What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-02-24 08:25:13 | FireEye Mandiant M-Trends 2020 report: 500+ new Malware strains in 2019 (lien direct) | FireEye's report revealed that the incident response division Mandiant observed more than 500 new malware families in 2019. According to the FireEye Mandiant M-Trends 2020 report, FireEye analyzed 1.1 million malware samples per day in 2019 and identified 1,268 malware families. The most worrisome figure is related to the number of previously unseen malware families […] | Malware | ||
|
2020-02-23 17:17:08 | ISS reveals malware attack impacted parts of the IT environment (lien direct) | ISS, the multinational Denmark-based facility services company, was hit with a malware that shuts down shared IT services worldwide. ISS, the Danish multinational services company announced it was hit with malware, in response to the incident the firm disabled access to shared IT services worldwide. ISS services include cleaning services, support services, property services, catering […] | Malware | ||
|
2020-02-23 11:14:42 | ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia (lien direct) | Cisco Talos researchers discovered a new malware, tracked as ObliqueRAT, that was employed targeted attacks against organizations in Southeast Asia. Experts from Cisco Talos discovered a new malware, tracked as ObliqueRAT, that appears a custom malware developed by a threat actor focused on government and diplomatic targets. The malware was employed in targeted attacks against […] | Malware Threat | ||
|
2020-02-22 18:12:26 | Joker malware still able to bypass Google Play Store checks (lien direct) | The infamous Joker malware has found a way to bypass the security checks to be published in the official Play Store, new clicker was found by experts. The fight to the Joker malware (aka Bread) begun in September 2019 when security experts at Google removed from the official Play Store 24 apps because they were […] | Malware | ★★★★★ | |
|
2020-02-19 20:45:39 | DRBControl cyber-espionage group targets gambling, betting companies (lien direct) | The DRBControl APT group has been targeting gambling and betting companies worldwide with malware that links to two China-linked APT groups. Security researchers from TrendMicro have uncovered a cyber espionage campaign carried out by an APT group tracked as DRBControl that employed a new family of malware. The attackers aimed at stealing databases and source […] | Malware | ||
|
2020-02-17 13:46:57 | Launching the First “Yomi Hunting” Challenge! (lien direct) | About a year ago, Yoroi released the Yomi Hunter sandbox, today, they love to challenge the malware community with the first “Yomi Hunting” contest. About a year ago, we publicly released the Yomi Hunter sandbox for a few simple reasons: in Yoroi we believe in the InfoSec community value, we think it plays a central […] | Malware | ||
|
2020-02-14 21:07:17 | US Govt agencies detail North Korea-linked HIDDEN COBRA malware (lien direct) | The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) released reports on North Korea-linked HIDDEN COBRA malware. The FBI, the US Cyber Command, and the Department of Homeland Security have published technical details of a new North-Korea linked hacking operation. The government experts released new and updated Malware Analysis Reports (MARs) […] | Malware Medical | APT 38 | |
|
2020-02-14 10:54:24 | (Déjà vu) PoS malware infected systems at 71 locations operated by US store chain Rutter\'s (lien direct) | US store chain Rutter disclosed a security breach, 71 locations were infected with a point-of-sale (POS) malware used to steal customers’ credit card information. The Rutter’s, a U.S. convenience store, fast food restaurant, and gas station chain owner, has disclosed a security breach. The company confirmed that attackers gained access to its stores’ network system […] | Malware | ||
|
2020-02-13 12:33:57 | Google Play Protect prevented 1.9 billion malware installs from Third-party stores in 2019 (lien direct) | Google Play Protect now scans over 100 billion applications on Android devices every day, these amazing figures were disclosed by Google. In May 2017, Google introduced a security defense system called Google Play Protect to protect the devices running its mobile OS. Google aims at monitoring the behavior of the apps and the detection of the malicious […] | Malware | ||
|
2020-02-13 08:34:35 | Microsoft recommends Exchange admins to disable the SMBv1 protocol (lien direct) | Microsoft is recommending administrators to disable the SMBv1 network communication protocol on Exchange servers to prevent malware attacks. Microsoft is urging administrators to disable the SMBv1 protocol on Exchange servers as a countermeasure against malware threats like TrickBot and Emotet. “To make sure that your Exchange organization is better protected against the latest threats (for […] | Malware | ||
