What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-09-20 12:13:10 | (Déjà vu) 2K game support hacked to email RedLine info-stealing malware (lien direct) | Hackers have compromised the support system of American video game publisher 2K and now are sending support tickets to gamers containing the RedLine password-stealing malware. [...] | Malware | ||
|
2022-09-20 12:13:10 | Game dev 2K\'s support site hacked to push malware via fake tickets (lien direct) | Hackers have compromised the support system of American video game publisher 2K and now are sending support tickets to gamers containing the RedLine password-stealing malware. [...] | Malware | ||
|
2022-09-19 14:50:01 | Russian Sandworm hackers pose as Ukrainian telcos to drop malware (lien direct) | The Russian state-sponsored hacking group known as Sandworm has been observed masquerading as telecommunication providers to target Ukrainian entities with malware. [...] | Malware | ||
|
2022-09-19 12:07:36 | VMware, Microsoft warn of widespread Chromeloader malware attacks (lien direct) | The operators of the Chromeloader adware are evolving their attack methods and gradually transforming the low-risk tool into a dangerous malware loader, seen dropping ransomware in some cases. [...] | Ransomware Malware Tool | ||
|
2022-09-17 11:17:23 | Emotet botnet now pushes Quantum and BlackCat ransomware (lien direct) | While monitoring the Emotet botnet's current activity, security researchers found that the malware is now being used by the Quantum and BlackCat ransomware gang to deploy their payloads. [...] | Ransomware Malware | ||
|
2022-09-15 13:35:15 | New malware bundle self-spreads through YouTube gaming videos (lien direct) | A new malware bundle uses victims' YouTube channels to upload malicious video tutorials advertising fake cheats and cracks for popular video games to spread the malicious package further. [...] | Malware | ||
|
2022-09-15 10:38:02 | Russian hackers use new info stealer malware against Ukrainian orgs (lien direct) | Russian hackers have been targeting Ukrainian entities with previously unseen info-stealing malware during a new espionage campaign that is still active. [...] | Malware | ||
|
2022-09-15 06:00:00 | Webworm hackers modify old malware in new attacks to evade attribution (lien direct) | Chinese cyberespionage hackers of the 'Webworm' group are undergoing experimentation, using modified decade-old RATs (remote access trojans) in the wild. [...] | Malware | ||
|
2022-09-14 08:07:28 | Chinese hackers create Linux version of the SideWalk Windows malware (lien direct) | State-backed Chinese hackers have developed a Linux variant for the SideWalk backdoor used against Windows systems belonging to targets in the academic sector. [...] | Malware | ||
|
2022-09-13 11:21:48 | Hackers breach software vendor for Magento supply-chain attacks (lien direct) | Hackers have injected malware in multiple extensions from FishPig, a vendor of Magento-WordPress integrations that count over 200,000 downloads. [...] | Malware | ||
|
2022-09-13 06:00:00 | Cyberspies drop new infostealer malware on govt networks in Asia (lien direct) | Security researchers have identified new cyber-espionage activity focusing on government entities in Asia, as well as state-owned aerospace and defense firms, telecom companies, and IT organizations. [...] | Malware | ||
|
2022-09-09 10:00:00 | Lampion malware returns in phishing attacks abusing WeTransfer (lien direct) | The Lampion malware is being distributed in greater volumes lately, with threat actors abusing WeTransfer as part of their phishing campaigns. [...] | Malware Threat | ||
|
2022-09-08 16:51:52 | Bumblebee malware adds post-exploitation tool for stealthy infections (lien direct) | A new version of the Bumblebee malware loader has been spotted in the wild, featuring a new infection chain that uses the PowerSploit framework for stealthy reflective injection of a DLL payload into memory. [...] | Malware Tool | ||
|
2022-09-07 10:18:39 | New Iranian hacking group APT42 deploys custom Android spyware (lien direct) | A new Iranian state-sponsored hacking group known as APT42 has been discovered using a custom Android malware to spy on targets of interest. [...] | Malware | APT 42 | |
|
2022-09-06 16:40:11 | Moobot botnet is coming for your unpatched D-Link router (lien direct) | The Mirai malware botnet variant known as 'MooBot' has re-emerged in a new attack wave that started early last month, targeting vulnerable D-Link routers with a mix of old and new exploits. [...] | Malware | ||
|
2022-09-06 15:53:09 | Minecraft is hackers\' favorite game title for hiding malware (lien direct) | Security researchers have discovered that Minecraft is the most heavily abused game title by cybercriminals, who use it to lure unsuspecting players into installing malware. [...] | Malware | ||
|
2022-09-06 11:34:48 | New Linux malware evades detection using multi-stage deployment (lien direct) | A new stealthy Linux malware known as Shikitega has been discovered infecting computers and IoT devices with additional payloads. [...] | Malware | ||
|
2022-09-04 10:07:14 | SharkBot malware sneaks back on Google Play to steal your logins (lien direct) | A new and upgraded version of the SharkBot malware has returned to Google's Play Store, targeting banking logins of Android users through apps that have tens of thousands of installations. [...] | Malware | ||
