What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-01-11 12:39:53 | New RedLine malware version spread as fake Omicron stat counter (lien direct) | A new variant of the RedLine info-stealer is distributed via emails using a fake COVID-19 Omicron stat counter app as a lure. [...] | Malware | ||
|
2022-01-11 10:04:33 | (Déjà vu) New SysJoker backdoor targets Windows, macOS, and Linux (lien direct) | A new multi-platform backdoor malware named 'SysJoker' has emerged in the wild, targeting Windows, Linux, and macOS with the ability to evade detection on all three operating systems. [...] | Malware | ||
|
2022-01-11 10:04:33 | New SysJocker backdoor targets Windows, macOS, and Linux (lien direct) | A new multi-platform backdoor malware named 'SysJocker' has emerged in the wild, targeting Windows, Linux, and macOS with the ability to evade detection on all three operating systems. [...] | Malware | ||
|
2022-01-10 16:09:01 | Linux version of AvosLocker ransomware targets VMware ESXi servers (lien direct) | AvosLocker is the latest ransomware gang that has added support for encrypting Linux systems to its recent malware variants, specifically targeting VMware ESXi virtual machines. [...] | Ransomware Malware | ||
|
2022-01-10 13:43:47 | Oops: Cyberspies infect themselves with their own malware (lien direct) | After infecting themselves with their own custom remote access trojan (RAT), an Indian-linked cyber-espionage group has accidentally exposed its operations to security researchers. [...] | Malware | ||
|
2022-01-08 14:35:42 | Trojanized dnSpy app drops malware cocktail on researchers, devs (lien direct) | Hackers targeted cybersecurity researchers and developers this week in a sophisticated malware campaign distributing a malicious version of the dnSpy .NET application to install cryptocurrency stealers, remote access trojans, and miners. [...] | Malware | ||
|
2022-01-07 12:37:12 | FluBot malware now targets Europe posing as Flash Player app (lien direct) | The widely distributed FluBot malware continues to evolve, with new campaigns distributing the malware as Flash Player and the developers adding new features. [...] | Malware | ||
|
2022-01-05 09:54:34 | iOS malware can fake iPhone shut downs to snoop on camera, microphone (lien direct) | Researchers have developed a new technique that fakes a shutdown or reboot of iPhones, preventing malware from being removed and allowing hackers to secretly snoop on microphones and receive sensitive data via a live network connection. [...] | Malware | ||
|
2022-01-05 06:00:00 | Microsoft code-sign check bypassed to drop Zloader malware (lien direct) | A new Zloader campaign exploits Microsoft's e-signature code verification to steal user credentials from over two thousand victims in 111 countries. [...] | Malware | ||
|
2022-01-03 15:45:11 | Purple Fox malware distributed via malicious Telegram installers (lien direct) | A laced Telegram for desktop installer was spotted distributing the Purple Fox malware while disabling the UAC on the infected systems. [...] | Malware | ||
|
2021-12-30 15:17:31 | Have I Been Pwned adds 441K accounts stolen by RedLine malware (lien direct) | The Have I Been Pwned data breach notification service now lets you check if your email and password are one of 441,000 accounts stolen in an information-stealing campaign using RedLine malware. [...] | Data Breach Malware | ||
|
2021-12-30 09:55:50 | (Déjà vu) Firmware attack can drop persistent malware in hidden SSD area (lien direct) | Korean researchers have developed a set of attacks against some solid-state drives (SSDs) that could allow planting malware in a location that's beyond the reach of the user and security solutions. [...] | Malware | ||
|
2021-12-30 09:55:50 | Hiding malware inside the flex capacity space on modern SSDs (lien direct) | Korean researchers have developed a set of attacks against some solid-state drives (SSDs) that could allow planting malware in a location that's beyond the reach of the user and security solutions. [...] | Malware | ||
|
2021-12-28 14:23:39 | New Flagpro malware linked to Chinese state-backed hackers (lien direct) | The cyber-espionage APT (advanced persistent threat) group tracked as 'BlackTech' was spotted using a novel malware called 'Flagpro' in attacks against Japanese firms. [...] | Malware | ||
|
2021-12-28 13:07:19 | RedLine malware shows why passwords shouldn\'t be saved in browsers (lien direct) | The RedLine information-stealing malware targets popular web browsers such as Chrome, Edge, and Opera, demonstrating why storing your passwords in browsers is a bad idea. [...] | Malware | ||
|
2021-12-24 08:11:22 | Dridex Omicron phishing taunts with funeral helpline number (lien direct) | A malware distributor for the Dridex banking malware has been toying with victims and researchers over the last few weeks. The latest example is a phishing campaign that taunts victims with a COVID-19 funeral assistance helpline number. [...] | Malware | ||
|
2021-12-23 17:33:01 | Stealthy BLISTER malware slips in unnoticed on Windows systems (lien direct) | Security researchers have uncovered a malicious campaign that relies on a valid code-signing certificate to disguise malicious code as legitimate executables. [...] | Malware | ★★★★ | |
