What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-12-13 02:47:00 | New LamePyre macOS Malware Sends Screenshots to Attacker (lien direct) | The world of macOS malware has a new member that makes no effort to keep appearances and looks rather like a bare-bones version that is still under development. [...] | Malware | ||
|
2018-12-12 11:26:05 | Op \'Sharpshooter\' Uses Lazarus Group Tactics, Techniques, and Procedures (lien direct) | A new advanced threat actor has emerged on the radar, targeting organizations in the defense and the critical infrastructure sectors with fileless malware and an exploitation tool that borrows code from a trojan associated with the Lazarus group [...] | Malware Tool Threat Medical | APT 38 | |
|
2018-12-12 02:51:00 | Android Malware Tricks User to Log into PayPal to Steal Funds (lien direct) | An Android malware posing as a battery optimization app social engineers its way into stealing funds from PayPal users, despite two-factor authentication protection, by simply prompting them to log into the app. [...] | Malware | ||
|
2018-12-07 11:57:05 | DanaBot Banking Trojan Gets into Spam Business (lien direct) | Authors of the DanaBot banking trojans updated the malware with new features that enabled it to harvest email addresses and send out spam straight from the victim's mailbox. [...] | Spam Malware | ||
|
2018-12-05 14:59:04 | SNDBOX - an AI Powered Malware Analysis Site is Launched (lien direct) | Today at Blackhat Europe, a new malware analysis service was unveiled called SNDBOX that utilizes artificial intelligence and a hardened virtual environment to perform static and dynamic analysis of malware samples. [...] | Malware | ||
|
2018-11-20 18:51:00 | Emotet Returns with Thanksgiving Theme and Better Phishing Tricks (lien direct) | After a short break, Emotet malware has been observed concealed in documents delivered through emails that pretended to be from financial institutions or disguised as Thanksgiving-themed greetings for employees. [...] | Malware | ||
|
2018-11-20 09:26:01 | New Cannon Trojan Is the Latest Asset of Sofacy APT Group (lien direct) | Advanced threat group Sofacy delivers a new malware sample dubbed Cannon in a spear-phishing attack that targets government organizations in North America, Europe and in a former Soviet state. [...] | Malware Threat | ||
|
2018-11-13 03:30:00 | HookAds Malvertising Installing Malware via the Fallout Exploit Kit (lien direct) | The HookAds malvertising campaign has been active lately and redirecting visitors to the Fallout Exploit Kit. Once the kit is activated, it will attempt to exploit known vulnerabilities in Windows to install different malware such as the DanaBot banking Trojan, the Nocturnal information stealer, and GlobeImposter ransomware. [...] | Malware | ||
|
2018-11-05 16:10:05 | Microsoft is Porting Sysinternals Tools to Linux - ProcDump Released (lien direct) | If you have administered Windows computers or assisted in Windows malware removal, then there is a good chance you have heard of the popular free Sysinternals utilities. [...] | Malware | ||
|
2018-10-31 20:59:01 | New Stuxnet Variant Allegedly Struck Iran (lien direct) | A malware similar in nature to Stuxnet but more aggressive and sophisticated allegedly hit the infrastructure and strategic networks in Iran. [...] | Malware | ||
|
2018-10-30 05:58:04 | Compression File Formats of the past Come Haunting in Spam Campaigns (lien direct) | Some ancient filetypes are making a comeback due to unwanted attention from cybercriminals looking for more effective ways to hide malware distributed through spam campaigns. [...] | Spam Malware | ||
|
2018-10-25 12:24:01 | Malware Distributors Adopt DKIM to Bypass Mail Filters (lien direct) | A US-CERT alert provided recommendations on how businesses can mitigate their exposure to the Emotet Trojan. Unfortunately, it looks like criminals also reading the US-CERT's warnings as they have adopted new techniques to bypass these recommendations. [...] | Malware | ||
|
2018-10-17 07:03:04 | New GreyEnergy Malware Targets ICS, Tied with BlackEnergy and TeleBots (lien direct) | A new advanced threat actor is now on the public map of adversaries that target systems in the critical infrastructure sector. The name is GreyEnergy and it shows similarities with the BlackEnergy group. [...] | Malware Threat | ||
