Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-01-13 15:04:01 |
New GootLoader Campaign Targets Accounting, Law Firms (lien direct) |
Once prolific spreaders of REvil ransomware, the GootLoader malware gang has pivoted to actively targeting employees of law and accounting firms with malicious downloads. The Threat Response Unit from eSentire issued an alert about having over the past three weeks observed GootLoader attacks on three law firms and one accounting firm. WordPress vulnerabilities let the […] |
Malware
Threat
|
|
|
|
2022-01-11 15:00:15 |
\'Fully Undetected\' SysJoker Backdoor Malware Targets Windows, Linux & macOS (lien direct) |
The malware establishes initial access on targeted machines, then waits for additional code to execute. |
Malware
|
|
|
|
2022-01-06 15:44:27 |
Apple iPhone Malware Tactic Causes Fake Shutdowns to Enable Spying (lien direct) |
The 'NoReboot' technique is the ultimate in persistence for iPhone malware, preventing reboots and enabling remote attackers to do anything on the device while remaining completely unseen. |
Malware
|
|
|
|
2022-01-05 13:00:55 |
\'Malsmoke\' Exploits Microsoft\'s E-Signature Verification (lien direct) |
The info-stealing campaign using ZLoader malware – previously used to deliver Ryuk and Conti ransomware – already has claimed more than 2,000 victims across 111 countries.
|
Ransomware
Malware
|
|
|
|
2021-12-21 14:42:02 |
FBI: Another Zoho ManageEngine Zero-Day Under Active Attack (lien direct) |
APT attackers are using a security vulnerability in ManageEngine Desktop Central to take over servers, deliver malware and establish network persistence. |
Malware
Vulnerability
|
|
|
|
2021-12-17 20:17:45 |
Facebook Bans Spy-for-Hire Firms for Targeting 50K People (lien direct) |
Meta, Facebook's parent company, said that the seven banned actors run fake accounts on its platforms to deceive users and plant malware on targets' phones. |
Malware
|
|
|
|
2021-12-17 19:23:09 |
Malicious Joker App Scores Half-Million Downloads on Google Play (lien direct) |
Joker malware was found lurking in the Color Message app, ready to fleece unsuspecting users with premium SMS charges. |
Malware
|
|
|
|
2021-12-16 13:45:46 |
\'DarkWatchman\' RAT Shows Evolution in Fileless Malware (lien direct) |
The new tool manipulates Windows Registry in unique ways to evade security detections and is likely being used by ransomware groups for initial network access.
|
Ransomware
Malware
Tool
|
|
|
|
2021-12-14 22:21:35 |
Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery (lien direct) |
December's Patch Tuesday updates address six publicly known bugs and seven critical security vulnerabilities. |
Malware
|
|
|
|
2021-12-13 18:46:34 |
Malicious PyPI Code Packages Rack Up Thousands of Downloads (lien direct) |
The Python code repository was infiltrated by malware bent on data exfiltration from developer apps and more. |
Malware
|
|
|
|
2021-12-07 13:24:30 |
SolarWinds Attackers Spotted Using New Tactics, Malware (lien direct) |
One year after the disruptive supply-chain attacks, researchers have observed two new clusters of activity from the Russia-based actors that signal a significant threat may be brewing.
|
Malware
Threat
|
|
|
|
2021-12-06 18:29:59 |
Cuba Ransomware Gang Hauls in $44M in Payouts (lien direct) |
The gang is using a variety of tools and malware to carry out attacks in volume on critical sectors, the FBI warned. |
Ransomware
Malware
|
|
|
|
2021-12-02 17:35:06 |
AT&T Takes Steps to Mitigate Botnet Found Inside Its Network (lien direct) |
AT&T is battling a modular malware called EwDoor on 5,700 VoIP servers, but it could have a larger wildcard certificate problem. |
Malware
|
|
|
|
2021-12-01 12:15:28 |
Widespread \'Smishing\' Campaign Defrauds Iranian Android Users (lien direct) |
Attackers use socially engineered SMS messages and malware to compromise tens of thousands of devices and drain user bank accounts. |
Malware
|
|
|
|
2021-11-29 16:37:16 |
Shape-Shifting \'Tardigrade\' Malware Hits Vaccine Makers (lien direct) |
Some security researchers say it's actually Cobalt Strike and not a SmokeLoader variant, but BioBright says in-depth testing shows it's for real a scary morphic malware that changes its parts and recompiles itself.
