Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-09-22 13:45:08 |
Fake sites fool Zoom users into downloading deadly code (lien direct) |
Ah, the human touch Beware the Zoom site you don't recognize, as a criminal gang is creating multiple fake versions aimed at luring users to download malware that can steal banking data, IP addresses, and other information.… |
Malware
|
|
|
|
2022-09-21 15:56:01 |
Malwarebytes blocks Google, YouTube as malware (lien direct) |
Sounds like fair comment Google and its Youtube domains are being flagged as malicious by Malwarebytes as of Wednesday morning, blocking users from accessing a whole range of websites.… |
Malware
|
|
|
|
2022-09-21 09:26:11 |
ChromeLoader, what took you so long? Malvertising irritant now slings ransomware (lien direct) |
Doesn't make cents, makes bigger bucks instead ... probably ChromeLoader – the malware that exploded onto the scene this year by hijacking browsers to redirect users to pages of ads – is apparently evolving into a more significant threat by deploying malicious payloads that go beyond malvertising.… |
Ransomware
Malware
Threat
|
|
|
|
2022-09-10 11:00:07 |
Shape-shifting cryptominer savaging Linux endpoints and IoT (lien direct) |
Also, Authorities seize WT1SHOP selling 5.8m sets of PII, The North Face users face tough secuirty hike In brief AT&T cybersecurity researchers have discovered a sneaky piece of malware targeting Linux endpoints and IoT devices in the hopes of gaining persistent access and turning victims into crypto-mining drones.… |
Malware
|
|
|
|
2022-09-08 12:00:09 |
Lazarus Group unleashed a MagicRAT to spy on energy providers (lien direct) |
Cisco finds custom malware in North Korea's latest cyberespionage effort The North Korean state-sponsored crime ring Lazarus Group is behind a new cyberespionage campaign with the goal to steal data and trade secrets from energy providers across the US, Canada and Japan, according to Cisco Talos.… |
Malware
Medical
|
APT 38
|
|
|
2022-09-07 12:34:49 |
Cybercriminals target games popular with kids to distribute malware (lien direct) |
Kaspersky research finds Minecraft and Roblox have the most malicious files associated with them With 3 billion players globally, the $200 billion gaming market is an increasingly ripe target for cybercriminals – with the perennially popular Minecraft one of the most targeted lures.… |
Malware
|
|
|
|
2022-09-06 16:15:14 |
Newly discovered cyberspy crew targets Asian governments and corporations (lien direct) |
Worok uses mix of publicly available tools, custom malware to steal info, gang active since 2020 A cyberespionage group has targeted government agencies and big-name corporations throughout Asia since at least 2020, using the notorious ProxyShell vulnerabilities in Microsoft Exchange to gain initial access.… |
Malware
|
|
|
|
2022-09-05 06:57:12 |
Microsoft mistakenly rated Chromium, Electron, as malware (lien direct) |
Windows Defender update fixed the mess after a weekend of false positive weirdness Microsoft appears to have fixed a problem that saw its Defender antivirus program identify apps based on the Chromium browser engine and/or Electron JavaScript framework as malware, and suggest users remove them.… |
Malware
|
|
|
|
2022-09-01 07:04:15 |
Oh no, that James Webb Space Telescope snap might actually contain malware (lien direct) |
Is nothing sacred? Scumbags are using a photo from the James Webb Space Telescope to smuggle Windows malware onto victims' computers – albeit in a roundabout way.… |
Malware
|
|
|
|
2022-08-30 10:27:12 |
That \'clean\' Google Translate app is actually Windows crypto-mining malware (lien direct) |
Ah, nothing like a classic Trojan horse Watch out: someone is spreading cryptocurrency-mining malware disguised as legitimate-looking applications, such as Google Translate, on free software download sites and through Google searches.… |
Malware
|
|
|
|
2022-08-25 09:24:07 |
Shout-out to whoever went to Black Hat with North Korean malware on their PC (lien direct) |
