What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-07-24 10:43:05 | Ransomware: Most Popular Malware in Underground Forums (lien direct) | Through the analysis of over 3.9 million posts on underground hacker and malware forums, a new report illustrates the most common malware and threats being discussed. [...] | Malware | ||
|
2019-07-19 16:46:01 | iNSYNQ Cloud Hosting Provider Hit by Ransomware Attack (lien direct) | Cloud computing provider iNSYNQ experienced a ransomware attack which forced the company to shut down some of its servers to contain the malware infection from spreading and affecting more customer data. [...] | Ransomware Malware | ||
|
2019-07-18 12:31:02 | New Malware Framework Uses Browser Extension for Ad Fraud (lien direct) | Researchers unearthed a new and highly prolific malware framework used by its creators to generate over one billion fraudulent ad impressions over a time span of just three months. [...] | Malware | ||
|
2019-07-18 07:03:00 | New Okrum Malware Used by Ke3chang Group to Target Diplomats (lien direct) | Updated malware implants and a new backdoor named Okrum connected with the Ke3chang threat group operating from China have been found by ESET researchers while monitoring their operations between 2015 and 2019. [...] | Malware Threat | APT 15 APT 25 | |
|
2019-07-17 13:28:01 | New EvilGnome Backdoor Spies on Linux Users, Steals Their Files (lien direct) | A new Linux malware masquerading as a Gnome shell extension and designed to spy on unsuspecting Linux desktop users was discovered by Intezer Labs' researchers in early July. [...] | Malware | ||
|
2019-07-17 10:34:01 | Trojan-Riddled WinRAR, Winbox, IDM Spreads StrongPity Spyware (lien direct) | Some versions of WinRAR file compression tool and Winbox software for managing MikroTik users have been tampered with to install malware serving an advanced threat actor. This campaign may have started in the second half of 2018 and continues today. [...] | Malware Tool Threat | ||
|
2019-07-15 13:36:01 | New DoppelPaymer Ransomware Emerges from BitPaymer\'s Code (lien direct) | Malware researchers have discovered a new file-encrypting malware they dubbed DoppelPaymer that has been making victims since at least mid-June, asking hundreds of thousands of US dollars in ransom. [...] | Ransomware Malware | ||
|
2019-07-12 05:44:05 | Fake DeepNude Downloads Gives You Malware Instead of Nudes (lien direct) | Cybercriminals are using the notoriety of the DeepNude app to distribute info-stealing malware in campaigns over YouTube that promise a cracked premium version of the program for Windows, Android, and iOS. [...] | Malware | ||
|
2019-07-10 15:52:05 | Hackers Infect Pale Moon Archive Server With a Malware Dropper (lien direct) | The Pale Moon web browser team announced today that their Windows archive servers were breached an the hackers infected all archived installers of Pale Moon 27.6.2 and below with a malware dropper on December 27, 2017. [...] | Malware | ||
|
2019-07-10 09:27:05 | 25 Million Android Devices Infected by \'Agent Smith\' Malware (lien direct) | Malware researchers discovered a new malicious campaign for Android devices that replaces legitimate apps with tainted copies built to push advertisements or hijack valid ad events. [...] | Malware | ||
|
2019-07-08 13:07:04 | Microsoft Discovers Fileless Astaroth Trojan Campaign (lien direct) | A fileless malware campaign used by attackers to drop the information stealing Astaroth Trojan into the memory of infected computers was detected by Microsoft Defender ATP Research Team researchers. [...] | Malware | ||
|
2019-07-08 10:51:04 | Backdoored Torrents Infect Movie, TV Fans with GoBot2 Malware (lien direct) | TV show and movie fans are being targeted by a malicious campaign that distributes a GoBot2 backdoor variant via files downloaded from several South Korean and Chinese torrent sites. [...] | Malware | ||
|
2019-07-04 10:39:01 | New Backdoor and Malware Downloader Used in TA505 Spam Campaigns (lien direct) | Several malicious spam campaigns are distributing new malware strains according to Trend Micro researchers, with the Gelup downloader and the FlowerPippi backdoor being used to attack targets from the Middle East, Japan, India, the Philippines, and Argentina. [...] | Spam Malware | ||
