What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-11-01 06:48:34 | Google ad for GIMP.org served info-stealing malware via lookalike site (lien direct) | Searching for 'GIMP' on Google as recently as last week would show visitors an ad for 'GIMP.org,' the official website of the well known graphics editor, GNU Image Manipulation Program. But clicking on it drove visitors to a lookalike phishing website that provided them with a 700 MB executable disguised as GIMP which was malware. [...] | Malware | ||
|
2022-10-31 11:34:52 | Hacking group abuses antivirus software to launch LODEINFO malware (lien direct) | The Chinese Cicada hacking group, tracked as APT10, was observed abusing security software to install a new version of the LODEINFO malware against Japanese organizations. [...] | Malware | APT 10 | |
|
2022-10-28 16:08:28 | The Week in Ransomware - October 28th 2022 - Healthcare leaks (lien direct) | This week, we learned of healthcare data leaks out of Australia, information about existing attacks, and reports on how ransomware gangs operate and partner with malware developers for initial access. [...] | Ransomware Malware | ||
|
2022-10-28 06:00:00 | Hackers use Microsoft IIS web server logs to control malware (lien direct) | The Cranefly hacking group, aka UNC3524, uses a previously unseen technique of controlling malware on infected devices via Microsoft Internet Information Services (IIS) web server logs. [...] | Malware | ||
|
2022-10-28 06:00:00 | Android malware droppers with 130K installs found on Google Play (lien direct) | A set of Android malware droppers were found infiltrating the Google Play store to install malicious programs by pretending to be app updates. [...] | Malware | ||
|
2022-10-27 13:10:18 | Drinik Android malware now targets users of 18 Indian banks (lien direct) | A new version of the Drinik Android banking trojan targets 18 Indian banks, masquerading as the country's official tax management app to steal victims' personal information and banking credentials. [...] | Malware | ||
|
2022-10-25 15:02:37 | Ukrainian charged for operating Raccoon Stealer malware service (lien direct) | 26-year-old Ukrainian national Mark Sokolovsky has been charged for his involvement in the Raccoon Stealer malware-as-a-service (MaaS) cybercrime operation. [...] | Malware | ||
|
2022-10-23 11:15:19 | Thousands of GitHub repositories deliver fake PoC exploits with malware (lien direct) | Researchers at the Leiden Institute of Advanced Computer Science found thousands of repositories on GitHub that offer fake proof-of-concept (PoC) exploits for various vulnerabilities, some of them including malware. [...] | Malware | ||
|
2022-10-23 10:17:34 | Typosquat campaign mimics 27 brands to push Windows, Android malware (lien direct) | A massive, malicious campaign is underway using over 200 typosquatting domains that impersonate twenty-seven brands to trick visitors into downloading various Windows and Android malware. [...] | Malware | ||
|
2022-10-20 16:00:37 | Ursnif malware switches from bank account theft to initial access (lien direct) | A new version of the Ursnif malware (a.k.a. Gozi) emerged as a generic backdoor, stripped of its typical banking trojan functionality. [...] | Malware | ||
|
2022-10-20 11:03:41 | OldGremlin hackers use Linux ransomware to attack Russian orgs (lien direct) | OldGremlin, one of the few ransomware groups attacking Russian corporate networks, has expanded its toolkit with file-encrypting malware for Linux machines. [...] | Ransomware Malware | ||
|
2022-10-16 10:07:14 | New PHP information-stealing malware targets Facebook accounts (lien direct) | Threat analysts have spotted a new Ducktail campaign using a new infostealer variant and novel TTPs (tactics, techniques, and procedures), while the Facebook users it targets are no longer limited to holders of business accounts. [...] | Malware Threat | ||
|
2022-10-11 05:30:00 | Hacking group POLONIUM uses \'Creepy\' malware against Israel (lien direct) | Security researchers reveal previously unknown malware used by the cyber espionage hacking group 'POLONIUM,' threat actors who appear to target Israeli organizations exclusively. [...] | Malware Threat | ||
|
2022-10-10 16:24:51 | Hackers behind IcedID malware attacks diversify delivery tactics (lien direct) | The threat actors behind IcedID malware phishing campaigns are utilizing a wide variety of distribution methods, likely to determine what works best against different targets. [...] | Malware Threat | ||
|
2022-10-09 15:26:40 | (Déjà vu) Fake Solana Phantom security updates push crypto-stealing malware (lien direct) | Hackers are airdropping NFTs to Solana cryptocurrency owners pretending to be alerts for a new Phantom security update that lead to the installation of password-stealing malware and the theft of cryptocurrency wallets. [...] | Malware Guideline | ||
