Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-10-11 10:44:41 |
Huawei Cloud targeted by updated cryptomining malware (lien direct) |
A new version of a 2020 crypto-mining malware that was previously targeting Docker containers has now been spotted focusing on new cloud service providers like the Huawei Cloud. [...] |
Malware
|
|
|
|
2021-10-10 13:16:30 |
FontOnLake malware infects Linux systems via trojanized utilities (lien direct) |
A newly discovered malware family has been infecting Linux systems concealed in legitimate binaries. Dubbed FontOnLake, the threat delivers backdoor and rootkit components. [...] |
Malware
Threat
|
|
|
|
2021-10-07 13:53:05 |
FIN12 hits healthcare with quick and focused ransomware attacks (lien direct) |
While most ransomware actors spend time on the victim network looking for important data to steal, one group favors quick malware deployment against sensitive, high-value targets. [...] |
Ransomware
Malware
|
|
|
|
2021-10-06 15:42:54 |
Hackers use stealthy ShellClient malware on aerospace, telco firms (lien direct) |
Threat researchers investigating malware used to target companies in the aerospace and telecommunications sectors discovered a new threat actor that has been running cyber espionage campaigns since at least 2018. [...] |
Malware
Threat
|
|
|
|
2021-10-01 09:19:20 |
Flubot Android malware now spreads via fake security updates (lien direct) |
The Flubot malware has switched to a new and likely more effective lure to compromise Android devices, now trying to trick its victims into infecting themselves with the help of fake security updates warning them of Flubot infections. [...] |
Malware
|
|
|
|
2021-10-01 08:18:18 |
Hydra malware targets customers of Germany\'s second largest bank (lien direct) |
The Hydra banking trojan is back to targeting European e-banking platform users, and more specifically, customers of Commerzbank, Germany's second-largest financial institution. [...] |
Malware
|
|
|
|
2021-09-29 10:45:18 |
New Android malware steals millions after infecting 10M phones (lien direct) |
A large-scale malware campaign has infected more than 10 million Android devices from over 70 countries and likely stole hundreds of millions from its victims by subscribing to paid services without their knowledge. [...] |
Malware
|
|
|
|
2021-09-28 13:46:26 |
FinFisher malware hijacks Windows Boot Manager with UEFI bootkit (lien direct) |
Commercially developed FinFisher malware now can infect Windows devices using a UEFI bootkit that it injects in the Windows Boot Manager. [...] |
Malware
|
|
|
|
2021-09-27 16:03:47 |
(Déjà vu) Microsoft: Nobelium uses custom malware to backdoor Windows domains (lien direct) |
Microsoft has discovered new malware used by the Nobelium hacking group to deploy additional payloads and steal sensitive info from Active Directory Federation Services (AD FS) servers. [...] |
Malware
|
|
|
|
2021-09-27 16:03:47 |
Microsoft: Nobelium hackers backdoor AD FS servers for data theft (lien direct) |
Microsoft has discovered new malware used by the Nobelium hacking group to deploy additional payloads and harvest and exfiltrate sensitive info from Active Directory Federation Services (AD FS) servers. [...] |
Malware
|
|
|
|
2021-09-27 11:22:58 |
New malware steals Steam, Epic Games Store, and EA Origin accounts (lien direct) |
A new malware sold on dark web forums is being used by threat actors to steal accounts for multiple gaming platforms, including Steam, Epic Games Store, and EA Origin. [...] |
Malware
Threat
|
|
|
|
2021-09-23 12:24:41 |
Malware devs trick Windows validation with malformed certs (lien direct) |
Google researchers spotted malware developers creating malformed code signatures seen as valid in Windows to bypass security software. [...] |
Malware
|
|
|
|
2021-09-21 11:54:56 |
Russian state hackers use new TinyTurla malware as secondary backdoor (lien direct) |