|
Malware
|
|
|
|
2021-11-23 14:00:01 |
How to Defend Against Mobile App Impersonation (lien direct) |
Despite tight security measures by Google/Apple, cybercriminals still find ways to bypass fake app checks to plant malware on mobile devices. Dave Stewart, CEO of Approov, discusses technical approaches to defense against this. |
Malware
|
|
|
|
2021-11-16 21:46:51 |
Rooting Malware Is Back for Mobile. Here\'s What to Look Out For. (lien direct) |
Hank Schless, senior manager of security solutions at Lookout, discusses AbstractEmu, mobile malware found on Google Play, Amazon Appstore and the Samsung Galaxy Store. |
Malware
|
|
|
|
2021-11-15 20:10:15 |
Cybercriminals Target Alibaba Cloud for Cryptomining, Malware (lien direct) |
Malicious groups disable features in Alibaba Cloud ECS instances for Monero cryptojacking, according to Trend Micro researchers. |
Malware
|
|
|
|
2021-11-12 13:14:44 |
Millions of Routers, IoT Devices at Risk from New Open-Source Malware (lien direct) |
BotenaGo, written in Google's Golang programming language, can exploit more than 30 different vulnerabilities. |
Malware
|
|
|
|
2021-11-08 19:42:13 |
Zebra2104 Initial Access Broker Supports Rival Malware Gangs, APTs (lien direct) |
Researchers have uncovered a large, tangled web of infrastructure being used to enable a wide variety of cyberattacks. |
Malware
|
|
★★★
|
|
2021-10-29 15:30:25 |
Google Chrome is Abused to Deliver Malware as \'Legit\' Win 10 App (lien direct) |
Malware delivered via a compromised website on Chrome browsers can bypass User Account Controls to infect systems and steal sensitive data, such as credentials and cryptocurrency. |
Malware
|
|
|
|
2021-10-26 22:25:05 |
SquirrelWaffle Loader Malspams, Packing Qakbot, Cobalt Strike (lien direct) |
Say hello to what could be the next big spam player: SquirrelWaffle, which is spreading with increasing frequency via spam campaigns and infecting systems with a new malware loader.
|
Spam
Malware
|
|
|
|
2021-10-26 16:50:23 |
Attackers Hijack Craigslist Emails to Bypass Security, Deliver Malware (lien direct) |
Fake Craigslist emails that abuse Microsoft OneDrive warn users that their ads contain 'inappropriate content.” |
Malware
|
|
|
|
2021-10-22 11:44:40 |
Threat Actors Abuse Discord to Push Malware (lien direct) |
The platform's Content Delivery Network and core features are being used to send malicious files-including RATs--across its network of 150 million users, putting corporate workplaces at risk. |
Malware
|
|
|
|
2021-10-19 20:15:01 |
Fresh APT Harvester Reaps Telco, Government Data (lien direct) |
The group is likely nation-state-backed and is mounting an ongoing spy campaign using custom malware and stealthy tactics. |
Malware
|
|
|
|
2021-10-19 09:00:30 |
TA505 Gang Is Back With Newly Polished FlawedGrace RAT (lien direct) |
TA505 – cybercrime trailblazers with ever-evolving TTPs – have returned to mass-volume email attacks, flashing retooled malware and exotic scripting languages. |
Malware
|
|
|
|
2021-10-18 16:23:21 |
Twitter Suspends Accounts Used to Snare Security Researchers (lien direct) |
The accounts were used to catfish security researchers into downloading malware in a long-running cyber-espionage campaign attributed to North Korea. |
Malware
|
|
|
|
2021-10-12 19:34:32 |
Windows Zero-Day Actively Exploited in Widespread Espionage Campaign (lien direct) |
The cyberattacks, linked to a Chinese-speaking APT, deliver the new MysterySnail RAT malware to Windows servers. |
Malware
|
|
|
|
2021-10-06 18:11:58 |
ESPecter Bootkit Malware Haunts Victims with Persistent Espionage (lien direct) |
The rare UEFI bootkit drops a fully featured backdoor on PCs and gains the ultimate persistence by modifying the Windows Boot Manager. |
Malware
|
|
|
|
2021-10-04 20:31:06 |
Encrypted & Fileless Malware Sees Big Growth (lien direct) |
An analysis of second-quarter malware trends shows that threats are becoming stealthier. |
Malware
|
|
|
|
2021-10-01 15:27:01 |
Flubot Malware Targets Androids With Fake Security Updates (lien direct) |
The banking trojan keeps switching up its lies, trying to fool Android users into clicking on a fake Flubot-deleting app or supposedly uploaded photos of recipients. |
Malware
|
|
|
|
2021-10-01 12:36:25 |
New APT ChamelGang Targets Russian Energy, Aviation Orgs (lien direct) |
First appearing in March, the group has been leveraging ProxyShell against targets in 10 countries and employs a variety of malware to steal data from compromised networks. |
