What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-05-17 15:01:35 | FBI spots spear-phishing posing as Truist Bank bank to deliver malware (lien direct) | Threat actors impersonated Truist, the sixth-largest U.S. bank holding company, in a spear-phishing campaign attempting to infect recipients with what looks like remote access trojan (RAT) malware. [...] | Malware Threat | ||
|
2021-05-13 13:00:00 | (Déjà vu) Microsoft build tool abused to deliver password-stealing malware (lien direct) | Threat actors are abusing the Microsoft Build Engine (MSBuild) to deploy remote access tools and information-stealing malware filelessly as part of an ongoing campaign. [...] | Malware Tool Threat | ||
|
2021-05-13 13:00:00 | Attackers abuse Microsoft dev tool to deploy Windows malware (lien direct) | Threat actors are abusing the Microsoft Build Engine (MSBuild) to deploy remote access tools and information-stealing malware filelessly as part of an ongoing campaign. [...] | Malware Tool Threat | ||
|
2021-05-12 12:49:16 | Microsoft: Threat actors target aviation orgs with new malware (lien direct) | Microsoft warns of an ongoing spear-phishing campaign targeting aerospace and travel organizations with multiple remote access trojans (RATs) deployed using a new and stealthy malware loader. [...] | Malware Threat | ||
|
2021-05-07 05:00:00 | Cuba Ransomware partners with Hancitor for spam-fueled attacks (lien direct) | The Cuba Ransomware gang has teamed up with the spam operators of the Hancitor malware to gain easier access to compromised corporate networks. [...] | Ransomware Spam Malware | ||
|
2021-05-04 10:00:00 | Worldwide phishing attacks deliver three new malware strains (lien direct) | A global-scale phishing campaign targeted worldwide organizations across a large array of industries with never-before-seen malware strains delivered via specially-tailored lures. [...] | Malware | ||
|
2021-05-04 09:00:00 | New Windows \'Pingback\' malware uses ICMP for covert communication (lien direct) | Today, Trustwave researchers have disclosed their findings on a novel Windows malware sample that uses Internet Control Message Protocol (ICMP) for its command-and-control (C2) activities. Dubbed "Pingback," this malware targets Windows 64-bit systems, and uses DLL Hijacking to gain persistence. [...] | Malware | ||
|
2021-04-30 10:09:32 | Suspected Chinese state hackers target Russian submarine designer (lien direct) | Hackers suspected to work for the Chinese government have used a new malware called PortDoor to infiltrate the systems of an engineering company that designs submarines for the Russian Navy. [...] | Malware | ||
|
2021-04-29 13:54:33 | Babuk ransomware readies \'shut down\' post, plans to open source malware (lien direct) | After just a few months of activity, the operators of Babuk ransomware briefly posted a short message about their intention to quit the extortion business after having achieved their goal. [...] | Ransomware Malware | ||
|
2021-04-28 12:29:58 | New stealthy Linux malware used to backdoor systems for years (lien direct) | A recently discovered Linux malware with backdoor capabilities has flown under the radar for years, allowing attackers to harvest and exfiltrate sensitive information from compromised devices. [...] | Malware | ||
|
2021-04-28 10:38:11 | Passwordstate hackers phish for more victims with updated malware (lien direct) | Click Studios, the software company behind the Passwordstate enterprise password manager, is warning customers of ongoing phishing attacks targeting them with updated Moserpass malware. [...] | Malware | ||
|
2021-04-27 12:18:57 | FBI shares 4 million email addresses used by Emotet with Have I Been Pwned (lien direct) | Millions of email addresses collected by Emotet botnet for malware distribution campaigns have been shared by the Federal Bureau of Investigation (FBI) as part of the agency's effort to clean infected computers. [...] | Malware | ||
|