|
2020-02-09 09:57:21 | Security Affairs newsletter Round 250 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Microsoft announces the launch of a bug bounty program for Xbox Microsoft warns TA505 changed tactic in an ongoing malware campaign Russias watchdog Roskomnadzor threatens to fine Twitter and Facebook The Russian Government blocked ProtonMail and ProtonVPN Apollon […] | Malware | ||
|
2020-02-08 15:21:07 | IoT devices at major Manufacturers infected with crypto-miner (lien direct) | Hackers have infected with a piece of malware some IoT devices running Windows 7 designed by three of the world's largest manufacturers. Security experts from TrapX reported that some IoT devices running Windows 7 have been infected with a piece of malware, is it a supply chain attack? The experts reported that several IoT devices […] | Malware | ||
|
2020-02-05 09:08:42 | (Déjà vu) Hackers abuse BitBucket to infect 500K+ hosts with arsenal of malware (lien direct) | Threat actors are abusing the Bitbucket code hosting service to host seven types of malware that has already claimed more than 500,000 business computers. Cybereason researchers reported that attackers are abusing the Bitbucket code hosting service to store seven types of malware that were employed in an ongoing campaign. According to the experts, the malware […] | Malware | ||
|
2020-02-02 09:52:04 | Microsoft warns TA505 changed tactic in an ongoing malware campaign (lien direct) | An ongoing phishing campaign launched by TA505 is using attachments featuring HTML redirectors for delivering malicious Excel docs Security experts from Microsoft have uncovered an ongoing phishing campaign launched by the TA505 cybercrime gang (aka Evil Corp) that is employing attachments featuring HTML redirectors for delivering malicious Excel docs. According to Microsoft, this is the […] | Malware | ||
|
2020-02-01 16:04:23 | Crooks start exploiting Coronavirus as bait to spread malware (lien direct) | Security researchers warn of malspam campaigns aimed at spreading malware that exploits media attention on the coronavirus epidemic. Unscrupulous cybercriminal groups are attempting to exploit media attention on the coronavirus to infect systems worldwide. Recently, coronavirus is monopolizing media attention, users online are searching for information about the virus and the way it is rapidly […] | Malware | ||
|
2020-01-31 08:17:43 | Report: Threat of Emotet and Ryuk (lien direct) | Experts at cyber security firm Cypher conducted a study on Portuguese domains during 2019 and concluded that Emotet and Ryuk were the most active threats Emotet, the most widespread malware worldwide and Ryuk, a ransomware type, are growing threats and real concerns for businesses and internet users in 2020. This is the conclusion of a […] | Ransomware Malware Threat | ||
|
2020-01-27 14:40:38 | Which was the most common threat to macOS devices in 2019? Shlayer malware (lien direct) | Malware authors continue to show interest in macOS devices, Kaspersky experts confirmed that the Shlayer malware has been the most common threat to the macOS platform. Security experts from Kaspersky Lab revealed that the Shlayer malware was the most widespread macOS threat in 2019. In February, malware researchers at Carbon Black spotted a new strain […] | Malware Threat | ||
|
2020-01-27 07:54:50 | (Déjà vu) A new piece of Ryuk Stealer targets government, military and finance sectors (lien direct) | A new piece of the Ryuk malware has been improved to steal confidential files related to the military, government, financial statements, and banking. Security experts from MalwareHunterTeam have discovered a new version of the Ryuk Stealer malware that has been enhanced to allow its operators to steal a greater amount of confidential files related to […] | Malware | ||
|
2020-01-24 19:08:30 | NK CARROTBALL dropper used in attacks on U.S. Govn Agency (lien direct) | A US Government agency was hit with a phishing attack attempting to deliver a new malware dropper dubbed CARROTBALL. Security experts at Palo Alto Networks have uncovered a new malware dropper called CARROTBALL that was used in targeted attacks against a U.S. government agency and non-US foreign nationals. Experts attribute the attack to the Konni […] | Malware | ||
|
2020-01-22 15:40:36 | (Déjà vu) Malware attack took down 600 computers at Volusia County Public Library (lien direct) | System supporting libraries in Volusia County were hit by a cyber attack, the incident took down 600 computers at Volusia County Public Library (VCPL) branches. 600 staff and public access computers were taken down at Volusia County Public Library (VCPL) branches in Daytona Beach, Florida, following a cyberattack. The attack started around 7 AM on […] | Malware | ||
