What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-03-08 08:55:30 | Unpatched QNAP devices are being hacked to mine cryptocurrency (lien direct) | Unpatched network-attached storage (NAS) devices are targeted in ongoing attacks where the attackers try to take them over and install cryptominer malware to mine for cryptocurrency. [...] | Malware | ||
|
2021-03-04 14:05:09 | (Déjà vu) Microsoft reveals 3 new malware strains used by SolarWinds hackers (lien direct) | Microsoft has revealed information on newly found malware the SolarWinds hackers deployed on victims' networks as second-stage payloads. [...] | Malware | ||
|
2021-03-04 14:05:09 | Microsoft reveals new malware used by the SolarWinds hackers (lien direct) | Microsoft has revealed information on newly found malware the SolarWinds hackers deployed on victims' networks as second-stage payloads. [...] | Malware | ||
|
2021-03-04 13:04:03 | FireEye finds new malware likely linked to SolarWinds hackers (lien direct) | FireEye discovered a new "sophisticated second-stage backdoor" on the servers of an organization compromised by the threat actors behind the SolarWinds supply-chain attack. [...] | Malware | ||
|
2021-03-03 18:15:09 | CompuCom MSP confirms ongoing outage following malware incident (lien direct) | The US managed service provider CompuCom has suffered a cyberattack leading to service outages and customers disconnecting from the MSP's network to prevent the spread of malware, BleepingComputer has learned. [...] | Malware Guideline | ||
|
2021-03-01 13:10:49 | Hackers use black hat SEO to push ransomware, trojans via Google (lien direct) | The delivery system for the Gootkit information stealer has evolved into a complex and stealthy framework, which earned it the name Gootloader, and is now pushing a wider variety of malware via hacked WordPress sites and malicious SEO techniques for Google results. [...] | Malware | ||
|
2021-02-25 11:14:00 | North Korean hackers target defense industry with custom malware (lien direct) | A North Korean-backed hacking group has targeted the defense industry with custom backdoor malware dubbed ThreatNeedle since early 2020 with the end goal of collecting highly sensitive information. [...] | Malware | ||
|
2021-02-22 11:47:28 | New Silver Sparrow malware infects 30,000 Macs for unknown purpose (lien direct) | A new macOS malware known as Silver Sparrow has silently infected almost 30,000 Mac devices with malware whose purpose is a mystery. [...] | Malware | ||
|
2021-02-18 10:25:18 | US shares info on North Korean malware used to steal cryptocurrency (lien direct) | The FBI, CISA, and US Department of Treasury shared detailed info on malicious and fake crypto-trading applications used by North Korean-backed state hackers to steal cryptocurrency from individuals and companies worldwide in a joint advisory published on Wednesday. [...] | Malware | ||
|
2021-02-14 12:12:06 | Pro-India hackers use Android spyware to spy on Pakistani military (lien direct) | This week a report has revealed details on the two spyware strains leveraged by state-sponsored threat actors during the India-Pakistan conflict. The malware strains named Hornbill and SunBird have been delivered as fake Android apps (APKs) by the Confucius advanced persistent threat group (APT), a state-sponsored operation. [...] | Malware Threat | ||
|
2021-02-12 13:50:53 | Google: Gmail users from US most targeted by phishing attacks (lien direct) | Google has revealed earlier this week that Gmail users from the United States are the most popular target for email-based phishing and malware attacks. [...] | Malware | ||
|
2021-02-11 06:01:01 | TrickBot\'s BazarBackdoor malware is now coded in Nim to evade antivirus (lien direct) | TrickBot's stealthy BazarBackdoor malware has been rewritten in the Nim programming language, likely to evade detection by security software. [...] | Malware | ||
|
2021-02-09 13:09:11 | New BendyBear APT malware gets linked to Chinese hacking group (lien direct) | Unit 42 researchers today have shared info on a new polymorphic and "highly sophisticated" malware dubbed BendyBear, linked to a hacking group with known ties to the Chinese government. [...] | Malware | ||
|
2021-02-08 11:52:26 | Android app joins the dark side, sends malware update to millions (lien direct) | Google has removed a popular Android barcode scanner app with over 10 million installs from the Play Store after researchers found that it turned malicious following a December 2020 update. [...] | Malware | ||
|
2021-02-02 12:52:19 | Trickbot malware now maps victims\' networks using Masscan (lien direct) | The Trickbot malware has been upgraded with a network reconnaissance module designed to survey local networks after infecting a victim's computer. [...] | Malware | ||
|
2021-02-02 07:09:31 | New Linux malware steals SSH credentials from supercomputers (lien direct) | A new backdoor has been targeting supercomputers across the world, often stealing the credentials for secure network connections by using a trojanized version of the OpenSSH software. [...] | Malware | ||
|