|
2022-09-03 10:12:14 | Malware dev open-sources CodeRAT after being exposed (lien direct) | The source code of a remote access trojan (RAT) dubbed 'CodeRAT' has been leaked on GitHub after malware analysts confronted the developer about attacks that used the tool. [...] | Malware | ||
|
2022-09-02 14:47:17 | Dev backdoors own malware to steal data from other hackers (lien direct) | Cybercriminals using Prynt Stealer to collect data from victims are being swindled by the malware developer, who also receives a copy of the info over Telegram messaging service. [...] | Malware | ||
|
2022-08-30 18:08:01 | Hackers hide malware in James Webb telescope images (lien direct) | Threat analysts have spotted a new malware campaign dubbed 'GO#WEBBFUSCATOR' that relies on phishing emails, malicious documents, and space images from the James Webb telescope to spread malware. [...] | Malware Threat | ||
|
2022-08-30 13:26:40 | Chinese hackers target Australian govt with ScanBox malware (lien direct) | China-based threat actors have been targeting Australian government agencies and wind turbine fleets in the South China Sea by directing select individuals to a fake impersonating an Australian news media outlet. [...] | Malware Threat | ||
|
2022-08-29 13:19:02 | Windows malware delays coinminer install by a month to evade detection (lien direct) | A new malware campaign disguised as Google Translate or MP3 downloader programs was found distributing cryptocurrency mining malware across 11 countries. [...] | Malware | ||
|
2022-08-27 11:14:07 | Fake \'Cthulhu World\' P2E project used to push info-stealing malware (lien direct) | Hackers have created a fake 'Cthulhu World' play-to-earn community, including websites, Discord groups, social accounts, and a Medium developer site, to distribute the Raccoon Stealer, AsyncRAT, and RedLine password-stealing malware infections on unsuspecting victims. [...] | Malware | ||
|
2022-08-25 18:33:35 | How \'Kimsuky\' hackers ensure their malware only reach valid targets (lien direct) | The North Korean 'Kimsuky' threat actors are going to great lengths to ensure that their malicious payloads are only downloaded by valid targets and not on the systems of security researchers. [...] | Malware Threat | ||
|
2022-08-25 12:36:49 | Microsoft: Russian malware hijacks ADFS to log in as anyone in Windows (lien direct) | Microsoft has discovered a new malware used by the Russian hacker group APT29 (a.k.a. NOBELIUM, Cozy Bear) that enables authentication as anyone in a compromised network. [...] | Malware | APT 29 | ★★★ |
|
2022-08-25 07:18:40 | PyPI packages hijacked after developers fall for phishing emails (lien direct) | A phishing campaign caught yesterday was seen targeting maintainers of Python packages published to the PyPI registry. Python packages 'exotel' and 'spam' are among hundreds seen laced with malware after attackers successfully compromised accounts of maintainers who fell for the phishing email. [...] | Malware | ||
|
2022-08-23 18:02:04 | Pirated 3DMark benchmark tool delivering info-stealer malware (lien direct) | Cybersecurity researchers have discovered multiple ongoing malware distribution campaigns that target internet users who seek to download copies of pirated software. [...] | Malware Tool | ||
|
2022-08-21 12:27:34 | An encrypted ZIP file can have two correct passwords - here\'s why (lien direct) | Password-protected ZIP archives are common means of compressing and sharing sets of files-from sensitive documents to malware samples to even malware (phishing "invoices" in emails). But, did you know it is possible for an encrypted ZIP file to have two correct passwords, with both producing the same outcome on extraction? [...] | Malware | ||
|
2022-08-20 11:15:30 | WordPress sites hacked with fake Cloudflare DDoS alerts pushing malware (lien direct) | WordPress sites are being hacked to display fake Cloudflare DDoS protection pages to distribute malware that installs the NetSupport RAT and the RaccoonStealer password-stealing Trojan. [...] | Malware | ||
|
2022-08-19 14:58:29 | Grandoreiro banking malware targets manufacturers in Spain, Mexico (lien direct) | The notorious 'Grandoreiro' banking trojan was spotted in recent attacks targeting employees of a chemicals manufacturer in Spain and workers of automotive and machinery makers in Mexico. [...] | Malware | ||
|
2022-08-18 15:19:28 | Android malware apps with 2 million installs found on Google Play (lien direct) | A new batch of thirty-five Android malware apps that display unwanted advertisements was found on the Google Play Store, with the apps installed over 2 million times on victims' mobile devices. [...] | Malware | ||
|
2022-08-17 13:01:42 | North Korean hackers use signed macOS malware to target IT job seekers (lien direct) | North Korean hackers from the Lazarus group have been using a signed malicious executable for macOS to impersonate Coinbase and lure in employees in the financial technology sector. [...] | Malware Medical | APT 38 | |
|
2022-08-17 12:11:18 | (Déjà vu) Malicious PyPi packages turn Discord into password-stealing malware (lien direct) | A dozen malicious PyPi packages have been discovered installing malware that modifies the Discord client to become an information-sealing backdoor and stealing data from web browsers and Roblox. [...] | Malware | ||
