Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-11 11:12:06 |
Microsoft: These are the building blocks of QBot malware attacks (lien direct) |
As QBot campaigns increase in size and frequency, researchers are looking into ways to break the trojan's distribution chain and tackle the threat. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-09 12:34:17 |
Malicious Notepad++ installers push StrongPity malware (lien direct) |
The sophisticated hacking group known as StrongPity is circulating laced Notepad++ installers that infect targets with malware. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-09 06:00:00 |
Hundreds of thousands of MikroTik devices still vulnerable to botnets (lien direct) |
Approximately 300,000 MikroTik routers are vulnerable to critical vulnerabilities that malware botnets can exploit for cryptomining and DDoS attacks. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-07 18:21:46 |
Emotet now drops Cobalt Strike, fast forwards ransomware attacks (lien direct) |
In a concerning development, the notorious Emotet malware now installs Cobalt Strike beacons directly, giving immediate network access to threat actors and making ransomware attacks imminent. [...] |
Ransomware
Malware
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-06 10:00:00 |
Russian hacking group uses new stealthy Ceeloader malware (lien direct) |
The Nobelium hacking group continues to breach government and enterprise networks worldwide by targeting their cloud and managed service providers and using a new custom "Ceeloader" malware. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-05 13:45:16 |
Malicious Excel XLL add-ins push RedLine password-stealing malware (lien direct) |
Cybercriminals are spamming website contact forms and discussion forums to distribute Excel XLL files that download and install the RedLine password and information-stealing malware. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-04 12:06:12 |
Malicious KMSPico installers steal your cryptocurrency wallets (lien direct) |
Threat actors are distributing altered KMSpico installers to infect Windows devices with malware that steals cryptocurrency wallets. [...] |
Malware
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-03 12:40:10 |
Fake support agents call victims to install Android banking malware (lien direct) |
The BRATA Android remote access trojan (RAT) has been spotted in Italy, with threat actors calling victims of SMS attacks to steal their online banking credentials. [...] |
Malware
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-02 05:12:19 |
New malware hides as legit nginx process on e-commerce servers (lien direct) |
eCommerce servers are being targeted with remote access malware that hides on Nginx servers in a way that makes it virtually invisible to security solutions. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-12-01 18:43:10 |
Emotet now spreads via fake Adobe Windows App Installer packages (lien direct) |
The notorious Emotet malware is now distributed through malicious Windows App Installer packages that pretend to be Adobe PDF software. [...] |
Malware
|
|
★★★
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-30 18:04:42 |
Microsoft Defender scares admins with Emotet false positives (lien direct) |
Microsoft Defender for Endpoint is currently blocking Office documents from being opened and some executables from launching due to a false positive tagging the files as potentially bundling an Emotet malware payload. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-30 15:06:34 |
Finland warns of Flubot malware heavily targeting Android users (lien direct) |
Finland's National Cyber Security Centre (NCSC-FI) has issued a "severe alert" to warn of a massive campaign targeting the country's Android users with Flubot banking malware pushed via text messages sent from compromised devices. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-30 11:07:09 |
Android banking malware infects 300,000 Google Play users (lien direct) |
Malware campaigns distributing Android trojans that steals online bank credentials have infected almost 300,000 devices through malicious apps pushed via Google's Play Store. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-30 06:56:06 |
Yanluowang ransomware operation matures with experienced affiliates (lien direct) |
An affiliate of the recently discovered Yanluowang ransomware operation is focusing its attacks on U.S. organizations in the financial sector using BazarLoader malware in the reconnaissance stage. [...] |
Ransomware
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-29 08:43:29 |
APT37 targets journalists with Chinotto multi-platform malware (lien direct) |
North Korean state hacking group APT37 targets South Korean journalists, defectors, and human rights activists in watering hole, spear-phishing emails, and smishing attacks delivering malware dubbed Chinotto capable of infecting Windows and Android devices. [...] |
Malware
Cloud
|
APT 37
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-26 13:02:16 |
TrickBot phishing checks screen resolution to evade researchers (lien direct) |
The TrickBot malware operators have been using a new method to check the screen resolution of a victim system to evade detection of security software and analysis by researchers. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-25 14:30:00 |