|
2019-07-03 15:31:02 | Outlook Flaw Exploited by Iranian APT33, US CyberCom Issues Alert (lien direct) | US Cyber Command issued a malware alert on Twitter regarding the active exploitation of the CVE-2017-11774 Outlook vulnerability to attack US government agencies, allowing the attackers to execute arbitrary commands on compromised systems. [...] | Malware Vulnerability | APT33 APT 33 | |
|
2019-07-03 13:36:04 | New Godlua Malware Evades Traffic Monitoring via DNS over HTTPS (lien direct) | A Lua-based backdoor malware capable of targeting both Linux and Windows users while securing its communication channels via DNS over HTTPS (DoH) was discovered by researchers at Network Security Research Lab of Qihoo 360. [...] | Malware | ||
|
2019-07-01 13:10:00 | Malware Loader Goes Through Heaven\'s Gate to Avoid Detection (lien direct) | Researchers discovered a malware loader specifically designed by its developers to hide in plain sight and allow the payload to evade detection by anti-malware solutions by injecting into the memory of compromised computers. [...] | Malware | ||
|
2019-06-26 18:26:00 | New Silex Malware Trashes IoT Devices Using Default Passwords (lien direct) | A teen coder and his team developed a new malware named Silex that bricked poorly protected IoT devices by the thousands in a short period of time. [...] | Malware | ||
|
2019-06-25 09:55:04 | Malspam Campaigns Hide Infostealers in ISO Image Files (lien direct) | Multiple malicious campaigns observed in April concealed LokiBot and Nanocore malware inside ISO image files small enough to fit into an email attachment. [...] | Malware | ||
|
2019-06-21 11:44:02 | Microsoft Warns of Campaign Dropping Flawedammyy Rat in Memory (lien direct) | Microsoft issued a warning about an active spam campaign that tries to infect Korean targets with a FlawedAmmyy RAT malware distributed via malicious XLS attachments. [...] | Spam Malware | ||
|
2019-06-20 13:31:01 | DanaBot Banking Trojan Upgraded with \'Non Ransomware\' Module (lien direct) | A new malicious campaign is distributing an upgraded variant of DanaBot that comes with a new ransomware module used to target potential victims from Italy and Poland via phishing emails which deliver malware droppers. [...] | Ransomware Malware | ||
|
2019-06-20 11:50:02 | Firefox 0-day Used in Targeted Attacks Against Cryptocurrency Firms (lien direct) | The employees of Coinbase and other cryptocurrency firms were the target of an attack utilizing a recent Firefox zero-day and malware payloads in order to gain access to victim's computers, networks, and sensitive information. [...] | Malware | ||
|
2019-06-20 11:01:05 | Linux Cryptominer Uses Virtual Machines to Attack Windows, macOS (lien direct) | A new cryptocurrency mining malware dubbed LoudMiner uses virtualization software to deploy a Linux XMRig coinminer variant on Windows and macOS systems via a Tiny Core Linux virtual machine. [...] | Malware | ||
|
2019-06-19 17:40:02 | (Déjà vu) Cryptominer Uses Cron To Reinfect Linux Host After Removal (lien direct) | A cryptomining dropper malware has been spotted by security researchers while gaining persistence on Linux hosts by adding cron jobs to reinfect the compromised machines after being removed. [...] | Malware | ||
|
2019-06-19 17:40:02 | (Déjà vu) Malware Dropper Infects Linux Hosts with Resilient Cryptominer (lien direct) | A cryptomining dropper malware has been spotted by security researchers while gaining persistence on Linux hosts by adding cron jobs to reinfect the compromised machines after being removed. [...] | Malware | ||
|
2019-06-19 15:38:05 | Modular Plurox Malware Is a Wormable Backdoor Cryptominer (lien direct) | A new modular backdoor malware strain capable of mining cryptocurrencies and of spreading to other machines on the local network with the help of SMB and UPnP plugins has been detected by Kaspersky security researchers. [...] | Malware | ||
|
2019-06-17 11:55:00 | Android Malware Bypasses 2FA by Stealing One-Time Passwords (lien direct) | Researchers monitoring malware that affects Android devices discovered malicious apps that can steal one-time passwords (OTP) from the notification system. This development bypasses Google's ban on apps that access SMS and call logs without justification. [...] | Malware | ||