|
2018-10-15 19:47:01 | New Technique Recycles Exploit Chain to Keep Antivirus Silent (lien direct) | In a new malware campaign, cybercriminals modified a known exploit chain to push Agent Tesla info stealer without triggering detection from common antivirus products. [...] | Malware | Tesla | |
|
2018-10-11 11:54:03 | New Android Trojan Gplayed Adapts to Attacker\'s Needs (lien direct) | A newly discovered piece of malware for Android raises the bar in terms of sophistication and flexibility, offering its operator adaptability to various tasks. [...] | Malware | ||
|
2018-10-11 08:23:04 | New Backdoor Ties NotPetya and Industroyer to TeleBots Group (lien direct) | Security researchers found the missing link that helps them prove that the NotPetya disk-wiping malware and the Industroyer backdoor for electric power systems are the work of the TeleBots group. [...] | Malware | NotPetya | |
|
2018-10-02 20:36:01 | Cheap Android Phones and Poor Quality Control Leads to Malware Surprise (lien direct) | The abundance and variety of low cost Android phones is one of the reasons that Android has become so popular around the world. Unfortunately, low priced phones could also mean less operating revenue and thus possibly a lower quality control. Such is the case with a cheap Android phone and has a remote access trojan preinstalled. [...] | Malware | ||
|
2018-10-02 15:33:00 | Danabot Banking Malware Now Targeting Banks in the U.S. (lien direct) | The DanaBot banking Trojan traditionally ran campaigns that targeted Australia and European banks, but new research shows a new campaign that is targeting banks in the United States as well. [...] | Malware | ||
|
2018-10-01 11:00:00 | Report Ties North Korean Attacks to New Malware, Linked by Word Macros (lien direct) | Newly discovered malware from the world of cyberespionage connects the dots between the tools and operations of the little-known Reaper group believed to act on behalf of the North Korean government. [...] | Malware Cloud | APT 37 | |
|
2018-09-21 16:26:05 | Malware Disguised as Job Offers Distributed on Freelance Sites (lien direct) | Attackers are using freelance job sites such as fiverr and Freelancer to distribute malware disguised as job offers. These job offers contain attachments that pretends to be the job brief, but are actually installers for keyloggers such as Agent Tesla or Remote Access Trojan (RATs). [...] | Malware | Tesla | |
|
2018-09-18 18:35:05 | Xbash Malware Deletes Databases on Linux, Mines for Coins on Windows (lien direct) | What may very well be considered a cybercriminal's dream tool is now real and it is hunting Windows and Linux servers: a botnet with self-spreading capabilities that combines cryptomining and ransomware functions. [...] | Ransomware Malware Tool | ||
|
2018-09-13 09:50:03 | Malicious Kodi Add-ons Install Windows & Linux Coin Mining Trojans (lien direct) | Some unofficial add-ons for Kodi open-source media player come with malware that mines for Monero cryptocurrency on Windows and Linux platforms. [...] | Malware | ||
|
2018-09-06 20:46:00 | New Chainshot Malware Found By Cracking 512-Bit RSA Key (lien direct) | Security researchers exploited a threat actor's poor choice for encryption and discovered a new piece of malware along with network infrastructure that links to various targeted attacks. [...] | Malware Threat | ||
|
2018-09-06 18:24:03 | New Fallout Exploit Kit Drops GandCrab Ransomware or Redirects to PUPs (lien direct) | A new exploit kit called Fallout is being used to distribute the GandCrab ransomware, malware downloading Trojans, and other potentially unwanted programs (PUPs). [...] | Ransomware Malware | ||
|
2018-09-05 11:45:00 | Windows Task Scheduler Zero Day Exploited by Malware (lien direct) | Malware developers have started to use the zero-day exploit for Windows Task Scheduler component, two days after proof-of-concept code for the vulnerability appeared online. [...] | Malware Vulnerability | ||
|
2018-09-04 22:50:01 | White-Hats Go Rogue, Attack Financial Institutions (lien direct) | Hackers rooted in the white-hat part of the business moonlight as bank robbers, pouring their knowledge and skills into creating and modifying malware that allows them to infiltrate financial institutions. [...] | Malware | ||
