Adult Websites (lien direct) | People who visit adult websites are being exposed on a daily basis to malware, phishing, and malicious spam campaigns, with premium accounts used on these websites that get stolen ending up on dark web markets. [...] | Spam Malware | ||
|
2019-02-18 15:55:02 | Multi-Stage Rietspoof Malware Drops Multiple Malicious Payloads (lien direct) | Rietspoof is a new malware family which uses a multi-stage delivery system, is designed to drop multiple payloads on the systems it infects, and that offers very little to no information on what audience it targets. [...] | Malware | ||
|
2019-02-13 14:26:05 | Shlayer Malware Disables macOS Gatekeeper to Run Unsigned Payloads (lien direct) | A new variant of the multi-stage Shlayer malware known to target macOS users has been observed in the wild, now being capable to escalate privileges using a two-year-old technique and to disable the Gatekeeper protection mechanism to run unsigned second stage payloads. [...] | Malware | ||
|
2019-02-12 10:59:02 | Windows Malware Runs on Macs, Bypasses Gatekeeper to Target Software Pirates (lien direct) | If it wasn't already obvious, pirating software is a risky business and this was again proven by a set of malicious executables targeting macOS users with info stealers and adware, and compiled as Windows EXE binaries with the help of the open source Mono framework. [...] | Malware | ||
|
2019-02-08 12:16:02 | Coinminer Targets Linux, Kills Competition to Maximize Profits (lien direct) | A new coinminer malware strain which targets the Linux platform and installs the XMR-Stak Cryptonight cryptocurrency miner has been observed while searching for and killing other Linux malware and coin miners present on the compromised machine. [...] | Malware | ||
|
2019-01-30 03:03:00 | New LockerGoga Ransomware Allegedly Used in Altran Attack (lien direct) | Hackers have infected the systems of Altran Technologies with malware that spread through the company network, affecting operations in some European countries. To protect client data and its assets, Altran decided to shut down its network and applications. [...] | Ransomware Malware | ||
|
2019-01-29 11:06:00 | Hackers Stole $1.7 Billion in Cryptocurrency Last Year (lien direct) | Cybercriminals going after digital coins had a good 2018, stealing a whopping $1.7 billion in cryptocurrency from exchange services, users, or investors. Different forms of scamming, extortion, hacking, and malware were the main methods used to get the money. [...] | Malware | ||
|
2019-01-25 06:45:00 | VeryMal Malvertiser Delivers Image-Based Malware (lien direct) | A malvertising group recently targeted Apple users in a campaign that delivered a payload hidden in advertisement images. The attack triggered at least 5 million times a day. [...] | Malware | ||
|
2019-01-24 18:55:00 | (Déjà vu) Google Chrome Adding Malicious Drive-By-Downloads Protection (lien direct) | Google is in the process of adding support for blocking drive-by downloads originating from website iframes, one of the techniques preferred by attackers to drop malware payloads on vulnerable machines [...] | Malware | ||
|
2019-01-24 18:55:00 | (Déjà vu) Drive-By-Download Protection Coming to Google Chrome (lien direct) | Google is in the process of adding support for blocking drive-by downloads originating from website iframes, one of the techniques preferred by attackers behind malvertising campaigns to drop malware payloads on vulnerable machines [...] | Malware | ||
|
2019-01-24 16:42:04 | New Ursnif Malware Campaign Uses Fileless Infection to Avoid Detection (lien direct) | A new malware campaign distributing the Ursnif banking Trojan using PowerShell to achieve fileless persistence to hide from anti-malware solutions was detected by Cisco's Advanced Malware Protection Exploit Prevention engine [...] | Malware | ||
|
2019-01-23 03:31:00 | 265 Researchers Take Down 100,000 Malware Distribution Websites (lien direct) | Security researchers across the globe united in a project dedicated to sharing URLs used in malicious campaigns managed to take down close to 100,000 websites actively engaged in malware distribution. [...] | Malware | ||
|
2019-01-17 12:00:00 | Android Apps Steal Banking Info, Use Motion Sensor to Evade Detection (lien direct) | Two Android apps infected with a banking malware dropper were found on the Google Play Store, already having been installed on thousands of Android devices and sporting dozens of fake five-star ratings. [...] | Malware | ||
|
2019-01-17 11:00:00 | Rocke\'s Cryptominers Kills Competition, Uninstall Cloud Security Products (lien direct) | Analysis of new malware samples used by the Rocke group for cryptojacking reveals code that uninstalls from Linux servers multiple cloud security and monitoring products developed by Tencent Cloud and Alibaba Cloud [...] | Malware | ||
|
2019-01-17 08:37:00 | Flaw in Telegram Reveals Awful OpSec from Malware Author (lien direct) | A weakness in the protection of messages delivered using the Telegram Bot API gave researchers access to the communication flow between a piece of malware and its operator. [...] | Malware | ||
|
2019-01-12 16:39:01 | Ryuk Ransomware Partners with TrickBot to Gain Access to Infected Networks (lien direct) | Ryuk has historically been considered a a targeted ransomware where the actors scope out networks in order to gain access and install their ransomware. New research now indicates that the Ryuk actors may be using other malware as an Access-as-a-Service to gain access to networks. [...] | Ransomware Malware | ||