I am the one who NOCs The folks tasked with defending the Black Hat conference network see a lot of weird, sometimes hostile activity, and this year it included malware linked to Kim Jong-un's agents.… |
Malware
|
|
|
|
2022-08-17 18:41:18 |
After 7 years, long-term threat DarkTortilla crypter is still evolving (lien direct) |
.NET-based malware can push wide range of malicious payloads, and evades detection, Secureworks says A highly pervasive .NET-based crypter that has flown under the radar since about 2015 and can deliver a wide range of malicious payloads continues to evolve rapidly, with almost 10,000 code samples being uploaded to VirusTotal over a 16-month period.… |
Malware
Threat
|
|
|
|
2022-08-17 03:01:05 |
Open source VideoLAN media player asks why it\'s blocked in India (lien direct) |
Rubbishes suggestions poisoned clones or ancient malware are worthy reasons for ban Developers of the open source VideoLAN media player have started sniping at India's government over an apparent block on the project's website.… |
Malware
|
|
|
|
2022-08-11 18:30:13 |
Sonatype spots another PyPI package behaving badly (lien direct) |
Identity of a real person was used to lend credence to a package that dropped cryptominer in memory Sonatype has unearthed yet more malware lurking on PyPI, this time a fileless Linux nasty designed to mine Monero and using the identity of a real person to lend credibility to the package.… |
Malware
|
|
|
|
2022-08-04 13:00:09 |
US aims to step up security for federal datacenters: Both physical and cyber (lien direct) |
Bit barns threatened by malware flingers, but fire, storms, or bad guys arriving at the sites are also bad news Proposed legislation in the US will seek to ensure greater protection for government datacenters from the threat of cyberattacks, but also physical dangers such as natural disasters and terrorism.… |
Malware
Threat
|
|
|
|
2022-07-27 05:03:08 |
Vietnamese attacker circumvents Facebook security with \'DUCKTAIL\' malware (lien direct) |
Session cookies and 2FA subversion allow takeover of biz and ad accounts, lead to unauthorized ad buys Security vendor WithSecure, which was spun out in March 2022 as F-Secure's enterprise security arm, claims it's found malware that targets Facebook Business accounts.… |
Malware
Guideline
|
|
|
|
2022-07-26 17:00:08 |
Luca Stealer malware spreads rapidly after code handily appears on GitHub (lien direct) |
Cool, another Rust project ... Oh A new info-stealer malware is spreading rapidly in the wild as the developer behind it continues to add capabilities and recently released the source code on GitHub.… |
Malware
|
|
|
|
2022-07-26 14:26:53 |
Ransomware less popular this year, but malware up: SonicWall cyber threat report (lien direct) |
Be ready for a rebound, and protect yourself with patching and segmentation SonicWall has published its latest threat report, showing a drop in ransomware but an increase in malware attacks in the first half of 2022.… |
Ransomware
Malware
Threat
Patching
|
|
|
|
2022-07-21 20:29:10 |
US Cyber Command spots another 20 malware strains targeting Ukraine (lien direct) |
Plus Mandiant, Cisco Talos uncover digital espionage US Cyber Command has disclosed 20 new strains of malware among the numerous software nasties and cyberattacks being used against Ukrainian targets over the last few months.… |
Malware
|
|
|
|
2022-07-20 23:56:43 |
Suspected Gozi malware gang \'CIO\' extradited to US on fraud, hacking charges (lien direct) |
Euro man allegedly known as 'Virus' faces years behind bars if convicted A man suspected of providing the IT infrastructure behind the Gozi banking trojan has been extradited to the US to face a string of computer fraud charges.… |
Malware
|
|
|
|
2022-07-20 20:36:03 |
(Déjà vu) Google: Kremlin-backed goons spread Android malware disguised as pro-Ukraine app (lien direct) |
Don't. Download. Unknown. Apps. Kremlin-backed criminals are trying to trick people into downloading Android malware by spoofing a Ukrainian military group, according to Google security researchers.… |