|
2020-01-21 14:14:11 | The Mystery of Fbot (lien direct) | In a few days back, the MalwareMustDie team's security researcher unixfreaxjp has published a new Linux malware analysis of Fbot that has focused on the decryption of the last encryption logic used by its bot client. This is not the first time Fbot analysis has been published, and also Fbot binaries have been actively infecting […] | Malware | ||
|
2020-01-20 08:10:30 | JhoneRAT uses Google Drive, Twitter, ImgBB, and Google Forms to target countries in Middle East (lien direct) | Researchers from Cisco Talos discovered a new Trojan named JhoneRAT that was used in targeted attacks against entities in the Middle East. A new Trojan named JhoneRAT appeared in the threat landscape, it is selectively attacking targets in the Middle East by checking keyboard layouts. The malware targets a very specific set of Arabic-speaking countries, […] | Malware Threat | ||
|
2020-01-19 12:05:41 | Security Affairs newsletter Round 247 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Google removed 1.7K+ Joker Malware infected apps from its Play Store MageCart attack hit Australia bushfire Donors New Bill prohibits intelligence sharing with countries using Huawei 5G equipment 5G – The Future of Security and Privacy in Smart […] | Malware | ||
|
2020-01-16 07:05:50 | 5ss5c Ransomware emerges after Satan went down in the hell (lien direct) | The cybercrime group behind Satan ransomware and other malware seems to be involved in the development of a new threat named 5ss5c. The threat actors behind the Satan, DBGer and Lucky ransomware and likely Iron ransomware, is back with a new piece of malware named ‘5ss5c’. The Bart Blaze believes that the threat actors have […] | Ransomware Malware Threat | ||
|
2020-01-08 11:16:44 | SNAKE Ransomware is targeting business networks (lien direct) | A new piece of ransomware called SNAKE appeared in threat landscape, the malware is now targeting company networks. The SNAKE is a new ransomware that is threatening enterprises worldwide along with most popular ransomware families such as Ryuk, Maze, Sodinokibi, LockerGoga, BitPaymer, DoppelPaymer, MegaCortex, LockerGoga. The scary trend sees criminal organizations targeting enterprises, instead of […] | Ransomware Malware Threat | ||
|
2020-01-03 14:03:37 | Travelex currency exchange suspends services after malware attack (lien direct) | The Travelex currency exchange has been forced offline following a malware attack launched on New Year’s Eve. This week, the UK-based currency exchange Travelex announced that it has shut down its services as a “precautionary measure” following a malware attack. The London-based company, which operates more than 1,500 stores globally, suffered the attack on December […] | Malware | ||
|
2020-01-02 23:11:28 | US restaurant chain Landry\'s discloses payment card breach (lien direct) | The popular US restaurant chain Landry’s announced that it was the victim of a cyber-attack, malware has infected its point of sale (POS) systems. The popular US restaurant chain Landry’s disclosed a security incident, its point of sale (POS) systems have been infected with malware specifically developed to steal customers’ payment card information (i.e. credit […] | Malware | ||
|
2020-01-02 12:10:34 | Crooks use Star Wars saga as bait in Phishing and malware attacks (lien direct) | Crooks are exploiting the popularity of the Star Wars saga to monetize their efforts, experts warn of online streaming sites delivering malware. Cybercriminals leverage popular movies like Star Wars to lure users into downloading malware to watch exclusive scenes or the full movie. Experts at Kaspersky have analyzed some threats that exploit the new Star Wars movie […] | Malware | ||
|
2019-12-29 12:33:56 | Security Affairs newsletter Round 246 (lien direct) | A new round of the weekly newsletter arrived! The best news of the week with Security Affairs Experts warn of Greta Thunberg-themed Emotet malware campaign Former contractor sentenced to 10 months in prison for hacking airline Jet2 UK authorities sentenced hacker who blackmailed Apple for $100,000 Champagne Bakery Cafe and Islands burger chain disclose payment […] | Malware | ||
|
2019-12-18 19:58:41 | Trend Micro observed notable malware activity associated with the Momentum Botnet (lien direct) | Security experts recently found notable malware activity affecting devices running Linux that is associated with the Momentum Botnet. Malware researchers from Trend Micro recently observed notable malware activity affecting devices running Linux that is associated with the Momentum Botnet. Experts revealed details on the tools and techniques used by the botnet to compromise Linux devices […] | Malware | ||
|