2021-02-01 08:04:01 | Android emulator supply-chain attack targets gamers with malware (lien direct) | ESET researchers have discovered that an unknown threat actor has compromised the updating mechanism of NoxPlayer, an Android emulator for Windows and macOS, made by Hong Kong-based company BigNox. [...] | Malware Threat | ||
|
2021-01-29 16:04:57 | (Déjà vu) Here\'s how law enforcement\'s Emotet malware module works (lien direct) | New research released today provides greater insight into the Emotet module created by law enforcement that will uninstall the malware from infected devices in April. [...] | Malware | ||
|
2021-01-29 16:04:57 | Here\'e how law enforcement\'s Emotet malware module works (lien direct) | New research released today provides greater insight into the Emotet module created by law enforcement that will uninstall the malware from infected devices in April. [...] | Malware | ||
|
2021-01-29 14:06:49 | New Pro-Ocean malware worms through Apache, Oracle, Redis servers (lien direct) | The financially-motivated Rocke hackers are using a new piece of cryptojacking malware called Pro-Ocean to target vulnerable instances of Apache ActiveMQ, Oracle WebLogic, and Redis. [...] | Malware | APT 32 | |
|
2021-01-29 11:20:38 | Perl.com domain stolen, now using IP address tied to malware (lien direct) | The domain name perl.com was stolen this week and is now points to an IP address associated with malware campaigns. [...] | Malware | ||
|
2021-01-27 14:56:08 | (Déjà vu) Europol: Emotet malware will uninstall itself on April 25th (lien direct) | Law enforcement has started to distribute an Emotet module to infected devices that will uninstall the malware on March 25th, 2021. [...] | Malware | ||
|
2021-01-27 14:56:08 | Europol: Emotet malware will uninstall itself on March 25th (lien direct) | Law enforcement has started to distribute an Emotet module to infected devices that will uninstall the malware on March 25th, 2021. [...] | Malware | ||
|
2021-01-27 10:16:09 | Linux malware uses open-source tool to evade detection (lien direct) | AT&T Alien Labs security researchers have discovered that the TeamTNT cybercrime group upgraded their Linux crypto-mining with open-source detection evasion capabilities. [...] | Malware Tool | ★★★ | |
|
2021-01-21 12:07:06 | UK govt gives malware infected laptops to vulnerable students (lien direct) | Some of the laptops distributed by the UK Department for Education (DfE) to vulnerable students have been found to be infected with malware as reported by the BBC. [...] | Malware | ||
|
2021-01-21 10:20:24 | QNAP warns users to secure NAS devices against Dovecat malware (lien direct) | QNAP urges customers to secure their network-attached storage (NAS) devices against an ongoing malware campaign that infects and exploits them to mine bitcoin without their knowledge. [...] | Malware | ||
|
2021-01-19 07:48:51 | FreakOut malware exploits critical bugs to infect Linux hosts (lien direct) | An active malicious campaign is currently targeting Linux devices running software with critical vulnerabilities that is powering network-attached storage (NAS) devices or for developing web applications and portals. [...] | Malware | ||
|
2021-01-15 14:34:59 | Windows Finger command abused by phishing to download malware (lien direct) | Attackers are using the normally harmless Windows Finger command to download and install a malicious backdoor on victims' devices. [...] | Malware | ||
|
2021-01-12 08:33:19 | New Sunspot malware found while investigating SolarWinds hack (lien direct) | Cybersecurity firm CrowdStrike has discovered the malware used by the SolarWinds hackers to inject backdoors in Orion platform builds during the supply-chain attack that led to the compromise of several companies and government agencies. [...] | Malware Hack | Solardwinds | |
|
2021-01-11 17:29:11 | Microsoft Sysmon now detects malware process tampering attempts (lien direct) | Microsoft has released Sysmon 13 with a new security feature that detects if a process has been tampered using process hollowing or process herpaderping techniques. [...] | Malware | ||
|
2021-01-11 12:33:00 | Mac malware uses \'run-only\' AppleScripts to evade analysis (lien direct) | A cryptocurrency mining campaign targeting macOS is using malware that has evolved into a complex variant giving researchers a lot of trouble analyzing it. [...] | Malware | ||
|
2021-01-11 09:07:54 | Sunburst backdoor shares features with Russian APT malware (lien direct) | Kaspersky researchers found that the Sunburst backdoor, the malware deployed during the SolarWinds supply-chain attack, shows feature overlaps with Kazuar, a .NET backdoor tentatively linked to the Russian Turla hacking group. [...] | Malware Mobile | Solardwinds Solardwinds | |
|
2021-01-07 06:00:00 | Linux malware authors use Ezuri Golang crypter for zero detection (lien direct) | Multiple malware authors are using the "Ezuri" crypter and memory loader written in Go to evade detection by antivirus products. Source code for Ezuri is available on GitHub for anyone to use. [...] | Malware | ||
|
2021-01-05 12:30:00 | Australian cybersecurity agency used as cover in malware campaign (lien direct) | The Australian government warns of an ongoing campaign impersonating the Australian Cyber Security Centre (ACSC) to infect targets with malware. [...] | Malware | ||