|
2019-01-11 15:55:03 | Del Rio City Hall Forced to Use Paper After Ransomware Attack (lien direct) | The City Hall of Del Rio, Texas was hit by a ransomware attack on the morning of January 10, which led to dozens of computers on the network being turned off and disconnected from the Internet to contain and analyze the malware [...] | Ransomware Malware | ||
|
2019-01-10 04:26:00 | (Déjà vu) TA505 Group Adopts New ServHelper Backdoor and FlawedGrace RAT (lien direct) | Malware researchers discovered two new malware families distributed through phishing campaigns last year carried out by the TA505 cybercriminal group: ServHelper backdoor with two variants and FlawedGrace remote access trojan (RAT). [...] | Malware | ||
|
2019-01-10 04:26:00 | (Déjà vu) New ServHelper Backdoor and FlawedGrace RAT Pushed by Necurs Botnet (lien direct) | Malware researchers discovered two new malware families distributed through phishing campaigns last year from the Necurs botnet: ServHelper backdoor with two variants and FlawedGrace remote access trojan (RAT). [...] | Malware | ||
|
2019-01-07 10:14:01 | (Déjà vu) Apple iOS Games Found Talking to Golduck Malware C&C Servers (lien direct) | Researchers found 14 retro games in Apple's App Store that communicated with command-and-control servers previously used by the Android Golduck Loader [...] | Malware | ||
|
2019-01-07 10:14:01 | (Déjà vu) App Store Games Found Communicating with Golduck Malware C&C servers (lien direct) | Researchers found 14 retro games in Apple's App Store that communicated with command-and-control servers previously used by the Android Golduck Loader [...] | Malware | ★★ | |
|
2019-01-06 10:30:01 | Opera Blacklists Tampermonkey Extension Being Installed by Malware (lien direct) | Opera blacklisted the version of Tampermonkey that is currently offered on the Chrome Web Store as it is being installed by Windows malware. This prevents the extension from working in the Opera browser. [...] | Malware | ||
|
2019-01-03 17:00:04 | New Android Malware Combines Info-Stealing and Phishing Features (lien direct) | Android malware that combines info/data-stealing and phishing capabilities lurked in Google Play using the guise of legitimate looking apps; one of them was installed at least 100,000 times. [...] | Malware | ||
|
2018-12-27 09:47:03 | New Shamoon Sample from France Signed with Baidu Certificate (lien direct) | A new sample of Shamoon disk-wiping malware was uploaded from France recently to the VirusTotal scanning platform. It tries to pass as a system optimization tool from Chinese technology company Baidu. [...] | Malware Tool | ||
|
2018-12-25 15:27:03 | 18 Months Later, WannaCry Still Lurks on Infected Computers (lien direct) | Eighteen months after the initial outbreak of the WannaCry Ransomware infection, the malware continues to rear its head on thousands, if not hundreds of thousands, of infected computers. [...] | Malware | Wannacry | |
|
2018-12-14 13:19:03 | Microsoft Launches AI Malware Prediction Competition with $25K Prize (lien direct) | Microsoft is challenging the data science community to come up with AI models that can accurately predict whether a computer would become infected based on the device's configuration. The team who successfully predicts the most malware will win a prize of $25,000 USD. [...] | Malware | ||
|
2018-12-13 05:04:05 | (Déjà vu) Shamoon Disk-Wiping Malware Re-Emerges with a Third Variant (lien direct) | Two new samples of the Shamoon data have been discovered in the wild, after a period of silence that lasted for about two years. [...] | Malware | ||
|
2018-12-13 05:04:05 | (Déjà vu) Shamoon Disk-Wiping Malware Re-emerges with Two New Variants (lien direct) | Two new samples of the Shamoon data have been discovered in the wild, after a period of silence that lasted for about two years. [...] | Malware | ||
|
2018-12-13 02:47:00 | New LamePyre macOS Malware Sends Screenshots to Attacker (lien direct) | The world of macOS malware has a new member that makes no effort to keep appearances and looks rather like a bare-bones version that is still under development. [...] | Malware | ||
|
2018-12-12 11:26:05 | Op \'Sharpshooter\' Uses Lazarus Group Tactics, Techniques, and Procedures (lien direct) | A new advanced threat actor has emerged on the radar, targeting organizations in the defense and the critical infrastructure sectors with fileless malware and an exploitation tool that borrows code from a trojan associated with the Lazarus group [...] | Malware Tool Threat Medical | APT 38 | |
|
2018-12-12 02:51:00 | Android Malware Tricks User to Log into PayPal to Steal Funds (lien direct) | An Android malware posing as a battery optimization app social engineers its way into stealing funds from PayPal users, despite two-factor authentication protection, by simply prompting them to log into the app. [...] | Malware | ||
|
2018-12-07 11:57:05 | DanaBot Banking Trojan Gets into Spam Business (lien direct) | Authors of the DanaBot banking trojans updated the malware with new features that enabled it to harvest email addresses and send out spam straight from the victim's mailbox. [...] | Spam Malware |
To see everything:
Our RSS (filtrered)