2019-12-17 20:43:46 | (Déjà vu) Dacls RAT, the first Lazarus malware that targets Linux devices (lien direct) | Researchers spotted a new Remote Access Trojan (RAT), dubbed Dacls, that was used by the Lazarus APT group to target both Windows and Linux devices. Experts at Qihoo 360 Netlab revealed that the North-Korea Lazarus APT group used a new Remote Access Trojan (RAT), dubbed Dacls, to target both Windows and Linux devices. The activity […] | Malware | APT 38 | |
|
2019-12-05 06:15:45 | Iran-Linked APT groups target energy, industrial sectors with ZeroCleare Wiper (lien direct) | Experts spotted a piece of malware dubbed ZeroCleare that has been used in highly targeted attacks aimed at energy and industrial organizations in the Middle East. Security experts at IBM X-Force found a piece of malware dubbed ZeroCleare (the name ZeroCleare comes from the path in the binary file) that has been used in highly targeted […] | Malware | ||
|
2019-11-28 18:48:00 | RevengeHotels campaign – crooks target the hospitality industry (lien direct) | RevengeHotels campaign – The hospitality industry continues to be a privileged target for cybercriminals that target hotels, restaurant chains, and tourism services. Security experts at Kaspersky have published a report on a targeted cybercrime malware campaign, tracked as RevengeHotels, that hit hotels, hostels, hospitality and tourism companies. According to the experts, the threat actor has […] | Malware Threat | ||
|
2019-11-25 14:53:02 | Livingston School District hit by a ransomware attack (lien direct) | Livingston School District in New Jersey is the last victim of a ransomware attack that caused a two hour delayed opening. Students at the Livingston public school district in New Jersey are undoubtedly happy for a two hour delayed opening tomorrow. A new ransomware attack hit a school district in the US, the malware has […] | Ransomware Malware | ||
|
2019-11-25 11:32:48 | After 1 Million of malware samples analyzed (lien direct) | Malware Hunter – One year after its launch, Marco Ramilli shared the results of its project that has analyzed more than 1 Million malware samples. Malware Hunter – One year ago I decided to invest in static Malware Analysis automation by setting up a full-stack environment able to grab samples from common opensources and to […] | Malware | ||
|
2019-11-23 18:47:08 | Catch Hospitality Group discloses PoS malware infection at its restaurants (lien direct) | The Catch Hospitality Group has suffered a malware attack, a point-of-sale malware has infected systems (POS) at several restaurants of the chain.The Catch Hospitality Group has suffered a malware attack, a point-of-sale malware has infected systems (POS) at several restaurants of the chain. Catch Hospitality Group announced that a PoS malware has infected its payment […] | Malware | ||
|
2019-11-22 15:03:07 | French Rouen hospital hit by a ransomware attack (lien direct) | The University Hospital Center (CHU) of Rouen was hit by the malware last week, the ransomware had a severe impact on the operations during the weekend. The AFP news agency reported that a ransomware attack on a hospital in Rouen last week caused “very long delays in care.” Medical staff at the hospital were not […] | Ransomware Malware | ||
|
2019-11-22 13:11:42 | Payment solutions giant Edenred announces malware infection (lien direct) | The Payment solutions giant Edenred disclosed a malware incident that affected some of its computing systems, it immediately started an investigation. The Payment solutions giant Edenred announced that some of its computing systems have been infected with malware, the company is currently investigating the incident. Edenred is a French company specialized in prepaid corporate services. […] | Malware | ||
|
2019-11-22 11:38:02 | (Déjà vu) Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison (lien direct) | The Russian hacker who created and used Neverquest banking malware has finally been sentenced to 4 years in prison by a US District Court. Stanislav Vitaliyevich Lisov (34), the Russian hacker who created and used Neverquest banking malware has been sentenced to 4 years in prison by the United States District Court for the Southern District of New York. […] | Malware | ||
|
2019-11-15 12:57:25 | New TA2101 threat actor poses as government agencies to distribute malware (lien direct) | A new threat actor tracked as TA2101 is conducting malware campaigns using email to impersonate government agencies in the United States, Germany, and Italy. A new threat actor, tracked as TA2101, is using email to impersonate government agencies in the United States, Germany, and Italy to multiple families of malware, deliver ransomware, and banking Trojans. The […] | Malware Threat | ||
|