|
2019-06-17 10:12:00 | Samsung\'s Smart TV Malware Scan Reminder Met by User Criticism (lien direct) | Samsung issued a reminder for customers to scan their Internet-connected Smart QLED TVs for malware to prevent malicious campaigns from targeting their devices and use them as part of cyber attacks. [...] | Malware | ||
|
2019-06-14 13:59:03 | New WSH RAT Malware Targets Bank Customers with Keyloggers (lien direct) | Security researchers have discovered an ongoing phishing campaign distributing a new remote access trojan (RAT) and actively targeting commercial banking customers with keyloggers and information stealers. [...] | Malware | ||
|
2019-06-14 11:48:00 | Exposed Docker APIs Abused by DDoS, Cryptojacking Botnet Malware (lien direct) | Attackers are actively scanning for exposed Docker APIs on port 2375 and use them to deploy a malicious payload which drops a Dofloo Trojan variant, a malware known as a popular tool for building large scale botnets. [...] | Malware Tool | ||
|
2019-06-13 17:09:03 | Twitter URLs Can Be Manipulated to Spread Fake News and Scams (lien direct) | The way Twitter creates URLs to a tweet could be abused for unscrupulous purposes that range from running disinformation campaigns to spreading malware or tricking users into landing on a malicious web page. [...] | Malware | ||
|
2019-06-05 12:57:05 | Fake Cryptocurrency Trading Site Pushes Crypto Stealing Malware (lien direct) | Malware distributors have setup a site that impersonates the legitimate Cryptohopper cryptocurrency trading platform in order to distribute malware payloads such as information-stealing Trojans, miners, and clipboard hijackers. [...] | Malware | ||
|
2019-06-04 13:30:00 | Attackers Stitch Together Frankenstein Campaign Using Free Tools (lien direct) | Threat actors behind a highly-targeted series of cyber attacks spanning from January to April 2019 have been seen employing malicious tools built using freely available components to infect victims with malware designed to harvest credentials. [...] | Malware Threat | ||
|
2019-06-01 13:31:00 | Microsoft Azure Being Used to Host Malware and C2 Servers (lien direct) | Microsoft's Azure cloud services have become an attractive option for cybercriminals to store malicious content. From phishing templates to malware and command and control services, it seems that crooks found a new place for them. [...] | Malware | ||
|
2019-05-30 12:36:05 | POS Malware Steals Payment Info From 103 Checkers Restaurants (lien direct) | The Checkers and Rally's chain of double drive-thru restaurants disclosed a security breach which allowed attackers to steal payment card data from customers after infecting the point-of-sale (POS) systems in 103 locations from 20 states with malware. [...] | Malware | ||
|
2019-05-29 15:45:00 | YouTube Cryptocurrency Videos Pushing Info-Stealing Trojan (lien direct) | A scam and malware campaign is underway on YouTube that uses videos to promote a "bitcoin generator" tool that promises to generate free bitcoins for its users. In reality, this scam is pushing the Qulab information-stealing and clipboard hijacking Trojan. [...] | Malware Tool | ||
|
2019-05-28 12:08:04 | Emotet Botnet Behind Most Email-Based Threats in Q1 2019 (lien direct) | The multifunctional Emotet botnet malware was the most prevalent email-based threat in the first three months of the year, showing it is among the top choices for cybercriminals. [...] | Malware Threat | ★★★★★ | |
|
2019-05-27 12:20:01 | Malspam Campaigns Use HawkEye Keylogger to Target Businesses (lien direct) | Attackers have been observed targeting businesses on a worldwide scale during the last two months with the HawkEye keylogger malware according to a report from IBM X-Force. [...] | Malware | ||
|
2019-05-25 14:14:00 | Sectigo Responds to Chronicle\'s Report About Malware Signed by Their Certs (lien direct) | Following Chronicle's study on signed malware registered on VirusTotal scanning service over a one-year period, Sectigo carried their own investigation to identify abused certificates and revoke them. [...] | Malware | ||