Malware
|
|
|
|
2022-07-20 20:36:03 |
Google: Kremlin-backed goons spread Andriod malware disguised as pro-Ukraine app (lien direct) |
Don't. Download. Unknown. Apps. Kremlin-backed criminals are trying to trick people into downloading Android malware by spoofing a Ukrainian military group, according to Google security researchers.… |
Malware
|
|
|
|
2022-07-18 19:12:53 |
Botnet malware disguises itself as password cracker for industrial controllers (lien direct) |
Can't get into that machine? No problem, just trust this completely sketchy looking tool Industrial engineers and operators are being lured into running backdoor malware disguised as tools for recovering access to work systems.… |
Malware
|
|
|
|
2022-07-16 14:34:10 |
North Koreans spotted harassing SMBs with malware (lien direct) |
Also: Lawyers told to dissuade clients from paying off ransomware crooks, and more In brief SMBs, beware: Microsoft said this week it has discovered a North Korean crew targeting small businesses with ransomware since September of last year.… |
Ransomware
Malware
|
|
|
|
2022-07-06 22:51:04 |
Here today, gone to Maui: That\'s your data captured by North Korean ransomware (lien direct) |
CISA, FBI, US Treasury warn Kim Jong-un's latest malware has hit healthcare orgs For the past year, state-sponsored hackers operating on behalf of North Korea have been using ransomware called Maui to attack healthcare organizations, US cybersecurity authorities said on Wednesday.… |
Ransomware
Malware
|
|
|
|
2022-07-06 17:50:04 |
Hive ransomware gang rapidly evolves with complex encryption, Rust code (lien direct) |
RaaS malware devs have been busy bees The Hive group, which has become one of the most prolific ransomware-as-a-service (RaaS) operators, has significantly changed its malware, including migrating the code to the Rust programming language and using a more complex encryption technique.… |
Ransomware
Malware
|
|
|
|
2022-07-06 05:27:10 |
Near-undetectable malware linked to Russia\'s Cozy Bear (lien direct) |
The fun folk who attacked Solar Winds using a poisoned CV and tools from the murky world of commercial hackware Palo Alto Networks' Unit 42 threat intelligence team has claimed that a piece of malware that 56 antivirus products were unable to detect is evidence that state-backed attackers have found new ways to go about the evil business.… |
Malware
Tool
Threat
|
APT 29
|
|
|
2022-06-10 14:50:38 |
Symbiote Linux malware spotted, and infections are \'very hard to detect\' (lien direct) |
'Performing live forensics on an infected machine may not turn anything up' warn researchers Intezer security researcher Joakim Kennedy and the BlackBerry Threat Research and Intelligence Team have analyzed an unusual piece of Linux malware they say is unlike most seen before - it isn't a standalone executable file.… |
Malware
Threat
|
|
|
|
2022-06-10 07:57:06 |
Emotet malware gang re-emerges with Chrome-based credit card heistware (lien direct) |
Crimeware groups are re-inventing themselves The criminals behind the Emotet botnet – which rose to fame as a banking trojan before evolving into spamming and malware delivery – are now using it to target credit card information stored in the Chrome web browser.… |
Malware
|
|
|
|
2022-06-09 11:45:09 |
Symantec: More malware operators moving in to exploit Follina (lien direct) |
Meanwhile Microsoft still hasn't patched the fatal flaw While enterprises are still waiting for Microsoft to issue a fix for the critical "Follina" vulnerability in Windows, yet more malware operators are moving in to exploit it.… |
Malware
Vulnerability
|
|
|
|
2022-06-09 00:29:36 |
Now Windows Follina zero-day exploited to infect PCs with Qbot (lien direct) |
Data-stealing malware also paired with Black Basta ransomware gang Miscreants are reportedly exploiting the recently disclosed critical Windows Follina zero-day flaw to infect PCs with Qbot, thus aggressively expanding their reach.… |
Ransomware
Malware
|