2021-04-26 15:21:46 | Apple fixes macOS zero-day bug exploited by Shlayer malware (lien direct) | Apple has fixed a zero-day vulnerability in macOS exploited in the wild by Shlayer malware to bypass Apple's File Quarantine, Gatekeeper, and Notarization security checks and download second-stage malicious payloads. [...] | Malware Vulnerability | ||
|
2021-04-26 12:54:01 | Microsoft Defender now blocks cryptojacking malware using Intel TDT (lien direct) | Microsoft today announced that Microsoft Defender for Endpoint, the enterprise version of its Windows 10 Defender antivirus, now comes with support for blocking cryptojacking malware using Intel's silicon-based Threat Detection Technology (TDT). [...] | Malware Threat | ||
|
2021-04-25 03:16:00 | (Déjà vu) Emotet malware nukes itself today from all infected computers worldwide (lien direct) | Emotet, one of the most dangerous email spam botnets in recent history, is being uninstalled today from all infected devices with the help of a malware module delivered in January by law enforcement. [...] | Malware | ||
|
2021-04-25 03:16:00 | Emotet malware forcibly removed today by German police update (lien direct) | Emotet, one of the most dangerous email spam botnets in recent history, is being uninstalled today from all infected devices with the help of a malware module delivered in January by law enforcement. [...] | Malware | ||
|
2021-04-24 10:36:12 | New cryptomining malware builds an army of Windows, Linux bots (lien direct) | A recently discovered cryptomining botnet is actively scanning for vulnerable Windows and Linux enterprise servers and infecting them with Monero (XMRig) miner and self-spreader malware payloads. [...] | Malware | ||
|
2021-04-24 09:47:12 | Fake Microsoft DirectX 12 site pushes crypto-stealing malware (lien direct) | Cybercriminals have created a fake Microsoft DirectX 12 download page to distribute malware that steals your cryptocurrency wallets and passwords. [...] | Malware | ||
|
2021-04-23 16:18:42 | Passwordstate password manager hacked in supply chain attack (lien direct) | ClickStudios, the company behind the Passwordstate password manager, notified customers that attackers compromised the app's update mechanism to deliver malware in a supply-chain attack after breaching its networks. [...] | Malware | ||
|
2021-04-23 12:25:21 | Phishing impersonates global recruitment firm to push malware (lien direct) | An ongoing phishing campaign is impersonating Michael Page consultants to push Ursnif data-stealing malware capable of harvesting credentials and sensitive data from infected computers. [...] | Malware | ||
|
2021-04-21 10:33:03 | WhatsApp Pink malware can now auto-reply to your Signal, Telegram texts (lien direct) | WhatsApp malware dubbed WhatsApp Pink has now been updated with advanced capabilities that let this counterfeit Android app automatically respond to your Signal, Telegram, Viber, and Skype messages. WhatsApp Pink refers to a counterfeit app that appeared this week, primarily targeting WhatsApp users in the Indian subcontinent. [...] | Malware | ||
|
2021-04-20 10:37:52 | Fake Microsoft Store, Spotify sites spread info-stealing malware (lien direct) | Attackers are promoting sites impersonating the Microsoft Store, Spotify, and an online document converter that distribute malware to steal credit cards and passwords saved in web browsers. [...] | Malware | ||
|
2021-04-19 17:07:40 | Google Alerts continues to be a hotbed of scams and malware (lien direct) | Google Alerts continues to be a hotbed of scams and malware that threat actors are increasingly abusing to promote malicious websites. [...] | Malware Threat | ||
|
2021-04-16 03:41:14 | HackBoss malware poses as hacker tools on Telegram to steal digital coins (lien direct) | The authors of a cryptocurrency-stealing malware are distributing it over Telegram to aspiring cybercriminals under the guise of free malicious applications. [...] | Malware | ||
|
2021-04-15 14:19:20 | Popular NFT marketplace Rarible targeted by scammers and malware (lien direct) | Nothing attracts a scammer more than money, and with the NFT craze generating a ton of sales, threat actors are trying to capitalize on it. [...] | Malware Threat | ||
|