|
2021-12-22 12:15:38 | Dridex malware trolls employees with fake job termination emails (lien direct) | A new Dridex malware phishing campaign is using fake employee termination emails as a lure to open a malicious Excel document, which then trolls the victim with a season's greeting message. [...] | Malware | ||
|
2021-12-20 11:33:11 | Log4j vulnerability now used to install Dridex banking malware (lien direct) | Threat actors now exploit the critical Apache Log4j vulnerability named Log4Shell to infect vulnerable devices with the notorious Dridex banking trojan or Meterpreter. [...] | Malware Vulnerability Threat | ||
|
2021-12-19 11:02:01 | New stealthy DarkWatchman malware hides in the Windows Registry (lien direct) | A new malware named 'DarkWatchman' has emerged in the cybercrime underground, and it's a lightweight and highly-capable JavaScript RAT (Remote Access Trojan) paired with a C# keylogger. [...] | Malware | ||
|
2021-12-16 06:00:00 | Phorpiex botnet returns with new tricks making it harder to disrupt (lien direct) | The previously shutdown Phorpiex botnet has re-emerged with new peer-to-peer command and control infrastructure, making the malware more difficult to disrupt. [...] | Malware | ||
|
2021-12-15 16:59:27 | Emotet starts dropping Cobalt Strike again for faster attacks (lien direct) | Right in time for the holidays, the notorious Emotet malware is once again directly installing Cobalt Strike beacons for rapid cyberattacks. [...] | Malware | ||
|
2021-12-14 14:09:44 | Microsoft fixes Windows AppX Installer zero-day used by Emotet (lien direct) | Microsoft has patched a high severity Windows zero-day vulnerability exploited in the wild to deliver Emotet malware payloads. [...] | Malware Vulnerability | ||
|
2021-12-14 13:41:43 | (Déjà vu) Microsoft December 2021 Patch Tuesday fixes 6 zero-days, 67 flaws (lien direct) | Today is Microsoft's December 2021 Patch Tuesday, and with it comes fixes for six zero-day vulnerabilities and a total of 67 flaws. These updates include a fix for an actively exploited Windows Installer vulnerability used in malware distribution campaigns. [...] | Malware Vulnerability | ||
|
2021-12-14 11:25:04 | Anubis Android malware returns to target 394 financial apps (lien direct) | The Anubis Android banking malware is now targeting the customers of nearly 400 financial institutions in a new malware campaign. [...] | Malware | ||
|
2021-12-13 16:22:11 | (Déjà vu) TinyNuke info-stealing malware is again attacking French users (lien direct) | The info-stealing malware TinyNuke has re-emerged in a new campaign targeting French users with invoice-themed lures in emails sent to corporate addresses and individuals working in manufacturing, technology, construction, and business services. [...] | Malware | ||
|
2021-12-13 15:49:11 | Phishing campaign uses PowerPoint macros to drop Agent Tesla (lien direct) | A new variant of the Agent Tesla malware has been spotted in an ongoing phishing campaign that relies on Microsoft PowerPoint documents laced with malicious macro code. [...] | Malware | ||
|
2021-12-12 18:07:20 | Hackers start pushing malware in worldwide Log4Shell attacks (lien direct) | Threat actors and researchers are scanning for and exploiting the Log4j Log4Shell vulnerability to deploy malware or find vulnerable servers. In this article we compiled the known payloads, scans, and attacks using the Log4j vulnerability. [...] | Malware Vulnerability Threat | ||
|
2021-12-11 11:12:06 | Microsoft: These are the building blocks of QBot malware attacks (lien direct) | As QBot campaigns increase in size and frequency, researchers are looking into ways to break the trojan's distribution chain and tackle the threat. [...] | Malware | ||
|
2021-12-09 12:34:17 | Malicious Notepad++ installers push StrongPity malware (lien direct) | The sophisticated hacking group known as StrongPity is circulating laced Notepad++ installers that infect targets with malware. [...] | Malware | ||
|
2021-12-09 06:00:00 | Hundreds of thousands of MikroTik devices still vulnerable to botnets (lien direct) | Approximately 300,000 MikroTik routers are vulnerable to critical vulnerabilities that malware botnets can exploit for cryptomining and DDoS attacks. [...] | Malware | ||
|
2021-12-07 18:21:46 | Emotet now drops Cobalt Strike, fast forwards ransomware attacks (lien direct) | In a concerning development, the notorious Emotet malware now installs Cobalt Strike beacons directly, giving immediate network access to threat actors and making ransomware attacks imminent. [...] | Ransomware Malware Threat | ||
|
2021-12-06 10:00:00 | Russian hacking group uses new stealthy Ceeloader malware (lien direct) | The Nobelium hacking group continues to breach government and enterprise networks worldwide by targeting their cloud and managed service providers and using a new custom "Ceeloader" malware. [...] | Malware | ||
|