How cybercriminals adjusted their scams for Black Friday 2021 (lien direct) |
Black Friday is approaching, and while shoppers prepare to open their wallets, cybercriminals hone their malware droppers, phishing lures, and fake sites. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-25 10:45:38 |
(Déjà vu) New Linux malware hides in cron jobs with invalid dates (lien direct) |
Security researchers have discovered a new remote access trojan (RAT) for Linux that keeps an almost invisible profile by hiding in tasks scheduled for execution on a non-existent day, February 31st. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-25 10:45:38 |
New CronRAT malware infects Linux systems using odd day cron jobs (lien direct) |
Security researchers have discovered a new remote access trojan (RAT) for Linux that keeps an almost invisible profile by hiding in tasks scheduled for execution on a non-existent day, February 31st. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-25 09:26:52 |
Discord malware campaign targets crypto and NFT communities (lien direct) |
A new malware campaign on Discord uses the Babadeda crypter to hide malware that targets the crypto, NFT, and DeFi communities. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-24 11:08:18 |
Stealthy new JavaScript malware infects Windows PCs with RATs (lien direct) |
A new stealthy JavaScript malware loader named RATDispenser is being used to infect devices with a variety of remote access trojans (RATs) in phishing attacks. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-24 08:02:04 |
Black Friday 2021 deal: 20% off Zero2Automated malware analysis courses (lien direct) |
The popular Zero2Automated malware analysis and reverse-engineering course is having another Black Friday and Cyber Monday promotion this year, where you can get 20% off all courses on their site. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-23 16:09:03 |
Malware now trying to exploit new Windows Installer zero-day (lien direct) |
Malware creators have already started testing a proof-of-concept exploit targeting a new Microsoft Windows Installer zero-day publicly disclosed by security researcher Abdelhamid Naceri over the weekend. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-23 11:00:29 |
Over nine million Android devices infected by info-stealing trojan (lien direct) |
A large-scale malware campaign on Huawei's AppGallery has led to approximately 9,300,000 installs of Android trojans masquerading as over 190 different apps [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-23 10:38:06 |
Hackers target biomanufacturing with stealthy Tardigrade malware (lien direct) |
An advanced hacking group is actively targeting biomanufacturing facilities with a new custom malware called 'Tardigrade.' [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-23 10:38:06 |
Tardigrade hackers target big pharma vaccine makers with stealthy malware (lien direct) |
An advanced hacking group known as 'Tardigrade' is targeting biomanufacturing facilities and research centers working on vaccines and critical medicines. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-20 12:55:47 |
Microsoft Exchange servers hacked in internal reply-chain attacks (lien direct) |
Threat actors are hacking Microsoft Exchange servers using ProxyShell and ProxyLogon exploits to distribute malware and bypass detection using stolen internal reply-chain emails. [...] |
Malware
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-18 16:19:09 |
Android malware BrazKing returns as a stealthier banking trojan (lien direct) |
The BrazKing Android banking trojan has returned with dynamic banking overlays and a new implementation trick that enables it to operate without requesting risky permissions. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-18 09:47:45 |
North Korean cyberspies target govt officials with custom malware (lien direct) |
A state-sponsored North Korean threat actor tracked as TA406 was recently observed deploying custom info-stealing malware in espionage campaigns. [...] |
Malware
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-16 18:07:17 |
Here are the new Emotet spam campaigns hitting mailboxes worldwide (lien direct) |
The Emotet malware kicked into action yesterday after a ten-month hiatus with multiple spam campaigns delivering malicious documents to mailboxes worldwide. [...] |
Spam
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-15 15:04:23 |
(Déjà vu) Emotet malware is back and rebuilding its botnet via TrickBot (lien direct) |
The Emotet malware was considered the most widely spread malware in the past, using spam campaigns and malicious attachments to distribute the malware. [...] |
Spam
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-15 15:04:23 |
The Emotet malware is back and rebuilding its botnet via TrickBot (lien direct) |
The Emotet malware was considered the most widely spread malware in the past, using spam campaigns and malicious attachments to distribute the malware. [...] |
Spam
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-15 14:15:27 |
Alibaba ECS instances actively hijacked by cryptomining malware (lien direct) |