2021-04-13 14:17:12 | New Linux, macOS malware hidden in fake Browserify NPM package (lien direct) | A new malicious package been spotted this week on the npm registry, which targets NodeJS developers using Linux and Apple macOS operating systems for its recon activities. The malicious package is called "web-browserify." It imitates the popular Browserify npm component, downloaded over 160 million times over its lifetime. [...] | Malware | ||
|
2021-04-13 11:38:23 | QBot malware is back replacing IcedID in malspam campaigns (lien direct) | Malware distributors are rotating payloads once again, switching between trojans that are many times an intermediary stage in a longer infection chain. [...] | Malware | ||
|
2021-04-10 15:20:21 | Joker malware infects over 500,000 Huawei Android devices (lien direct) | More than 500,000 Huawei users have downloaded from the company's official Android store applications infected with Joker malware that subscribes to premium mobile services. [...] | Malware | ||
|
2021-04-10 10:40:00 | Android malware found embedded in APKPure store application (lien direct) | Security researchers found malware embedded within the official application of APKPure, a popular third-party Android app store and an alternative to Google's official Play Store. [...] | Malware | ||
|
2021-04-09 13:55:00 | Attackers deliver legal threats, IcedID malware via contact forms (lien direct) | Threat actors are using legitimate corporate contact forms to send phishing emails that threaten enterprise targets with lawsuits and attempt to infect them with the IcedID info-stealing malware. [...] | Malware Threat | ||
|
2021-04-08 09:01:17 | North Korean hackers use new Vyveva malware to attack freighters (lien direct) | The North Korean-backed Lazarus hacking group used new malware with backdoor capabilities dubbed Vyveva by ESET researchers in targeted attacks against a South African freight logistics company. [...] | Malware | APT 38 APT 28 | |
|
2021-04-07 11:36:59 | Gigaset Android phones infected by malware via hacked update server (lien direct) | Owners of Gigaset Android phones have been repeatedly infected with malware since the end of March after threat actors compromised the vendor's update server in a supply-chain attack. [...] | Malware Threat | ||
|
2021-04-07 06:00:00 | Android malware infects wannabe Netflix thieves via WhatsApp (lien direct) | Newly discovered Android malware found on Google's Play Store disguised as a Netflix tool is designed to auto-spread to other devices using WhatsApp auto-replies to incoming messages. [...] | Malware Tool | ||
|
2021-04-03 18:40:12 | Malware attack is preventing car inspections in eight US states (lien direct) | A malware cyberattack on emissions testing company Applus Technologies is preventing vehicle inspections in eight states, including Connecticut, Georgia, Idaho, Illinois, Massachusetts, Utah, and Wisconsin. [...] | Malware | ||
|
2021-03-31 13:05:58 | BazarCall malware uses malicious call centers to infect victims (lien direct) | For the past two months, security researchers have been waging an online battle against a new 'BazarCall' malware that uses call centers to distribute some of the most damaging Windows malware. [...] | Malware | ||
|
2021-03-31 12:31:49 | Malware hidden in game cheats and mods used to target gamers (lien direct) | Threat actors target gamers with backdoored game tweaks and cheats hiding malware capable of stealing information from their systems after infection. [...] | Malware Threat | ||
|
2021-03-31 07:55:47 | (Déjà vu) Fake jQuery files infect WordPress sites with malware (lien direct) | Researchers have spotted counterfeit versions of the jQuery Migrate plugin injected on dozens of websites which contains obfuscated code to load malware. These files are named jquery-migrate.js & jquery-migrate.min.js and present at the exact locations where JavaScript files are normally present on WordPress sites but are malicious. [...] | Malware | ||
|