|
2022-08-17 12:11:18 | A dozen PyPI packages turn Discord into an info-stealing backdoor (lien direct) | A dozen malicious PyPi packages have been discovered installing malware that modifies the Discord client to become an information-sealing backdoor and stealing data from web browsers and Roblox. [...] | Malware | ||
|
2022-08-17 10:00:00 | Malware devs already bypassed Android 13\'s new security feature (lien direct) | Android malware developers are already adjusting their tactics to bypass a new 'Restricted settings' security feature introduced by Google in the newly released Android 13. [...] | Malware | ||
|
2022-08-13 10:12:06 | SOVA malware adds ransomware feature to encrypt Android devices (lien direct) | The SOVA Android banking trojan continues to evolve with new features, code improvements, and the addition of a new ransomware feature that encrypts files on mobile devices. [...] | Ransomware Malware | ★★★ | |
|
2022-08-12 16:45:00 | Chinese hackers backdoor chat app with new Linux, macOS malware (lien direct) | Versions of a cross-platform instant messenger application focused on the Chinese market known as 'MiMi' have been trojanized to deliver a new backdoor (dubbed rshell) that can be used to steal data from Linux and macOS systems. [...] | Malware | ★★★★ | |
|
2022-08-10 14:04:44 | Hacker uses new RAT malware in Cuba Ransomware attacks (lien direct) | A member of the Cuba ransomware operation is employing previously unseen tactics, techniques, and procedures (TTPs), including a novel RAT (remote access trojan) and a new local privilege escalation tool. [...] | Ransomware Malware | ★★★★★ | |
|
2022-08-09 10:02:04 | Hackers install Dracarys Android malware using modified Signal app (lien direct) | Researchers have discovered more details on the newly discovered Android spyware 'Dracarys,' used by the Bitter APT group in cyberespionage operations targeting users from New Zealand, India, Pakistan, and the United Kingdom. [...] | Malware | ||
|
2022-08-08 09:36:53 | Chinese hackers use new Windows malware to backdoor govt, defense orgs (lien direct) | An extensive series of attacks detected in January used new Windows malware to backdoor government entities and organizations in the defense industry from several countries in Eastern Europe. [...] | Malware | ||
|
2022-08-05 10:40:33 | Facebook finds new Android malware used by APT hackers (lien direct) | Meta (Facebook) has released its Q2 2022 adversarial threat report, and among the highlights is the discovery of two cyber-espionage clusters connected to hacker groups known as 'Bitter APT' and APT36 (aka 'Transparent Tribe') using new Android malware. [...] | Malware Threat | APT 36 | |
|
2022-08-04 12:22:22 | New Linux malware brute-forces SSH servers to breach networks (lien direct) | A new botnet called 'RapperBot' has emerged in the wild since mid-June 2022, focusing on brute-forcing its way into Linux SSH servers and then establishing persistence. [...] | Malware | ||
|
2022-08-04 11:55:29 | Cybersecurity agencies reveal last year\'s top malware strains (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a list of the topmost detected malware strains last year in a joint advisory with the Australian Cyber Security Centre (ACSC). [...] | Malware | ||
|
2022-08-03 18:35:14 | Russian organizations attacked with new Woody RAT malware (lien direct) | Unknown attackers target Russian entities with newly discovered malware that allows them to control and steal information from compromised devices remotely. [...] | Malware | ||
|
2022-08-03 17:43:59 | Cloned Atomic Wallet website is pushing Mars Stealer malware (lien direct) | A fake website impersonating the official portal for the Atomic wallet, a popular decentralized wallet that also operates as a cryptocurrency exchange portal, is, in reality, distributing copies of the Mars Stealer information-stealing malware. [...] | Malware | ||
|
2022-08-03 16:35:51 | Windows 11 Smart App Control blocks files used to push malware (lien direct) | Smart App Control, a Windows 11 security feature that blocks threats at the process level, now comes with support for blocking several new file types threat actors have recently adopted to infect targets with malware in phishing attacks. [...] | Malware Threat | ||
|
2022-08-03 05:11:19 | 35,000 code repos not hacked-but clones flood GitHub to serve malware (lien direct) | Thousands of GitHub repositories were forked (cloned) and altered to include malware, a software engineer discovered. [...] | Malware | ★★★★ | |
|
2022-08-02 12:00:00 | Wolf in sheep\'s clothing: how malware tricks users and antivirus (lien direct) | One of the primary methods used by malware distributors to infect devices is by deceiving people into downloading and running malicious files, and to achieve this deception, malware authors are using a variety of tricks. [...] | Malware | ★★★★★ | |
|
2022-07-29 07:31:00 | Microsoft links Raspberry Robin malware to Evil Corp attacks (lien direct) | Microsoft has discovered that an access broker it tracks as DEV-0206 uses the Raspberry Robin Windows worm to deploy a malware downloader on networks where it also found evidence of malicious activity matching Evil Corp tactics. [...] | Malware |
To see everything:
Our RSS (filtrered)
