What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-02-18 10:25:18 | US shares info on North Korean malware used to steal cryptocurrency (lien direct) | The FBI, CISA, and US Department of Treasury shared detailed info on malicious and fake crypto-trading applications used by North Korean-backed state hackers to steal cryptocurrency from individuals and companies worldwide in a joint advisory published on Wednesday. [...] | Malware | ||
|
2021-02-14 12:12:06 | Pro-India hackers use Android spyware to spy on Pakistani military (lien direct) | This week a report has revealed details on the two spyware strains leveraged by state-sponsored threat actors during the India-Pakistan conflict. The malware strains named Hornbill and SunBird have been delivered as fake Android apps (APKs) by the Confucius advanced persistent threat group (APT), a state-sponsored operation. [...] | Malware Threat | ||
|
2021-02-12 13:50:53 | Google: Gmail users from US most targeted by phishing attacks (lien direct) | Google has revealed earlier this week that Gmail users from the United States are the most popular target for email-based phishing and malware attacks. [...] | Malware | ||
|
2021-02-11 06:01:01 | TrickBot\'s BazarBackdoor malware is now coded in Nim to evade antivirus (lien direct) | TrickBot's stealthy BazarBackdoor malware has been rewritten in the Nim programming language, likely to evade detection by security software. [...] | Malware | ||
|
2021-02-09 13:09:11 | New BendyBear APT malware gets linked to Chinese hacking group (lien direct) | Unit 42 researchers today have shared info on a new polymorphic and "highly sophisticated" malware dubbed BendyBear, linked to a hacking group with known ties to the Chinese government. [...] | Malware | ||
|
2021-02-08 11:52:26 | Android app joins the dark side, sends malware update to millions (lien direct) | Google has removed a popular Android barcode scanner app with over 10 million installs from the Play Store after researchers found that it turned malicious following a December 2020 update. [...] | Malware | ||
|
2021-02-02 12:52:19 | Trickbot malware now maps victims\' networks using Masscan (lien direct) | The Trickbot malware has been upgraded with a network reconnaissance module designed to survey local networks after infecting a victim's computer. [...] | Malware | ||
|
2021-02-02 07:09:31 | New Linux malware steals SSH credentials from supercomputers (lien direct) | A new backdoor has been targeting supercomputers across the world, often stealing the credentials for secure network connections by using a trojanized version of the OpenSSH software. [...] | Malware | ||
|
2021-02-01 08:04:01 | Android emulator supply-chain attack targets gamers with malware (lien direct) | ESET researchers have discovered that an unknown threat actor has compromised the updating mechanism of NoxPlayer, an Android emulator for Windows and macOS, made by Hong Kong-based company BigNox. [...] | Malware Threat | ||
|
2021-01-29 16:04:57 | (Déjà vu) Here\'s how law enforcement\'s Emotet malware module works (lien direct) | New research released today provides greater insight into the Emotet module created by law enforcement that will uninstall the malware from infected devices in April. [...] | Malware | ||
|
2021-01-29 16:04:57 | Here\'e how law enforcement\'s Emotet malware module works (lien direct) | New research released today provides greater insight into the Emotet module created by law enforcement that will uninstall the malware from infected devices in April. [...] | Malware | ||
|
2021-01-29 14:06:49 | New Pro-Ocean malware worms through Apache, Oracle, Redis servers (lien direct) | The financially-motivated Rocke hackers are using a new piece of cryptojacking malware called Pro-Ocean to target vulnerable instances of Apache ActiveMQ, Oracle WebLogic, and Redis. [...] | Malware | APT 32 | |
|
2021-01-29 11:20:38 | Perl.com domain stolen, now using IP address tied to malware (lien direct) | The domain name perl.com was stolen this week and is now points to an IP address associated with malware campaigns. [...] | Malware | ||
|
2021-01-27 14:56:08 | (Déjà vu) Europol: Emotet malware will uninstall itself on April 25th (lien direct) | Law enforcement has started to distribute an Emotet module to infected devices that will uninstall the malware on March 25th, 2021. [...] | Malware | ||
|
2021-01-27 14:56:08 | Europol: Emotet malware will uninstall itself on March 25th (lien direct) | Law enforcement has started to distribute an Emotet module to infected devices that will uninstall the malware on March 25th, 2021. [...] | Malware | ||
|
2021-01-27 10:16:09 | Linux malware uses open-source tool to evade detection (lien direct) | AT&T Alien Labs security researchers have discovered that the TeamTNT cybercrime group upgraded their Linux crypto-mining with open-source detection evasion capabilities. [...] | Malware Tool | ★★★ | |
|
2021-01-21 12:07:06 | UK govt gives malware infected laptops to vulnerable students (lien direct) | Some of the laptops distributed by the UK Department for Education (DfE) to vulnerable students have been found to be infected with malware as reported by the BBC. [...] | Malware | ||