2021-03-31 07:55:47 | Fake jQuery files load obfuscated malware on WordPress sites (lien direct) | Researchers have spotted counterfeit versions of the jQuery Migrate plugin injected on dozens of websites which contains obfuscated code to load malware. These files are named jquery-migrate.js & jquery-migrate.min.js and present at the exact locations where JavaScript files are normally present on WordPress sites but are malicious. [...] | Malware | ||
|
2021-03-27 01:00:00 | New Android malware spies on you while posing as a System Update (lien direct) | New malware with extensive spyware capabilities steals data from infected Android devices and is designed to automatically trigger whenever new info is read to be exfiltrated. [...] | Malware | ||
|
2021-03-24 16:17:42 | Facebook blocks Chinese state hackers targeting Uyghur activists (lien direct) | Facebook took down accounts used by a Chinese-sponsored hacking group to deploy surveillance malware on devices used by Uyghurs activists, journalists, and dissidents living outside China. [...] | Malware | ||
|
2021-03-23 16:54:30 | Purple Fox malware worms its way into exposed Windows systems (lien direct) | Purple Fox, a malware previously distributed via exploit kits and phishing emails, has now added a worm module that allows it to scan for and infect Windows systems reachable over the Internet in ongoing attacks. [...] | Malware | ★★★★★ | |
|
2021-03-19 09:05:00 | Russian pleads guilty to Tesla hacking and extortion attempt (lien direct) | Russian national Egor Igorevich Kriuchkov has pleaded guilty to recruiting a Tesla employee to plant malware designed to steal data within the network of Tesla's Nevada Gigafactory. [...] | Malware Guideline | ||
|
2021-03-18 14:20:34 | New CopperStealer malware steals Google, Apple, Facebook accounts (lien direct) | Previously undocumented account-stealing malware distributed via fake software crack sites targets the users of major service providers, including Google, Facebook, Amazon, and Apple. [...] | Malware | ||
|
2021-03-18 11:58:03 | US taxpayers targeted with RAT malware in ongoing phishing attacks (lien direct) | US taxpayers are being targeted by phishing attacks attempting to take over their computers using malware and steal sensitive personal and financial information. [...] | Malware | ||
|
2021-03-18 10:47:22 | New XcodeSpy malware targets iOS devs in supply-chain attack (lien direct) | A malicious Xcode project known as XcodeSpy is targeting iOS devs in a supply-chain attack to install a macOS backdoor on the developer's computer. [...] | Malware | ||
|
2021-03-16 12:53:25 | Mimecast: SolarWinds hackers used Sunburst malware for initial intrusion (lien direct) | Email security company Mimecast has confirmed today that the state-sponsored SolarWinds hackers who breached its network earlier this year used the Sunburst backdoor during the initial intrusion. [...] | Malware | Solardwinds Solardwinds | |
|
2021-03-12 13:20:18 | Microsoft Exchange exploits now used by cryptomining malware (lien direct) | The operators of Lemon_Duck, a cryptomining botnet that targets enterprise networks, are now using Microsoft Exchange ProxyLogon exploits in attacks against unpatched servers. [...] | Malware | ||
|
2021-03-12 11:14:54 | New ZHtrap botnet malware deploys honeypots to find more targets (lien direct) | A new botnet is hunting down and transforming unpatched routers, DVRs, and UPnP network devices it takes over into honeypots that help it find other devices to infect. [...] | Malware | ||
|
2021-03-11 08:46:18 | Chinese state hackers target Linux systems with new malware (lien direct) | Security researchers at Intezer have discovered a previously undocumented backdoor dubbed RedXOR, with links to a Chinese-sponsored hacking group and used in ongoing attacks targeting Linux systems. [...] | Malware | ||
|
2021-03-08 15:06:34 | Hackers hiding Supernova malware in SolarWinds Orion linked to China (lien direct) | Intrusion activity related to the Supernova malware planted on compromised SolarWinds Orion installations exposed on the public internet points to an espionage threat actor based in China. [...] | Malware Threat |
To see everything:
Our RSS (filtrered)