|
2022-10-09 15:26:40 | Solana Phantom security update NFTs push password-stealing malware (lien direct) | Hackers are airdropping NFTs to Solana cryptocurrency owners pretending to be alerts for a new Phantom security update that lead to the installation of password-stealing malware and the theft of cryptocurrency wallets. [...] | Malware Guideline | ||
|
2022-10-05 12:01:06 | Hundreds of Microsoft SQL servers backdoored with new malware (lien direct) | Security researchers have found a new piece of malware targeting Microsoft SQL servers. Named Maggie, the backdoor has already infected hundreds of machines all over the world. [...] | Malware | ||
|
2022-10-05 07:00:00 | New Android malware \'RatMilad\' can steal your data, record audio (lien direct) | A new Android spyware named 'RatMilad' was discovered targeting mobile devices in the Middle East, used to spy on victims and steal data. [...] | Malware | ||
|
2022-10-04 19:08:56 | (Déjà vu) Hackers stole data from US defense org using Impacket, CovalentStealer (lien direct) | The U.S. Government today released an alert about state-backed hackers using a custom CovalentStealer malware and the Impacket framework to steal sensitive data from a U.S. organization in the Defense Industrial Base (DIB) sector. [...] | Malware | ||
|
2022-10-04 19:08:56 | US Govt: Hackers stole data from US defense org using new malware (lien direct) | The U.S. Government today released an alert about state-backed hackers using a custom CovalentStealer malware and the Impacket framework to steal sensitive data from a U.S. organization in the Defense Industrial Base (DIB) sector. [...] | Malware | ||
|
2022-10-03 13:58:56 | Live support service hacked to spread malware in supply chain attack (lien direct) | The official installer for the Comm100 Live Chat application, a widely deployed SaaS (software-as-a-service) that businesses use for customer communication and website visitors, was trojanized as part of a new supply-chain attack. [...] | Malware | ||
|
2022-09-29 17:14:07 | Hacking group hides backdoor malware inside Windows logo image (lien direct) | Security researchers have discovered a malicious campaign by the 'Witchetty' hacking group, which uses steganography to hide a backdoor malware in a Windows logo. [...] | Malware | ||
|
2022-09-29 09:00:18 | New malware backdoors VMware ESXi servers to hijack virtual machines (lien direct) | Hackers have found a new method to establish persistence on VMware ESXi hypervisors to control vCenter servers and virtual machines for Windows and Linux while avoiding detection. [...] | Malware | ||
|
2022-09-29 03:05:27 | Upgraded Prilex Point-of-Sale malware bypasses credit card security (lien direct) | Security analysts have observed three new versions of Prilex this year, indicating that the authors and operators of the PoS-targeting malware are back to action. [...] | Malware | ||
|
2022-09-28 11:22:22 | New Chaos malware infects Windows, Linux devices for DDoS attacks (lien direct) | A quickly expanding botnet called Chaos is targeting and infecting Windows and Linux devices to use them for cryptomining and launching DDoS attacks. [...] | Malware | ||
|
2022-09-27 17:08:49 | New NullMixer dropper infects your PC with a dozen malware families (lien direct) | A new malware dropper named 'NullMixer' is infecting Windows devices with a dozen different malware families simultaneously through fake software cracks promoted on malicious sites in Google Search results. [...] | Malware | ||
|
2022-09-27 14:55:43 | Lazarus hackers drop macOS malware via Crypto.com job offers (lien direct) | The North Korean Lazarus hacking group is now using fake 'Crypto.com' job offers to hack developers and artists in the crypto space, likely with a long-term goal of stealing digital assets and cryptocurrency. [...] | Malware Hack | APT 38 | |
|
2022-09-26 15:54:17 | New Erbium password-stealing malware spreads as game cracks, cheats (lien direct) | The new 'Erbium' information-stealing malware is being distributed as fake cracks and cheats for popular video games to steal victims' credentials and cryptocurrency wallets. [...] | Malware | ||
|
2022-09-26 14:40:47 | Hackers use PowerPoint files for \'mouseover\' malware delivery (lien direct) | Hackers believed to work for Russia have started using a new code execution technique that relies on mouse movement in Microsoft PowerPoint presentations to trigger a malicious PowerShell script. [...] | Malware | ||
|