|
|
|
2022-06-03 22:55:42 |
Even Russia\'s Evil Corp now favors software-as-a-service (lien direct) |
Albeit to avoid US sanctions hitting it in the wallet The Russian-based Evil Corp is jumping from one malware strain to another in hopes of evading sanctions placed on it by the US government in 2019.… |
Malware
|
|
|
|
2022-06-03 12:30:11 |
Clipminer rakes in $1.7m in crypto hijacking scam (lien direct) |
Crooks divert transactions to own wallets while running mining on the side A crew using malware that performs cryptomining and clipboard-hacking operations have made off with at least $1.7 million in stolen cryptocurrency.… |
Malware
|
|
|
|
2022-06-02 08:03:13 |
Super-spreader FluBot squashed by Europol (lien direct) |
Your package is delayed. Click this innocent-looking link to reschedule FluBot, the super-spreader Android malware that infected tens of thousands of phones globally, has been reportedly squashed by an international law enforcement operation.… |
Malware
|
|
|
|
2022-06-01 10:02:09 |
Watch out for phishing emails that inject spyware trio (lien direct) |
You wait for one infection and then three come along at once An emailed report seemingly about a payment will, when opened in Excel on a Windows system, attempt to inject three pieces of file-less malware that steal sensitive information.… |
Malware
|
|
|
|
2022-06-01 03:47:40 |
EnemyBot malware adds enterprise flaws to exploit arsenal (lien direct) |
Fast-evolving botnet targets critical VMware, F5 BIG-IP bugs, we're told The botnet malware EnemyBot has added exploits to its arsenal, allowing it to infect and spread from enterprise-grade gear.… |
Malware
|
|
|
|
2022-05-27 11:26:09 |
This Windows malware uses PowerShell to inject malicious extension into Chrome (lien direct) |
And that's a bit odd, says Red Canary A strain of Windows uses PowerShell to add a malicious extension to a victim's Chrome browser for nefarious purposes. A macOS variant exists that uses Bash to achieve the same and also targets Safari.… |
Malware
|
|
|
|
2022-05-24 21:33:21 |
Patch now: Zoom chat messages can infect PCs, Macs, phones with malware (lien direct) |
Google Project Zero blows lid off bug involving that old chestnut: XML parsing Zoom has fixed a security flaw in its video-conferencing software that a miscreant could exploit with chat messages to potentially execute malicious code on a victim's device.… |
Malware
|
|
|
|
2022-05-24 10:04:08 |
It\'s 2022 and there are still malware-laden PDFs in emails exploiting bugs from 2017 (lien direct) |
Crafty file names, encrypted malicious code, Office flaws – ah, it's like the Before Times HP's cybersecurity folks have uncovered an email campaign that ticks all the boxes: messages with a PDF attached that embeds a Word document that upon opening infects the victim's Windows PC with malware by exploiting a four-year-old code-execution vulnerability in Microsoft Office.… |
Malware
Vulnerability
|
|
|
|
2022-05-23 06:57:13 |
Microsoft sounds the alarm on - wait for it - a Linux botnet (lien direct) |
Redmond claims the numbers are scary, but won't release them Microsoft has sounded the alarm on DDoS malware called XorDdos that targets Linux endpoints and servers.… |
Malware
|
|
|
|
2022-05-18 21:01:02 |
Meet Wizard Spider, the multimillion-dollar gang behind Conti, Ryuk malware (lien direct) |
Russia-linked crime-as-a-service crew is rich, professional – and investing in R&D Analysis Wizard Spider, the Russia-linked crew behind high-profile malware Conti, Ryuk and Trickbot, has grown over the past five years into a multimillion-dollar organization that has built a corporate-like operating model, a year-long study has found.… |
Malware
|
|
|
|
2022-05-18 07:27:05 |
Monero-mining botnet targets Windows, Linux web servers (lien direct) |
Sysrv-K malware infects unpatched tin, Microsoft warns The latest variant of the Sysrv botnet malware is menacing Windows and Linux systems with an expanded list of vulnerabilities to exploit, according to Microsoft.… |
Malware
|
|
|