Malware
|
|
|
|
2021-09-29 18:08:54 |
GriftHorse Money-Stealing Trojan Takes 10M Android Users for a Ride (lien direct) |
The mobile malware has fleeced hundreds of millions of dollars from victims globally, using sophisticated techniques. |
Malware
|
|
|
|
2021-09-29 14:45:03 |
SAS 2021: \'Tomiris\' Backdoor Linked to SolarWinds Malware (lien direct) |
Newly discovered code resembles the Kazuar backdoor and the Sunshuttle second-stage malware distributed by Nobelium in the SolarWinds supply-chain attacks. |
Malware
|
|
|
|
2021-09-28 18:42:02 |
Gamers Beware: Malware Hunts Steam, Epic and EA Origin Accounts (lien direct) |
The BloodyStealer trojan helps cyberattackers go after in-game goods and credits. |
Malware
|
|
|
|
2021-09-28 17:45:59 |
SAS 2021: FinSpy Surveillance Kit Re-Emerges Stronger Than Ever (lien direct) |
A 'nearly impossible to analyze' version of the malware sports a bootkit and 'steal-everything' capabilities. |
Malware
|
|
|
|
2021-09-24 15:48:53 |
TangleBot Malware Reaches Deep into Android Device Functions (lien direct) |
The mobile baddie grants itself access to almost everything, enabling spying, data-harvesting, stalking and fraud attacks, among others. |
Malware
|
|
|
|
2021-09-21 16:02:35 |
Turla APT Plants Novel Backdoor In Wake of Afghan Unrest (lien direct) |
“TinyTurla,” simply coded malware that hides away as a legitimate Windows service, has flown under the radar for two years.
|
Malware
|
|
|
|
2021-09-17 12:57:42 |
AT&T Phone-Unlocking Malware Ring Costs Carrier $200M (lien direct) |
With the help of malicious insiders, a fraudster was able to install malware and remotely divorce iPhones and other handsets from the carrier's U.S. network -- all the way from Pakistan. |
Malware
|
|
|
|
2021-09-10 16:25:53 |
SOVA, Worryingly Sophisticated Android Trojan, Takes Flight (lien direct) |
The malware appeared in August with an ambitious roadmap (think ransomware, DDoS) that could make it 'the most feature-rich Android malware on the market.' |
Malware
|
|
|
|
2021-09-09 14:30:56 |
SideWalk Backdoor Linked to China-Linked Spy Group \'Grayfly\' (lien direct) |
Grayfly campaigns have launched the novel malware against businesses in Taiwan, Vietnam, the US and Mexico and are targeting Exchange and MySQL servers. |
Malware
Guideline
|
APT 41
|
|
|
2021-08-27 17:32:56 |
FIN8 Targets US Bank With New \'Sardonic\' Backdoor (lien direct) |
The latest refinement of the APT's BadHatch backdoor can leverage new malware on the fly without redeployment, making it potent and nimble.
|
Malware
|
|
★★★
|
|
2021-08-26 20:50:23 |
Man Sues Parents of Teens Who Hijacked Nearly $1M in Bitcoin (lien direct) |
Now adults, the then-teens apparently used clipboard hijacking malware to steal Bitcoin.
|
Malware
|
|
|
|
2021-08-24 16:27:01 |
Custom WhatsApp Build Delivers Triada Malware (lien direct) |
Researchers have spotted the latest version of the Triada trojan targeting mobile devices via an advertising SDK. |
Malware
|
|
|
|
2021-08-18 11:24:42 |
HolesWarm Malware Exploits Unpatched Windows, Linux Servers (lien direct) |
The botnet cryptominer has already compromised 1,000-plus clouds since June. |
Malware
|
|
|
|
2021-08-13 21:04:53 |
Cyberattackers Embrace CAPTCHAs to Hide Phishing, Malware (lien direct) |
CAPTCHA-protected malicious URLs are snowballing lately, researchers said. |
Malware
|
|
|
|
2021-08-12 17:32:47 |
AdLoad Malware 2021 Samples Skate Past Apple XProtect (lien direct) |
A crush of new attacks using the well-known adware involves at least 150 updated samples, many of which aren't recognized by Apple's built-in security controls. |
Malware
|
|
|
|
2021-08-10 15:33:46 |
Chaos Malware Walks Line Between Ransomware and Wiper (lien direct) |
The dangerous malware has been rapidly developed since June and could be released into the wild soon. |
Ransomware
Malware
|
|
|
|
2021-08-09 16:18:25 |
Android Malware \'FlyTrap\' Hijacks Facebook Accounts (lien direct) |
Coupon codes for Netlifx or Google AdWords? Voting for the best football team? Beware: Malicious apps offering such come-ons could inflict a new trojan. |
Malware
|
|
|
|
2021-08-06 20:41:40 |
Golang Cryptomining Worm Offers 15% Speed Boost (lien direct) |
The latest variants of the Monero-mining malware exploit known web server bugs and add efficiency to the mining process. |
Malware
|
|
|