|
2021-01-21 10:20:24 | QNAP warns users to secure NAS devices against Dovecat malware (lien direct) | QNAP urges customers to secure their network-attached storage (NAS) devices against an ongoing malware campaign that infects and exploits them to mine bitcoin without their knowledge. [...] | Malware | ||
|
2021-01-19 07:48:51 | FreakOut malware exploits critical bugs to infect Linux hosts (lien direct) | An active malicious campaign is currently targeting Linux devices running software with critical vulnerabilities that is powering network-attached storage (NAS) devices or for developing web applications and portals. [...] | Malware | ||
|
2021-01-15 14:34:59 | Windows Finger command abused by phishing to download malware (lien direct) | Attackers are using the normally harmless Windows Finger command to download and install a malicious backdoor on victims' devices. [...] | Malware | ||
|
2021-01-12 08:33:19 | New Sunspot malware found while investigating SolarWinds hack (lien direct) | Cybersecurity firm CrowdStrike has discovered the malware used by the SolarWinds hackers to inject backdoors in Orion platform builds during the supply-chain attack that led to the compromise of several companies and government agencies. [...] | Malware Hack | Solardwinds | |
|
2021-01-11 17:29:11 | Microsoft Sysmon now detects malware process tampering attempts (lien direct) | Microsoft has released Sysmon 13 with a new security feature that detects if a process has been tampered using process hollowing or process herpaderping techniques. [...] | Malware | ||
|
2021-01-11 12:33:00 | Mac malware uses \'run-only\' AppleScripts to evade analysis (lien direct) | A cryptocurrency mining campaign targeting macOS is using malware that has evolved into a complex variant giving researchers a lot of trouble analyzing it. [...] | Malware | ||
|
2021-01-11 09:07:54 | Sunburst backdoor shares features with Russian APT malware (lien direct) | Kaspersky researchers found that the Sunburst backdoor, the malware deployed during the SolarWinds supply-chain attack, shows feature overlaps with Kazuar, a .NET backdoor tentatively linked to the Russian Turla hacking group. [...] | Malware Mobile | Solardwinds Solardwinds | |
|
2021-01-07 06:00:00 | Linux malware authors use Ezuri Golang crypter for zero detection (lien direct) | Multiple malware authors are using the "Ezuri" crypter and memory loader written in Go to evade detection by antivirus products. Source code for Ezuri is available on GitHub for anyone to use. [...] | Malware | ||
|
2021-01-05 12:30:00 | Australian cybersecurity agency used as cover in malware campaign (lien direct) | The Australian government warns of an ongoing campaign impersonating the Australian Cyber Security Centre (ACSC) to infect targets with malware. [...] | Malware | ||
|
2021-01-05 10:00:00 | Cross-platform ElectroRAT malware drains cryptocurrency wallets (lien direct) | Security researchers have discovered a new remote access trojan (RAT) used to empty the cryptocurrency wallets of thousands of Windows, Linux, and macOS users. [...] | Malware | ||
|
2021-01-04 09:36:27 | China\'s APT hackers move to ransomware attacks (lien direct) | Security researchers investigating a set of ransomware incidents at multiple companies discovered malware indicating that the attacks may be the work of a hacker group believed to operate on behalf of China. [...] | Ransomware Malware | ||
|
2020-12-30 09:40:36 | New worm turns Windows, Linux servers into Monero miners (lien direct) | A newly discovered and self-spreading Golang-based malware has been actively dropping XMRig cryptocurrency miners on Windows and Linux servers since early December. [...] | Malware | ||
|
2020-12-29 18:28:07 | Wasabi cloud storage service knocked offline for hosting malware (lien direct) | Cloud storage provider Wasabi suffered an outage after a domain used for storage endpoints was suspended for hosting malware. [...] | Malware | ||
|
2020-12-28 06:57:33 | (Déjà vu) GitHub-hosted malware calculates Cobalt Strike payload from Imgur pic (lien direct) | A new strand of malware uses Word files with macros to download a PowerShell script from GitHub. This PowerShell script further downloads a legitimate image file from image hosting service Imgur to decode a Cobalt Strike script. [...] | Malware | ||
|
2020-12-28 06:57:33 | (Déjà vu) GitHub-based malware calculates Cobalt Strike payload from Imgur pic (lien direct) | A new strand of malware uses Word files with macros to download a PowerShell script from GitHub. This PowerShell script further downloads a legitimate image file from image hosting service Imgur to decode a Cobalt Strike script. [...] | Malware | ||
|
2020-12-26 09:50:11 | SolarWinds releases updated advisory for new SUPERNOVA malware (lien direct) | SolarWinds has released an updated advisory for the additional SuperNova malware discovered to have been distributed through the company's network management platform. [...] | Malware | ||
|
2020-12-25 10:15:15 | Fake Amazon gift card emails deliver the Dridex malware (lien direct) | The Dridex malware gang is delivering a nasty gift for the holidays using a spam campaign pretending to be Amazon Gift Cards. [...] | Spam Malware | ||