Russian state-sponsored hackers known as the Turla APT group have been using new malware over the past year that acted as a secondary persistence method on compromised systems in the U.S., Germany, and Afghanistan. [...] |
Malware
|
|
★★★★
|
|
2021-09-16 13:33:25 |
New malware uses Windows Subsystem for Linux for stealthy attacks (lien direct) |
Security researchers have discovered malicious Linux binaries created for the Windows Subsystem for Linux (WSL), indicating that hackers are trying out new methods to compromise Windows machines. [...] |
Malware
|
|
|
|
2021-09-08 18:10:59 |
Ukrainian extradited for selling 2,000 stolen logins per week (lien direct) |
The US Department of Justice has indicted a Ukrainian man for using a malware botnet to brute force computer logon credentials and then selling them on a criminal remote access marketplace. [...] |
Malware
|
|
|
|
2021-09-06 11:24:22 |
TrickBot gang developer arrested when trying to leave Korea (lien direct) |
An alleged Russian developer for the notorious TrickBot malware gang was arrested in South Korea after attempting to leave the country. [...] |
Malware
|
|
|
|
2021-09-04 12:35:55 |
Watch out for new malware campaign\'s \'Windows 11 Alpha\' attachment (lien direct) |
Relying on a simple recipe that has proved successful time and time again, threat actors have deployed a malware campaign recently that used a Windows 11 theme to lure recipients into activating malicious code placed inside Microsoft Word documents. [...] |
Malware
Threat
|
|
|
|
2021-08-31 11:12:09 |
Cybercriminal sells tool to hide malware in AMD, NVIDIA GPUs (lien direct) |
Cybercriminals are making strides towards attacks with malware that executes code from the graphics processing unit (GPU) of a compromised system. [...] |
Malware
Tool
|
|
|
|
2021-08-27 09:30:54 |
(Déjà vu) Fake DMCA and DDoS complaints lead to BazaLoader malware (lien direct) |
Cybercriminals behind the BazaLoader malware came up with a new lure to trick website owners into opening malicious files: fake notifications about the site being engaged in distributed denial-of-service (DDoS) attacks. [...] |
Malware
|
|
|
|
2021-08-27 09:30:54 |
Fake DMCA complaints, DDoS threats lead to BazaLoader malware (lien direct) |
Cybercriminals behind the BazaLoader malware came up with a new lure to trick website owners into opening malicious files: fake notifications about the site being engaged in distributed denial-of-service (DDoS) attacks. [...] |
Malware
|
|
|
|
2021-08-25 09:00:00 |
FIN8 cybercrime gang backdoors US orgs with new Sardonic malware (lien direct) |
A financially motivated cybercrime gang has breached and backdoored the network of a US financial organization with a new malware known dubbed Sardonic by Bitdefender researchers who first spotted it. [...] |
Malware
|
|
|
|
2021-08-24 13:12:34 |
Malicious WhatsApp mod infects Android devices with malware (lien direct) |
A malicious version of the FMWhatsappWhatsApp mod delivers a Triadatrojan payload, a nasty surprise that infects their devices with additional malware, including the very hard-to-remove xHelper trojan. [...] |
Malware
|
|
|
|
2021-08-23 17:17:23 |
Phishing campaign uses UPS.com XSS vuln to distribute malware (lien direct) |
A clever UPS phishing campaign utilized an XSS vulnerability in UPS.com to push fake and malicious 'Invoice' Word documents. [...] |
Malware
Vulnerability
|
|
|
|
2021-08-17 11:00:22 |
Malware campaign uses clever \'captcha\' to bypass browser warning (lien direct) |
A malware campaign uses a clever captcha prompt to trick users into bypassing browsers warnings to download the Ursnif (aka Gozi) banking trojan. [...] |
Malware
|
|
|
|
2021-08-16 15:38:27 |
Malware dev infects own PC and data ends up on intel platform (lien direct) |
A malware developer unleashed their creation on their system to try out new features and the data ended up on a cybercrime intelligence platform, exposing a glimpse of the cybercriminal endeavor. [...] |
Malware
|
|
|
|
2021-08-16 09:06:46 |
Hackers behind Iranian wiper attacks linked to Syrian breaches (lien direct) |