2019-11-14 11:49:25 | Tracking Iran-linked APT33 group via its own VPN networks (lien direct) | APT33, the Iran-linked APT group, has been using multiple layers of obfuscation to run a dozen live C2 servers for extremely targeted attacks. APT33, the Iran-linked APT group, has been using multiple layers of obfuscation to run a dozen live C2 servers involved in extremely targeted malware attacks. The targeted malware campaigns aimed at organizations […] | Malware | APT33 APT 33 | |
|
2019-11-07 15:44:15 | Specially Crafted ZIP archives allow bypassing secure email gateways (lien direct) | Experts observed a new phishing campaign that used a specially crafted ZIP archive that was designed to bypass secure email gateways to distribute malware. Attackers have devised a new technique to distribute malware bypassing secure email gateways and other security solutions by using a specially crafted ZIP file. The structure of a ZIP archive contains […] | Malware | ||
|
2019-11-05 18:55:52 | Mysterious DarkUniverse APT remained undetected for 8 years (lien direct) | Kaspersky discovered a previously unknown APT group, tracked as DarkUniverse, by analyzing Shadow Brokers’ “Lost in Translation” data dump. In 2017, a hacker group known as the Shadow Brokers stolen malware and hacking tools from the arsenal of the NSA-Linked Equation Group, then it published online the data dump called “Lost in Translation.” The dump […] | Malware | ||
|
2019-11-04 08:31:57 | QSnatch malware already infected thousands of QNAP NAS devices (lien direct) | Security experts warn of a new piece of malware dubbed QSnatch that already infected thousands of QNAP NAS devices worldwide. A new piece of malware dubbed QSnatch is infecting thousands of NAS devices manufactured by the Taiwanese vendor QNAP. The name comes after the target vendor and the “snatching” activity the malware performs. According to […] | Malware | ||
|
2019-11-02 15:53:12 | CVE-2019-2114 flaw allows hackers to plant malware on Android devices via NFC beaming (lien direct) | A vulnerability affecting devices running Andoid 8 (Oreo) or later, tracked as CVE-2019-2114, could be exploited by hackers to infect them via NFC beaming. Google has recently released a patch to address a vulnerability affecting devices running Android 8 (Oreo) or later, tracked as CVE-2019-2114, that could be exploited to infect nearby phones via NFC […] | Malware Vulnerability | ||
|
2019-10-31 15:48:55 | China-linked APT41 group targets telecommunications companies with new backdoor (lien direct) | China-linked APT41 group is targeting telecommunications companies with a new piece of malware used to spy on text messages of highly targeted individuals. Researchers at FireEye discovered a new backdoor tracked as MessageTap that China-linked APT41 group are using to spy on text messages sent or received by highly targeted individuals The experts found the […] | Malware Guideline | APT 41 | |
|
2019-10-30 15:05:34 | It\'s official, administrative network at Kudankulam Nuclear Power Plant was infected with DTrack (lien direct) | The news is shocking, the Kudankulam Nuclear Power Plant (KNPP) that initially denied a malware infection, now admits the security breach. Yesterday a worrying news made the headlines, the Kudankulam Nuclear Power Plant (KKNPP) was hit by a cyber attack. Some users are claiming on the social media that a piece of the 'DTrack' malware has infected […] | Malware | ||
|
2019-10-30 12:12:52 | Xhelper, a new piece of Android malware that is infecting 2K+ devices each month (lien direct) | A new piece of malware dubbed Xhelper has infected more than 45,000 Android devices in just the last six months and is continuing to spread. The campaign began months ago, a new piece of malware dubbed Xhelper has infected more than 45,000 Android devices in just six months and is continuing to spread at a […] | Malware | ||
|
2019-10-28 08:07:41 | Raccoon info stealer already infected 100,000+ worldwide (lien direct) | A new information stealer, dubbed Raccoon, made the headlines infecting hundreds of millions of victims worldwide. Security experts at Cybereason have spotted a new information stealer, dubbed Raccoon, that is infecting hundreds of millions of victims worldwide. The malware was designed to steal victims' credit card data, email credentials, cryptocurrency wallets, and other sensitive data. […] | Malware | ||
|
2019-10-25 06:49:12 | Experts attribute NukeSped RAT to North Korea-Linked hackers (lien direct) | Experts at Fortinet analyzed NukeSped malware samples that share multiple similarities with malware associated with North Korea-linked APTs. Fortinet has analyzed the NukeSped RAT that is believed to be a malware in the arsenal of the Lazarus North-Korea linked APT group. The attribution to the Lazarus group is based on the similarities with other malware […] | Malware Medical | APT 38 |
To see everything:
Our RSS (filtrered)
