What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-08-09 10:02:04 | Hackers install Dracarys Android malware using modified Signal app (lien direct) | Researchers have discovered more details on the newly discovered Android spyware 'Dracarys,' used by the Bitter APT group in cyberespionage operations targeting users from New Zealand, India, Pakistan, and the United Kingdom. [...] | Malware | ||
|
2022-08-08 09:36:53 | Chinese hackers use new Windows malware to backdoor govt, defense orgs (lien direct) | An extensive series of attacks detected in January used new Windows malware to backdoor government entities and organizations in the defense industry from several countries in Eastern Europe. [...] | Malware | ||
|
2022-08-05 10:40:33 | Facebook finds new Android malware used by APT hackers (lien direct) | Meta (Facebook) has released its Q2 2022 adversarial threat report, and among the highlights is the discovery of two cyber-espionage clusters connected to hacker groups known as 'Bitter APT' and APT36 (aka 'Transparent Tribe') using new Android malware. [...] | Malware Threat | APT 36 | |
|
2022-08-04 12:22:22 | New Linux malware brute-forces SSH servers to breach networks (lien direct) | A new botnet called 'RapperBot' has emerged in the wild since mid-June 2022, focusing on brute-forcing its way into Linux SSH servers and then establishing persistence. [...] | Malware | ||
|
2022-08-04 11:55:29 | Cybersecurity agencies reveal last year\'s top malware strains (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a list of the topmost detected malware strains last year in a joint advisory with the Australian Cyber Security Centre (ACSC). [...] | Malware | ||
|
2022-08-03 18:35:14 | Russian organizations attacked with new Woody RAT malware (lien direct) | Unknown attackers target Russian entities with newly discovered malware that allows them to control and steal information from compromised devices remotely. [...] | Malware | ||
|
2022-08-03 17:43:59 | Cloned Atomic Wallet website is pushing Mars Stealer malware (lien direct) | A fake website impersonating the official portal for the Atomic wallet, a popular decentralized wallet that also operates as a cryptocurrency exchange portal, is, in reality, distributing copies of the Mars Stealer information-stealing malware. [...] | Malware | ||
|
2022-08-03 16:35:51 | Windows 11 Smart App Control blocks files used to push malware (lien direct) | Smart App Control, a Windows 11 security feature that blocks threats at the process level, now comes with support for blocking several new file types threat actors have recently adopted to infect targets with malware in phishing attacks. [...] | Malware Threat | ||
|
2022-08-03 05:11:19 | 35,000 code repos not hacked-but clones flood GitHub to serve malware (lien direct) | Thousands of GitHub repositories were forked (cloned) and altered to include malware, a software engineer discovered. [...] | Malware | ★★★★ | |
|
2022-08-02 12:00:00 | Wolf in sheep\'s clothing: how malware tricks users and antivirus (lien direct) | One of the primary methods used by malware distributors to infect devices is by deceiving people into downloading and running malicious files, and to achieve this deception, malware authors are using a variety of tricks. [...] | Malware | ★★★★★ | |
|
2022-07-29 07:31:00 | Microsoft links Raspberry Robin malware to Evil Corp attacks (lien direct) | Microsoft has discovered that an access broker it tracks as DEV-0206 uses the Raspberry Robin Windows worm to deploy a malware downloader on networks where it also found evidence of malicious activity matching Evil Corp tactics. [...] | Malware | ||
|
2022-07-28 10:13:54 | Malicious npm packages steal Discord users\' payment card info (lien direct) | Multiple npm packages are being used in an ongoing malicious campaign to infect Discord users with malware that steals their payment card information. [...] | Malware | ||
|
2022-07-28 05:00:00 | As Microsoft blocks Office macros, hackers find new attack vectors (lien direct) | Hackers who normally distributed malware via phishing attachments with malicious macros gradually changed tactics after Microsoft Office began blocking them by default, switching to new file types such as ISO, RAR, and Windows Shortcut (LNK) attachments. [...] | Malware | ||
|
2022-07-27 11:09:43 | Microsoft: Windows, Adobe zero-days used to deploy Subzero malware (lien direct) | Microsoft has linked a threat group it tracks as Knotweed to a cyber mercenary outfit (aka private-sector offensive actor) named DSIRF, targeting European and Central American entities using a malware toolset dubbed Subzero. [...] | Malware Threat | ||
|
2022-07-26 13:21:59 | New Android malware apps installed 10 million times from Google Play (lien direct) | A new batch of malicious Android apps filled with adware and malware was found on the Google Play Store that have been installed close to 10 million times on mobile devices. [...] | Malware | ||
|
2022-07-25 21:37:04 | CosmicStrand UEFI malware found in Gigabyte, ASUS motherboards (lien direct) | Chinese-speaking hackers have been using since at least 2016 malware that lies virtually undetected in the firmware images for some motherboards, one of the most persistent threats commonly known as a UEFI rootkit. [...] | Malware | ||