|
2018-09-04 11:21:05 | New Banking Trojan Poses As A Security Module (lien direct) | A newly discovered banking Trojan departs from the regular tactics observed by malware researchers by choosing visible installation and by adding social engineering components. [...] | Malware | ||
|
2018-09-02 14:16:02 | Barack Obama\'s Blackmail Virus Ransomware Only Encrypts .EXE Files (lien direct) | Every once in a while you come across a really strange malware and such is the case with a new ransomware that only encrypts .EXE files on a computer. It then displays a screen with a picture of President Obama that asks for a "tip" to decrypt the files. [...] | Ransomware Malware | ||
|
2018-08-30 17:30:00 | MagentoCore Malware Found on 7,339 Magento Stores (lien direct) | A Dutch security researcher has lifted the veil on a massive website hacking campaign that has infected 7,339 Magento stores with a script that collects payment card data from people shopping on the sites. [...] | Malware | ||
|
2018-08-28 19:30:01 | Beware of Fake "Shipping Docs" Malspam Pushing the DarkComet RAT (lien direct) | A new malspam campaign is underway that pretends to be shipping documents and contains an attachment that installs the DarkComet remote access Trojan. When DarkComet is installed, the malware has the ability to log your keystrokes, application usage, take screenshots, and more, which is then sent back to the malware developer. [...] | Malware | ||
|
2018-08-18 03:45:04 | AZORult Trojan Serving Aurora Ransomware by MalActor Oktropys (lien direct) | Towards the end of July 2018, we saw a new version of the AZORult trojan being used in malware campaigns targeting computers globally. In this article, we will dive into the malware and analyze its execution flow and payloads. [...] | Ransomware Malware | ||
|
2018-08-10 16:39:01 | 5 Examples of How Cheating in Fortnite Gets You Infected (lien direct) | Have you ever heard the saying "If it's too good to be true, then it probably is." If so, then it applies perfectly to programs that claim they can help you cheat in Fortnite or earn free V-Bucks. In this article we take a look at 5 malware samples that pretend to be Fortnite cheats, hacks, or tools. [...] | Malware | ★★★ | |
|
2018-08-09 09:34:00 | A First Look at the North Korean Malware Family Tree (lien direct) | Security researchers have analyzed malware samples from threat actors associated with North Korea and discovered connections with tools from older unattributed campaigns. [...] | Malware Threat | ||
|
2018-08-01 13:01:01 | (Déjà vu) Android Apps Infected With Windows Keylogger Removed From Google Play Store (lien direct) | Google has removed 145 Android apps infected with Windows malware from the official Play Store after a report from security researchers at Palo Alto Networks. [...] | Malware | ||
|
2018-07-24 15:13:04 | Malware Author Building "Death" Botnet Using Old AVTech Flaw (lien direct) | A malware author by the name of EliteLands is currently building a botnet named "Death" by targeting unpatched AVTech devices. [...] | Malware | ||
|
2018-07-24 12:19:01 | Hackers Hiding Web Shell Logins in Fake HTTP Error Pages (lien direct) | Malware distributors, hackers, and phishing scammers are continuing to use the practice of hiding login forms for their web shells in fake HTTP error documents. These pages pretend to be HTTP errors such as 404 Not Found or Forbidden, while in reality they are login pages that allow an attacker to issues commands on the server. [...] | Malware | ★★★★ | |
|
2018-07-23 00:15:00 | Source Code for Exobot Android Banking Trojan Leaked Online (lien direct) | The source code of a top-of-the-line Android banking trojan has been leaked online and has since rapidly spread in the malware community, worrying researchers that a new wave of malware campaigns may be in the works. [...] | Malware | ||
|
2018-07-20 17:28:00 | Researchers Discover Calisto, a Precursor to Dangerous Proton macOS Malware (lien direct) | Security researchers have discovered a precursor of the notorious Proton macOS malware. This supposed precursor appears to have been developed back in 2016, a year before Proton, and uploaded on VirusTotal, where it remained undetected for nearly two years until May 2018, when Kaspersky researchers stumbled upon it. [...] | Malware | ||