|
2021-01-05 10:00:00 | Cross-platform ElectroRAT malware drains cryptocurrency wallets (lien direct) | Security researchers have discovered a new remote access trojan (RAT) used to empty the cryptocurrency wallets of thousands of Windows, Linux, and macOS users. [...] | Malware | ||
|
2021-01-04 09:36:27 | China\'s APT hackers move to ransomware attacks (lien direct) | Security researchers investigating a set of ransomware incidents at multiple companies discovered malware indicating that the attacks may be the work of a hacker group believed to operate on behalf of China. [...] | Ransomware Malware | ||
|
2020-12-30 09:40:36 | New worm turns Windows, Linux servers into Monero miners (lien direct) | A newly discovered and self-spreading Golang-based malware has been actively dropping XMRig cryptocurrency miners on Windows and Linux servers since early December. [...] | Malware | ||
|
2020-12-29 18:28:07 | Wasabi cloud storage service knocked offline for hosting malware (lien direct) | Cloud storage provider Wasabi suffered an outage after a domain used for storage endpoints was suspended for hosting malware. [...] | Malware | ||
|
2020-12-28 06:57:33 | (Déjà vu) GitHub-hosted malware calculates Cobalt Strike payload from Imgur pic (lien direct) | A new strand of malware uses Word files with macros to download a PowerShell script from GitHub. This PowerShell script further downloads a legitimate image file from image hosting service Imgur to decode a Cobalt Strike script. [...] | Malware | ||
|
2020-12-28 06:57:33 | (Déjà vu) GitHub-based malware calculates Cobalt Strike payload from Imgur pic (lien direct) | A new strand of malware uses Word files with macros to download a PowerShell script from GitHub. This PowerShell script further downloads a legitimate image file from image hosting service Imgur to decode a Cobalt Strike script. [...] | Malware | ||
|
2020-12-26 09:50:11 | SolarWinds releases updated advisory for new SUPERNOVA malware (lien direct) | SolarWinds has released an updated advisory for the additional SuperNova malware discovered to have been distributed through the company's network management platform. [...] | Malware | ||
|
2020-12-25 10:15:15 | Fake Amazon gift card emails deliver the Dridex malware (lien direct) | The Dridex malware gang is delivering a nasty gift for the holidays using a spam campaign pretending to be Amazon Gift Cards. [...] | Spam Malware | ||
|
2020-12-22 09:11:33 | SolarWinds victims revealed after cracking the Sunburst malware DGA (lien direct) | Security researchers have shared lists of organizations where threat actors deployed Sunburst/Solarigate malware, after ongoing investigations of the SolarWinds supply chain attack. [...] | Malware Threat | Solardwinds Solardwinds | |
|
2020-12-18 14:47:56 | Stealthy Magecart malware mistakenly leaks list of hacked stores (lien direct) | A list of dozens of online stores hacked by a web skimming group was inadvertently leaked by a dropper used to deploy a stealthy remote access trojan (RAT) on compromised e-commerce sites. [...] | Malware | ||
|
2020-12-16 16:21:50 | FireEye, Microsoft create kill switch for SolarWinds backdoor (lien direct) | Microsoft, FireEye, and GoDaddy have collaborated to create a kill switch for the SolarWinds Sunburst backdoor that forces the malware to terminate itself. [...] | Malware Mobile | Solardwinds | |
|
2020-12-16 09:00:00 | Ransomware gangs automate payload delivery with SystemBC malware (lien direct) | SystemBC, a commodity malware sold on underground marketplaces, is being used by ransomware-as-a-service (RaaS) operations to hide malicious traffic and automate ransomware payload delivery on the networks of compromised victims. [...] | Ransomware Malware | ||
|
2020-12-15 13:50:00 | New Windows malware may soon target Linux, macOS devices (lien direct) | Newly discovered Windows info-stealing malware linked to an active threat group tracked as AridViper shows signs that it might be used to infect computers running Linux and macOS. [...] | Malware Threat | ||
|
2020-12-14 10:04:46 | US govt, FireEye breached after SolarWinds supply-chain attack (lien direct) | SolarWinds's Orion IT monitoring and management software has been used in a supply chain attack leading to the breach of government and high-profile companies using a malware dubbed SUNBURST or Solorigate. [...] | Malware Guideline | Solardwinds | |
|
2020-12-13 17:44:05 | Hacking group\'s new malware abuses Google and Facebook services (lien direct) | Molerats cyberespionage group has been using in recent spear-phishing campaigns fresh malware that relies on Dropbox, Google Drive, and Facebook for command and control communication and to store stolen data. [...] | Malware | ||
|
2020-12-12 15:10:54 | Subway marketing system hacked to send TrickBot malware emails (lien direct) | Subway UK has disclosed that a hacked system used for marketing campaigns is responsible for the malware-laden phishing emails sent to customers yesterday. [...] | Malware |
To see everything:
Our RSS (filtrered)