|
2022-07-25 14:30:47 | Source code for Rust-based info-stealer released on hacker forums (lien direct) | A malware author released the source code of their info-stealer for free on hacking forums earlier this month, and security analysts already report observing several samples being deployed in the wild. [...] | Malware | ★★★★★ | |
|
2022-07-24 12:11:22 | Amadey malware pushed via software cracks in SmokeLoader campaign (lien direct) | A new version of the Amadey Bot malware is distributed through the SmokeLoader malware, using software cracks and keygen sites as lures. [...] | Malware | ||
|
2022-07-24 11:18:09 | QBot phishing uses Windows Calculator sideloading to infect devices (lien direct) | The operators of the QBot malware have been using the Windows Calculator to side-load the malicious payload on infected computers. [...] | Malware | ||
|
2022-07-23 12:08:04 | North Korean hackers attack EU targets with Konni RAT malware (lien direct) | Threat analysts have uncovered a new campaign attributed to APT37, a North Korean group of hackers, targeting high-value organizations in the Czech Republic, Poland, and other European countries. [...] | Malware Threat Cloud | APT 37 | |
|
2022-07-21 05:42:43 | New \'Lightning Framework\' Linux malware installs rootkits, backdoors (lien direct) | A new and previously undetected malware dubbed 'Lightning Framework' targets Linux systems and can be used to backdoor infected devices using SSH and deploy multiple types of rootkits. [...] | Malware | ||
|
2022-07-19 14:19:59 | Malicious Android apps with 300K installs found on Google Play (lien direct) | Cybersecurity researchers have discovered three Android malware families infiltrating the Google Play Store, hiding their malicious payloads inside many seemingly innocuous applications. [...] | Malware | ||
|
2022-07-19 13:06:41 | Google catches Turla hackers deploying Android malware in Ukraine (lien direct) | Google's Threat Analysis Group (TAG), whose primary goal is to defend Google users from state-sponsored attacks, said today that Russian-backed threat groups are still focusing their attacks on Ukrainian organizations. [...] | Malware Threat | ||
|
2022-07-19 05:30:00 | New CloudMensis malware backdoors Macs to steal victims\' data (lien direct) | Unknown threat actors are using previously undetected malware to backdoor macOS devices and exfiltrate information in a highly targeted series of attacks. [...] | Malware Threat | ||
|
2022-07-16 10:11:12 | (Déjà vu) Elastix VoIP systems hacked in massive campaign to install PHP web shells (lien direct) | Threat analysts have uncovered a large-scale campaign targeting Elastix VoIP telephony servers with more than 500,000 malware samples over a period of three months. [...] | Malware Threat | ||
|
2022-07-16 10:11:12 | Massive campaign hits Elastix VoIP systems with 500,000 unique malware samples (lien direct) | Threat analysts have uncovered a large-scale campaign targeting Elastix VoIP telephony servers with more than 500,000 malware samples over a period of three months. [...] | Malware Threat | ||
|
2022-07-15 13:46:43 | Password recovery tool infects industrial systems with Sality malware (lien direct) | A threat actor is infecting industrial control systems (ICS) to create a botnet through password "cracking" software for programmable logic controllers (PLCs). [...] | Malware Tool Threat | ||
|
2022-07-13 11:00:33 | New Android malware on Google Play installed 3 million times (lien direct) | A new Android malware family on the Google Play Store that secretly subscribes users to premium services was downloaded over 3,000,000 times. [...] | Malware | ||
|
2022-07-07 17:04:09 | Fake copyright complaints push IcedID malware using Yandex Forms (lien direct) | [...] | Malware | ||
|
2022-07-07 16:38:42 | New stealthy OrBit malware steals data from Linux devices (lien direct) | A newly discovered Linux malware is being used to stealthily steal information from backdoored Linux systems and infect all running processes on the machine. [...] | Malware | ||
|
2022-07-06 16:46:37 | IT services giant SHI hit by "professional malware attack" (lien direct) | SHI International Corp, a New Jersey-based provider of Information Technology (IT) products and services, has confirmed that its network was hit by a malware attack over the weekend. [...] | Malware | ||
|
2022-06-30 19:05:11 | Toll fraud malware disables your WiFi to force premium subscriptions (lien direct) | Microsoft is warning that toll fraud malware is one of the most prevalent threats on Android and that it is evolving with features that allow automatic subscription to premium services. [...] | Malware Threat | ||
|
2022-06-30 12:59:02 | Microsoft Exchange servers worldwide backdoored with new malware (lien direct) | A newly discovered lightweight and persistent malware was used by attackers to backdoor Microsoft Exchange servers belonging to government and military organizations from Europe, the Middle East, Asia, and Africa. [...] | Malware | ||
|