2021-12-05 13:45:16 | Malicious Excel XLL add-ins push RedLine password-stealing malware (lien direct) | Cybercriminals are spamming website contact forms and discussion forums to distribute Excel XLL files that download and install the RedLine password and information-stealing malware. [...] | Malware | ||
|
2021-12-04 12:06:12 | Malicious KMSPico installers steal your cryptocurrency wallets (lien direct) | Threat actors are distributing altered KMSpico installers to infect Windows devices with malware that steals cryptocurrency wallets. [...] | Malware Threat | ||
|
2021-12-03 12:40:10 | Fake support agents call victims to install Android banking malware (lien direct) | The BRATA Android remote access trojan (RAT) has been spotted in Italy, with threat actors calling victims of SMS attacks to steal their online banking credentials. [...] | Malware Threat | ||
|
2021-12-02 05:12:19 | New malware hides as legit nginx process on e-commerce servers (lien direct) | eCommerce servers are being targeted with remote access malware that hides on Nginx servers in a way that makes it virtually invisible to security solutions. [...] | Malware | ||
|
2021-12-01 18:43:10 | Emotet now spreads via fake Adobe Windows App Installer packages (lien direct) | The notorious Emotet malware is now distributed through malicious Windows App Installer packages that pretend to be Adobe PDF software. [...] | Malware | ★★★ | |
|
2021-11-30 18:04:42 | Microsoft Defender scares admins with Emotet false positives (lien direct) | Microsoft Defender for Endpoint is currently blocking Office documents from being opened and some executables from launching due to a false positive tagging the files as potentially bundling an Emotet malware payload. [...] | Malware | ||
|
2021-11-30 15:06:34 | Finland warns of Flubot malware heavily targeting Android users (lien direct) | Finland's National Cyber Security Centre (NCSC-FI) has issued a "severe alert" to warn of a massive campaign targeting the country's Android users with Flubot banking malware pushed via text messages sent from compromised devices. [...] | Malware | ||
|
2021-11-30 11:07:09 | Android banking malware infects 300,000 Google Play users (lien direct) | Malware campaigns distributing Android trojans that steals online bank credentials have infected almost 300,000 devices through malicious apps pushed via Google's Play Store. [...] | Malware | ||
|
2021-11-30 06:56:06 | Yanluowang ransomware operation matures with experienced affiliates (lien direct) | An affiliate of the recently discovered Yanluowang ransomware operation is focusing its attacks on U.S. organizations in the financial sector using BazarLoader malware in the reconnaissance stage. [...] | Ransomware Malware | ||
|
2021-11-29 08:43:29 | APT37 targets journalists with Chinotto multi-platform malware (lien direct) | North Korean state hacking group APT37 targets South Korean journalists, defectors, and human rights activists in watering hole, spear-phishing emails, and smishing attacks delivering malware dubbed Chinotto capable of infecting Windows and Android devices. [...] | Malware Cloud | APT 37 | |
|
2021-11-26 13:02:16 | TrickBot phishing checks screen resolution to evade researchers (lien direct) | The TrickBot malware operators have been using a new method to check the screen resolution of a victim system to evade detection of security software and analysis by researchers. [...] | Malware | ||
|
2021-11-25 14:30:00 | How cybercriminals adjusted their scams for Black Friday 2021 (lien direct) | Black Friday is approaching, and while shoppers prepare to open their wallets, cybercriminals hone their malware droppers, phishing lures, and fake sites. [...] | Malware | ||
|
2021-11-25 10:45:38 | (Déjà vu) New Linux malware hides in cron jobs with invalid dates (lien direct) | Security researchers have discovered a new remote access trojan (RAT) for Linux that keeps an almost invisible profile by hiding in tasks scheduled for execution on a non-existent day, February 31st. [...] | Malware | ||
|
2021-11-25 10:45:38 | New CronRAT malware infects Linux systems using odd day cron jobs (lien direct) | Security researchers have discovered a new remote access trojan (RAT) for Linux that keeps an almost invisible profile by hiding in tasks scheduled for execution on a non-existent day, February 31st. [...] | Malware | ||
|
2021-11-25 09:26:52 | Discord malware campaign targets crypto and NFT communities (lien direct) | A new malware campaign on Discord uses the Babadeda crypter to hide malware that targets the crypto, NFT, and DeFi communities. [...] | Malware | ||
|
2021-11-24 11:08:18 | Stealthy new JavaScript malware infects Windows PCs with RATs (lien direct) | A new stealthy JavaScript malware loader named RATDispenser is being used to infect devices with a variety of remote access trojans (RATs) in phishing attacks. [...] | Malware | ||
|
2021-11-24 08:02:04 | Black Friday 2021 deal: 20% off Zero2Automated malware analysis courses (lien direct) | The popular Zero2Automated malware analysis and reverse-engineering course is having another Black Friday and Cyber Monday promotion this year, where you can get 20% off all courses on their site. [...] | Malware |
To see everything:
Our RSS (filtrered)