Destructive attacks that targeted Iran's transport ministry and national train system were coordinated by a threat actor dubbed Indra who previously deployed wiper malware on the networks of multiple Syrian organizations. [...] |
Malware
Threat
|
|
|
|
2021-08-11 09:00:00 |
New AdLoad malware variant slips through Apple\'s XProtect defenses (lien direct) |
A new AdLoad malware variant is slipping through Apple's YARA signature-based XProtect built-in antivirus tech to infect Macs. [...] |
Malware
|
|
|
|
2021-08-09 17:43:03 |
FlyTrap malware hijacks thousands of Facebook accounts (lien direct) |
A new Android threat that researchers call FlyTrap has been hijacking Facebook accounts of users in more than 140 countries by stealing session cookies. [...] |
Malware
Threat
|
|
|
|
2021-08-09 09:12:17 |
Synology warns of malware infecting NAS devices with ransomware (lien direct) |
Taiwan-based NAS maker Synology has warned customers that the StealthWorker botnet is targeting their network-attached storage devices in ongoing brute-force attacks. [...] |
Ransomware
Malware
|
|
|
|
2021-08-05 09:57:04 |
(Déjà vu) Prometheus TDS: The $250 service behind recent malware attacks (lien direct) |
Security researchers investigating multiple malware distribution campaigns found that an underground traffic distribution service called Prometheus is responsible for delivering threats that often lead to ransomware attacks. [...] |
Ransomware
Malware
Guideline
|
|
|
|
2021-08-05 09:57:04 |
Prometheus: The $250 service behind recent malware attacks (lien direct) |
Security researchers investigating multiple malware distribution campaigns found that an underground traffic distribution service called Prometheus is responsible for delivering threats that often lead to ransomware attacks. [...] |
Ransomware
Malware
Guideline
|
|
|
|
2021-07-29 12:46:55 |
New destructive Meteor wiper malware used in Iranian railway attack (lien direct) |
A new file wiping malware called Meteor was discovered used in the recent attacks against Iran's railway system. [...] |
Malware
|
|
|
|
2021-07-28 11:15:13 |
Google Play Protect fails Android security tests once more (lien direct) |
Google Play Protect, the Android built-in malware defense system, has failed the real-world tests of antivirus testing lab AV-TEST after detecting just over two thirds out of more than 20,000 malicious apps it was pitted against. [...] |
Malware
|
|
|
|
2021-07-23 16:06:46 |
Fake Windows 11 installers now used to infect you with malware (lien direct) |
Scammers are already taking advantage of the hype surrounding Microsoft's next Windows release to push fake Windows 11 installers riddled with malware, adware, and other malicious tools. [...] |
Malware
|
|
|
|
2021-07-23 15:29:55 |
MacOS malware steals Telegram accounts, Google Chrome data (lien direct) |
Security researchers have published details about the method used by a strain of macOS malware to steal login information from multiple apps, enabling its operators to steal accounts. [...] |
Malware
|
|
|
|
2021-07-21 14:42:16 |
CISA warns of stealthy malware found on hacked Pulse Secure devices (lien direct) |
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released an alert today about more than a dozen malware samples found on exploited Pulse Secure devices that are largely undetected by antivirus products. [...] |
Malware
|
|
|
|
2021-07-21 09:00:00 |
NPM package steals Chrome passwords on Windows via recovery tool (lien direct) |
New npm malware has been caught stealing credentials from the Google Chrome web browser by using legitimate password recovery tools on Windows systems. Additionally, this malware listens for incoming connections from the attacker's C2 server and provides advanced capabilities, including screen and camera access. [...] |
Malware
Tool
|
|
|
|
2021-07-21 06:20:41 |
XLoader malware steals logins from macOS and Windows systems (lien direct) |