|
2018-07-20 05:13:02 | Droppers Is How Android Malware Keeps Sneaking Into the Play Store (lien direct) | For the past year, Android malware authors have been increasingly relying on a solid trick for bypassing Google's security scans and sneaking malicious apps into the official Play Store. [...] | Malware | ||
|
2018-07-20 00:35:00 | Google User Content CDN Used for Malware Hosting (lien direct) | Hackers are hiding malicious code inside the metadata fields of images hosted on Google's official CDN (content delivery network) -googleusercontent.com. [...] | Malware | ||
|
2018-07-13 05:27:00 | Highly Targeted Attack Infects Only 13 iPhones in India (lien direct) | Mysterious malware has infected only 13 iPhones in India in what appears a highly targeted operation. Attacker located in India but tried to pose as Russian. [...] | Malware | ||
|
2018-07-12 19:12:03 | Ukraine Says It Stopped a VPNFilter Attack on a Chlorine Distillation Station (lien direct) | The Ukrainian Secret Service (SBU) said today it stopped a cyber-attack with the VPNFilter malware on a chlorine distillation plant in the village of Aulska, in the Dnipropetrovsk region. [...] | Malware | VPNFilter | |
|
2018-07-12 15:58:00 | Beware of Extortion Scams Stating They Have Video of You on Adult Sites (lien direct) | Reports are coming in about a new extortion scam where scammers email you stating that they know the recipient's password, have installed malware on the computer, created videos of the recipient using adult web sites through their webcam, and have stolen the recipient's contacts. [...] | Malware | ||
|
2018-07-10 17:26:02 | Malware Found in Arch Linux AUR Package Repository (lien direct) | Malware has been discovered in at least three Arch Linux packages available on AUR (Arch User Repository), the official Arch Linux repository of user-submitted packages. The malicious code has been removed thanks to the quick intervention of the AUR team. [...] | Malware | ||
|
2018-07-10 00:05:00 | BlackTech APT Steals D-Link Cert for Cyber-Espionage Campaign (lien direct) | A lesser-known cyber-espionage group known as BlackTech has been caught earlier this month using a stolen D-Link certificate to sign malware deployed in a recent campaign. [...] | Malware | ||
|
2018-07-09 14:41:04 | Security Firm Sued for Failing to Detect Malware That Caused a 2009 Breach (lien direct) | Two insurance companies are suing a cyber-security firm to recover insurance fees paid to a customer after the security firm failed to detect malware on the client's network for months, an issue that led to one of the biggest security breaches of the 2000s. The security firms says the lawsuit is meritless. [...] | Malware | ||
|
2018-07-06 17:45:05 | Rakhni Ransomware Adds Coinminer Component (lien direct) | An old foe and one of the first ransomware strains is still around and making new victims, but this malware is keeping up with the times and has added a cryptocurrency-mining component that it deploys on carefully selected computers. [...] | Ransomware Malware | ||
|
2018-07-05 12:40:00 | Hamas Lures Israeli Soldiers to Malware Disguised in World Cup and Dating Apps (lien direct) | In a report published earlier this week, the Israeli military has accused Hamas cyber-operatives of attempting to lure Israel Defence Forces (IDF) soldiers into installing malware-infected apps on their phones. [...] | Malware | ||
|
2018-06-30 13:06:03 | Clipboard Hijacker Malware Monitors 2.3 Million Bitcoin Addresses (lien direct) | While we have covered cryptocurrency clipboard hijackers in the past, most of the previous samples monitored for 400-600 thousand cryptocurrency addresses. This week BleepingComputer noticed a sample of this type of malware that monitors for a over 2.3 million cryptocurrency addresses! [...] | Malware | ||
|
2018-06-29 03:50:01 | File-Wiping Malware Placed Inside Gentoo Linux Code After GitHub Account Hack (lien direct) | An unknown hacker has temporarily taken control over the GitHub account of the Gentoo Linux organization and embedded malicious code inside the operating system's distributions that would delete user files. [...] | Malware Hack |
To see everything:
Our RSS (filtrered)