|
2020-12-22 09:11:33 | SolarWinds victims revealed after cracking the Sunburst malware DGA (lien direct) | Security researchers have shared lists of organizations where threat actors deployed Sunburst/Solarigate malware, after ongoing investigations of the SolarWinds supply chain attack. [...] | Malware Threat | Solardwinds Solardwinds | |
|
2020-12-18 14:47:56 | Stealthy Magecart malware mistakenly leaks list of hacked stores (lien direct) | A list of dozens of online stores hacked by a web skimming group was inadvertently leaked by a dropper used to deploy a stealthy remote access trojan (RAT) on compromised e-commerce sites. [...] | Malware | ||
|
2020-12-16 16:21:50 | FireEye, Microsoft create kill switch for SolarWinds backdoor (lien direct) | Microsoft, FireEye, and GoDaddy have collaborated to create a kill switch for the SolarWinds Sunburst backdoor that forces the malware to terminate itself. [...] | Malware Mobile | Solardwinds | |
|
2020-12-16 09:00:00 | Ransomware gangs automate payload delivery with SystemBC malware (lien direct) | SystemBC, a commodity malware sold on underground marketplaces, is being used by ransomware-as-a-service (RaaS) operations to hide malicious traffic and automate ransomware payload delivery on the networks of compromised victims. [...] | Ransomware Malware | ||
|
2020-12-15 13:50:00 | New Windows malware may soon target Linux, macOS devices (lien direct) | Newly discovered Windows info-stealing malware linked to an active threat group tracked as AridViper shows signs that it might be used to infect computers running Linux and macOS. [...] | Malware Threat | ||
|
2020-12-14 10:04:46 | US govt, FireEye breached after SolarWinds supply-chain attack (lien direct) | SolarWinds's Orion IT monitoring and management software has been used in a supply chain attack leading to the breach of government and high-profile companies using a malware dubbed SUNBURST or Solorigate. [...] | Malware Guideline | Solardwinds | |
|
2020-12-13 17:44:05 | Hacking group\'s new malware abuses Google and Facebook services (lien direct) | Molerats cyberespionage group has been using in recent spear-phishing campaigns fresh malware that relies on Dropbox, Google Drive, and Facebook for command and control communication and to store stolen data. [...] | Malware | ||
|
2020-12-12 15:10:54 | Subway marketing system hacked to send TrickBot malware emails (lien direct) | Subway UK has disclosed that a hacked system used for marketing campaigns is responsible for the malware-laden phishing emails sent to customers yesterday. [...] | Malware | ||
|
2020-12-11 08:59:22 | Microsoft: New malware can infect over 30K Windows PCs a day (lien direct) | Microsoft has warned of an ongoing campaign pushing a new browser hijacking and credential-stealing malware dubbed Adrozek which, at its peak, was able to take over more than 30,000 devices every day. [...] | Malware | Adrozek | |
|
2020-12-11 08:41:11 | Massive Subway UK phishing attack is pushing TrickBot malware (lien direct) | A massive phishing campaign pretending to be a Subway order confirmation is underway distributing the notorious TrickBot malware. [...] | Malware | ||
|
2020-12-10 09:47:27 | Hackers can use WinZip insecure server connection to drop malware (lien direct) | The server-client communication in certain versions of the WinZip file compression tool is insecure and could be modified to serve malware or fraudulent content to users. [...] | Malware Tool | ||
|
2020-12-09 16:00:00 | Qbot malware switched to stealthy new Windows autostart method (lien direct) | A new Qbot malware version now activates its persistence mechanism right before infected Windows devices shutdown and it automatically removes any traces when the system restarts or wakes up from sleep. [...] | Malware | ||
|
2020-12-09 11:10:41 | Russian hackers hide Zebrocy malware in virtual disk images (lien direct) | Russian-speaking hackers behind Zebrocy malware have changed their technique for delivering malware to high-profile victims and started to pack the threats in Virtual Hard Drives (VHD) to avoid detection. [...] | Malware | ||
|
2020-12-08 11:35:00 | Credit card stealing malware bundles backdoor for easy reinstall (lien direct) | An almost impossible to remove malware set to automatically activate on Black Friday was deployed on multiple Magento-powered online stores by threat actors according to researchers at Dutch cyber-security company Sansec. [...] | Malware Threat | ||
|
2020-12-05 15:33:14 | Police arrest two in data theft cyberattack on Leonardo defense corp (lien direct) | Italian police have arrested two people allegedly for using malware to steal 10 GB of confidental data and military secrets from defense company Leonardo S.p.A. [...] | Malware | ||
|
2020-12-03 14:59:42 | Credit card stealing malware hides in social media sharing icons (lien direct) | Newly discovered web skimming malware is capable of hiding in plain sight to inject payment card skimmer scripts into compromised online stores. [...] | Malware |
To see everything:
Our RSS (filtrered)