2022-06-30 09:00:00 | XFiles info-stealing malware adds support for Follina delivery (lien direct) | The XFiles info-stealer malware has added a delivery module that exploits CVE-2022-30190, aka Follina, for dropping the payload on target computers. [...] | Malware | ||
|
2022-06-29 13:53:15 | New YTStealer malware steals accounts from YouTube Creators (lien direct) | A new information-stealing malware named YTStealer is targeting YouTube content creators and attempting to steal their authentication tokens and hijack their channels. [...] | Malware | ||
|
2022-06-28 11:33:09 | New ZuoRAT malware targets SOHO routers in North America, Europe (lien direct) | A newly discovered multistage remote access trojan (RAT) dubbed ZuoRAT has been used to target remote workers via small office/home office (SOHO) routers across North America and Europe undetected since 2020. [...] | Malware | ||
|
2022-06-28 09:39:28 | Raccoon Stealer is back with a new version to steal your passwords (lien direct) | The Raccoon Stealer malware is back with a second major version circulating on cybercrime forums, offering hackers elevated password-stealing functionality and upgraded operational capacity. [...] | Malware | ||
|
2022-06-27 14:30:15 | Android malware \'Revive\' impersonates BBVA bank\'s 2FA app (lien direct) | A new Android banking malware named Revive has been discovered that impersonates a 2FA application required to log into BBVA bank accounts in Spain. [...] | Malware | ||
|
2022-06-26 11:05:10 | Fake copyright infringement emails install LockBit ransomware (lien direct) | LockBit ransomware affiliates are using an interesting trick to get people into infecting their devices by disguising their malware as copyright claims. [...] | Ransomware Malware | ||
|
2022-06-23 11:04:57 | Malicious Windows \'LNK\' attacks made easy with new Quantum builder (lien direct) | Malware researchers have noticed a new tool that helps cybercriminals build malicious .LNK files to deliver payloads for the initial stages of an attack. [...] | Malware | ||
|
2022-06-21 15:34:44 | Russian govt hackers hit Ukraine with Cobalt Strike, CredoMap malware (lien direct) | The Ukrainian Computer Emergency Response Team (CERT) is warning that Russian hacking groups are exploiting the Follina code execution vulnerability in new phishing campaigns to install the CredoMap malware and Cobalt Strike beacons. [...] | Malware Vulnerability | ||
|
2022-06-19 10:15:23 | Android-wiping BRATA malware is evolving into a persistent threat (lien direct) | The threat actors operating the BRATA banking trojan have evolved their tactics and incorporated new information-stealing features into their malware. [...] | Malware Threat | ★★★ | |
|
2022-06-18 10:06:03 | (Déjà vu) New phishing attack infects devices with Cobalt Strike (lien direct) | Security researchers have noticed a new malicious spam campaign that delivers the 'Matanbuchus' malware to drop Cobalt Strike beacons on compromised machines. [...] | Spam Malware | ★★★ | |
|
2022-06-18 10:06:03 | Wave of \'Matanbuchus\' spam is infecting devices with Cobalt Strike (lien direct) | Security researchers have noticed a new malicious spam campaign that delivers the 'Matanbuchus' malware to drop Cobalt Strike beacons on compromised machines. [...] | Spam Malware | ||
|
2022-06-17 10:17:19 | Russian RSocks botnet disrupted after hacking millions of devices (lien direct) | The U.S. Department of Justice has announced the disruption of the Russian RSocks malware botnet used to hijack millions of computers, Android smartphones, and IoT (Internet of Things) devices worldwide for use as proxy servers. [...] | Malware | ||
|
2022-06-16 15:43:57 | New MaliBot Android banking malware spreads as a crypto miner (lien direct) | Threat analysts have discovered a new Android malware strain named MaliBot, which poses as a cryptocurrency mining app or the Chrome web browser to target users in Italy and Spain. [...] | Malware Threat | ||
|
2022-06-14 15:36:10 | Android malware on the Google Play Store gets 2 million downloads (lien direct) | Cybersecurity researchers have discovered adware and information-stealing malware on the Google Play Store last month, with at least five still available and having amassed over two million downloads. [...] | Malware | ||
|
2022-06-13 17:56:20 | Gallium hackers backdoor finance, govt orgs using new PingPull malware (lien direct) | The Gallium state-sponsored hacking group has been spotted using a new 'PingPull' remote access trojan against financial institutions and government entities in Europe, Southeast Asia, and Africa. [...] | Malware | ||
|
2022-06-13 11:13:00 | New Syslogk Linux rootkit uses magic packets to trigger backdoor (lien direct) | A new rootkit malware named 'Syslogk' has been spotted in the wild, and it features advanced process and file hiding techniques that make detection highly unlikely. [...] | Malware | ||
|
2022-06-09 12:35:04 | Microsoft Defender now isolates hacked, unmanaged Windows devices (lien direct) | Microsoft has announced a new feature for Microsoft Defender for Endpoint (MDE) to help organizations prevent attackers and malware from using compromised unmanaged devices to move laterally through the network. [...] | Malware |
To see everything:
Our RSS (filtrered)