A highly popular malware for stealing information from Windows systems has been modified into a new strain called XLoader, which can also target macOS systems. [...] |
Malware
|
|
|
|
2021-07-20 04:00:00 |
New MosaicLoader malware targets software pirates via online ads (lien direct) |
An ongoing worldwide campaign is pushing new malware dubbed MosaicLoader advertising camouflaged as cracked software via search engine results to infect wannabe software pirates' systems. [...] |
Malware
|
|
|
|
2021-07-14 15:29:17 |
BazarBackdoor sneaks in through nested RAR and ZIP archives (lien direct) |
Security researchers caught a new phishing campaign that tried to deliver the BazarBackdoor malware by using the multi-compression technique and masking it as an image file. [...] |
Malware
|
|
|
|
2021-07-14 03:32:00 |
Trickbot updates its VNC module for high-value targets (lien direct) |
The Trickbot botnet malware that often distributes various ransomware strains, continues to be the most prevalent threat as its developers update the VNC module used for remote control over infected systems. [...] |
Ransomware
Malware
Threat
|
|
|
|
2021-07-13 03:29:00 |
New BIOPASS malware live streams victim\'s computer screen (lien direct) |
Hackers compromised gambling sites to deliver a new remote access trojan (RAT) called BIOPASS that enables watching the victim's computer screen in real time by abusing popular live-streaming software. [...] |
Malware
|
|
|
|
2021-06-29 13:48:21 |
Russian hackers had months-long access to Denmark\'s central bank (lien direct) |
Russian state hackers compromised Denmark's central bank (Danmarks Nationalbank) and planted malware that gave them access to the network for more than half a year without being detected. [...] |
Malware
|
|
★★★★
|
|
2021-06-26 05:16:04 |
Microsoft admits to signing rootkit malware in supply-chain fiasco (lien direct) |
Microsoft has now confirmed signing a malicious driver being distributed within gaming environments. This driver, called "Netfilter," is in fact a rootkit that was observed communicating with Chinese command-and-control IPs. [...] |
Malware
|
|
|
|
2021-06-23 09:00:00 |
PYSA ransomware backdoors education orgs using ChaChi malware (lien direct) |
The PYSA ransomware gang has been using a remote access Trojan (RAT) dubbed ChaChi to backdoor the systems of healthcare and education organizations and steal data that later gets leveraged in double extortion ransom schemes. [...] |
Ransomware
Malware
|
|
|
|
2021-06-17 11:58:44 |
Vigilante malware blocks victims from downloading pirated software (lien direct) |
A vigilante developer turns the tables on software pirates by distributing malware that prevents them from accessing pirated software sites in the future. [...] |
Malware
|
|
|
|
2021-06-16 12:22:19 |
US convicts Russian national behind Kelihos botnet crypting service (lien direct) |
Russian national Oleg Koshkin was convicted for charges related to the operation of a malware crypter service used by the Kelihos botnet to obfuscate malware payloads and evade detection. [...] |
Malware
|
|
|
|
2021-06-15 08:00:28 |
Google Workspace adds new phishing protection, client-side encryption (lien direct) |
Google Workspace (formerly G Suite) has been updated with client-side encryption and new Google Drive phishing and malware content protection. [...] |
Malware
|
|
|
|
2021-06-14 12:30:18 |
Microsoft: SEO poisoning used to backdoor targets with malware (lien direct) |
Microsoft is tracking a series of attacks that use SEO poisoning to infect targets with a remote access trojan (RAT) capable of stealing the victims' sensitive info and backdooring their systems. [...] |
Malware
|
|
|
|
2021-06-07 06:51:59 |
New Kubernetes malware backdoors clusters via Windows containers (lien direct) |
New malware active for more than a year is compromising Windows containers to compromise Kubernetes clusters with the end goal of backdooring them and paving the way for attackers to abuse them in other malicious activities. [...] |
Malware
|
Uber
|
|