|
2019-05-23 15:55:04 | Upgraded JasperLoader Malware Adds Anti-Analysis Mechanisms (lien direct) | A new and upgraded variant of the JasperLoader malware downloader has been observed in the wild actively targeting Italian victims and featuring new capabilities such as extra layers of obfuscation, anti-analysis mechanisms, and geofencing abilities. [...] | Malware | ||
|
2019-05-22 11:15:05 | Volume of Signed Malware Increases, CAs Need Better Vetting (lien direct) | Digitally signed threats with a valid certificate are no longer the mark of a nation-state, sophisticated attacker. The number of malware samples signed with a valid certificate found on VirusTotal is in the thousands. [...] | Malware | ||
|
2019-05-22 06:36:01 | Zebrocy Operators Also Look for Browser and Email Databases (lien direct) | Malware researchers analyzing the Zebrocy kit determined that the operators run commands manually to collect information of interest from infected systems. [...] | Malware | ||
|
2019-05-16 09:17:04 | GozNym Cybercrime Group Behind $100 Million Damages Dismantled (lien direct) | Ten members of the GozNym cybercriminal group which used the Avalanche malware distribution network to launch malware attacks against businesses and financial institutions were indicted today for computer fraud conspiracy, wire and bank fraud conspiracy, and money laundering. [...] | Malware | ||
|
2019-05-14 13:00:00 | Microsoft Fixes Critical Remote Desktop Flaw, Blocks Worm Malware (lien direct) | Microsoft patched today a critical Remote Code Execution vulnerability found in the Remote Desktop Services platform which can allow malicious actors to create malware designed to propagate between computers running vulnerable RDS installations. [...] | Malware | ||
|
2019-05-10 16:36:00 | Nigerian BEC Scammers Shifting to RATs As Tool of Choice (lien direct) | Scammers running business email compromise (BEC) fraud have grown in number, attack more often, and turn to remote access trojans as the preferred malware type to accompany their raids. [...] | Malware Tool | ||
|
2019-05-09 16:59:05 | (Déjà vu) North Korean Hackers Use ELECTRICFISH Malware to Steal Data (lien direct) | The Federal Bureau of Investigation (FBI) and the U.S. Department of Homeland Security (DHS) have issued a joint malware analysis report (MAR) on a new malware strain dubbed ELECTRICFISH and used by the North-Korean APT group Lazarus to exfiltrate data from victims. [...] | Malware | APT 38 | |
|
2019-05-09 16:39:05 | Site Promoting KeePass Password Manager Pushes Malware (lien direct) | A site that pretends to promote the popular KeePass password management software is actually distributing malware on unsuspecting visitors. This site is part of a larger network of sites distributing adware bundles as free programs. [...] | Malware | ||
|
2019-05-07 11:29:04 | Confluence Servers Hacked to Install Miners and Rootkits (lien direct) | After getting pounded with ransomware and malware for deploying distributed denial-of-service (DDoS) attacks, unpatched Confluence servers are now compromised to mine for cryptocurrency. [...] | Ransomware Malware | ★★★★ | |
|
2019-04-29 16:44:00 | Botnet of Over 100K Devices Used to DDoS Electrum Servers (lien direct) | The malicious actors behind the DDoS attacks against Electrum Bitcoin wallet users have switched to a new malware loader for their botnet Trojan, after previously using the Smoke Loader tool and the RIG exploit kit. [...] | Malware Tool | ||
|
2019-04-27 14:05:01 | Europeans Hit with Multi-Stage Malware Loader via Signed Malspam (lien direct) | Multiple malicious spam campaigns using signed emails have been observed while distributing the GootKit (aka talalpek or Xswkit) banking Trojan with the help of a multi-stage malware loader dubbed JasperLoader over the past few months. [...] | Spam Malware | ||
|
2019-04-12 13:10:04 | Malware Creates Cryptominer Botnet Using EternalBlue and Mimikatz (lien direct) | A malware campaign is actively attacking Asian targets using the EternalBlue exploit and taking advantage of Living off the Land obfuscated PowerShell-based scripts to drop Trojans and a Monero coinminer on compromised machines. [...] | Malware |
To see everything:
Our RSS (filtrered)