Threat actors are hijacking Alibaba Elastic Computing Service (ECS) instances to install cryptominer malware and harness the available server resources for their own profit. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-12 10:27:11 |
Microsoft warns of surge in HTML smuggling phishing attacks (lien direct) |
Microsoft has seen a surge in malware campaigns using HTML smuggling to distribute banking malware and remote access trojans (RAT). [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-11 16:34:07 |
Windows 10 App Installer abused in BazarLoader malware attacks (lien direct) |
The TrickBot gang operators are now abusing the Windows 10 App Installer to deploy their BazarLoader malware on the systems of targets who fall victim to a highly targeted spam campaign. [...] |
Spam
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-11 15:41:09 |
BotenaGo botnet targets millions of IoT devices with 33 exploits (lien direct) |
A new BotenaGo malware botnet has been discovered using over thirty exploits to attack millions of routers and IoT devices. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-11 02:45:34 |
Careful: \'Smart TV remote\' Android app on Google Play is malware (lien direct) |
Two Android apps sitting on the Google Play store have been found to contain malware this week. These apps are called 'Smart TV remote' and 'Halloween Coloring'. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-10 08:56:28 |
New Android malware targets Netflix, Instagram, and Twitter users (lien direct) |
A new Android malware known as MasterFred uses fake login overlays to steal the credit card information of Netflix, Instagram, and Twitter users. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-09 12:33:16 |
Iranian state hackers use upgraded malware in attacks on ISPs, telcos (lien direct) |
The Iranian state-supported APT known as 'Lyceum' (Hexane, Spilrin) targeted ISPs and telecommunication service providers in the Middle East and Africa between July and October 2021. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-11-03 12:29:07 |
Stealthier version of Mekotio banking trojan spotted in the wild (lien direct) |
A new version of a banking trojan known as Mekotio is being deployed in the wild, with malware analysts reporting that it's using a new, stealthier infection flow. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-29 12:20:10 |
Snake malware biting hard on 50 apps for only $25 (lien direct) |
Cybercriminals are flooding to use the Snake password-stealing trojan, making it one of the popular malware families used in attacks. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-29 12:08:44 |
Hive ransomware now encrypts Linux and FreeBSD systems (lien direct) |
The Hive ransomware gang now also encrypts Linux and FreeBSD using new malware variants specifically developed to target these platforms. [...] |
Ransomware
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-28 21:17:36 |
TrickBot malware dev extradited to U.S. faces 60 years in prison (lien direct) |
A Russian national believed to be a member of the TrickBot malware development team has been extradited to the U.S. and is currently facing charges that could get him 60 years in prison. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-28 09:15:44 |
New AbstractEmu malware roots Android devices, evades detection (lien direct) |
New Android malware can root infected devices to take complete control and silently tweak system settings, as well as evade detection using code abstraction and anti-emulation checks. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-26 15:45:30 |
Spammers use Squirrelwaffle malware to drop Cobalt Strike (lien direct) |
A new malware threat named Squirrelwaffle has emerged in the wild, supporting actors with an initial foothold and a way to drop malware onto compromised systems and networks. [...] |
Malware
Threat
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-22 11:14:08 |
Microsoft: WizardUpdate Mac malware adds new evasion tactics (lien direct) |
Microsoft says it found new variants of macOS malware known as WizardUpdate (also tracked as UpdateAgent or Vigram), updated to use new evasion and persistence tactics. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-21 17:10:53 |
Massive campaign uses YouTube to push password-stealing malware (lien direct) |
Widespread malware campaigns are creating YouTube videos to distribute password-stealing trojans to unsuspecting viewers. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-21 10:22:50 |
RAT malware spreading in Korea through webhards and torrents (lien direct) |
An ongoing malware distribution campaign targeting South Korea is disguising RATs (remote access trojans) as an adult game shared via webhards and torrents. [...] |
Malware
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-20 11:49:39 |
Google: YouTubers\' accounts hijacked with cookie-stealing malware (lien direct) |
Google says YouTube creators have been targeted with password-stealing malware in phishing attacks coordinated by financially motivated threat actors since at least late 2019. [...] |
Malware
|
Uber
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2021-10-18 13:28:10 |
State-backed hackers breach telcos with custom malware (lien direct) |
A previously unknown state-sponsored actor is deploying a novel toolset in attacks targeting telecommunication providers and IT firms in South Asia. [...] |
Malware
|
|
|