2022-09-25 11:14:27 | Ransomware data theft tool may show a shift in extortion tactics (lien direct) | Data exfiltration malware known as Exmatter and previously linked with the BlackMatter ransomware group is now being upgraded with data corruption functionality that may indicate a new tactic that ransomware affiliates might switch to in the future. [...] | Ransomware Malware Tool | ||
|
2022-09-21 13:55:49 | Malwarebytes mistakenly blocks Google, YouTube for malware (lien direct) | Malwarebytes has addressed a false positive that was blocking users from accessing websites and services hosted on the google.com domain, including Google search and Youtube. [...] | Malware | ||
|
2022-09-20 18:12:15 | 2K Games says hacked help desk targeted players with malware (lien direct) | American video game publisher 2K has confirmed that its help desk platform was hacked and used to target customers with fake support tickets pushing malware via embedded links. [...] | Malware | ||
|
2022-09-20 12:13:10 | (Déjà vu) 2K game support hacked to email RedLine info-stealing malware (lien direct) | Hackers have compromised the support system of American video game publisher 2K and now are sending support tickets to gamers containing the RedLine password-stealing malware. [...] | Malware | ||
|
2022-09-20 12:13:10 | Game dev 2K\'s support site hacked to push malware via fake tickets (lien direct) | Hackers have compromised the support system of American video game publisher 2K and now are sending support tickets to gamers containing the RedLine password-stealing malware. [...] | Malware | ||
|
2022-09-19 14:50:01 | Russian Sandworm hackers pose as Ukrainian telcos to drop malware (lien direct) | The Russian state-sponsored hacking group known as Sandworm has been observed masquerading as telecommunication providers to target Ukrainian entities with malware. [...] | Malware | ||
|
2022-09-19 12:07:36 | VMware, Microsoft warn of widespread Chromeloader malware attacks (lien direct) | The operators of the Chromeloader adware are evolving their attack methods and gradually transforming the low-risk tool into a dangerous malware loader, seen dropping ransomware in some cases. [...] | Ransomware Malware Tool | ||
|
2022-09-17 11:17:23 | Emotet botnet now pushes Quantum and BlackCat ransomware (lien direct) | While monitoring the Emotet botnet's current activity, security researchers found that the malware is now being used by the Quantum and BlackCat ransomware gang to deploy their payloads. [...] | Ransomware Malware | ||
|
2022-09-15 13:35:15 | New malware bundle self-spreads through YouTube gaming videos (lien direct) | A new malware bundle uses victims' YouTube channels to upload malicious video tutorials advertising fake cheats and cracks for popular video games to spread the malicious package further. [...] | Malware | ||
|
2022-09-15 10:38:02 | Russian hackers use new info stealer malware against Ukrainian orgs (lien direct) | Russian hackers have been targeting Ukrainian entities with previously unseen info-stealing malware during a new espionage campaign that is still active. [...] | Malware | ||
|
2022-09-15 06:00:00 | Webworm hackers modify old malware in new attacks to evade attribution (lien direct) | Chinese cyberespionage hackers of the 'Webworm' group are undergoing experimentation, using modified decade-old RATs (remote access trojans) in the wild. [...] | Malware | ||
|
2022-09-14 08:07:28 | Chinese hackers create Linux version of the SideWalk Windows malware (lien direct) | State-backed Chinese hackers have developed a Linux variant for the SideWalk backdoor used against Windows systems belonging to targets in the academic sector. [...] | Malware | ||
|
2022-09-13 11:21:48 | Hackers breach software vendor for Magento supply-chain attacks (lien direct) | Hackers have injected malware in multiple extensions from FishPig, a vendor of Magento-WordPress integrations that count over 200,000 downloads. [...] | Malware | ||
|
2022-09-13 06:00:00 | Cyberspies drop new infostealer malware on govt networks in Asia (lien direct) | Security researchers have identified new cyber-espionage activity focusing on government entities in Asia, as well as state-owned aerospace and defense firms, telecom companies, and IT organizations. [...] | Malware | ||
|
2022-09-09 10:00:00 | Lampion malware returns in phishing attacks abusing WeTransfer (lien direct) | The Lampion malware is being distributed in greater volumes lately, with threat actors abusing WeTransfer as part of their phishing campaigns. [...] | Malware Threat | ||
|
2022-09-08 16:51:52 | Bumblebee malware adds post-exploitation tool for stealthy infections (lien direct) | A new version of the Bumblebee malware loader has been spotted in the wild, featuring a new infection chain that uses the PowerSploit framework for stealthy reflective injection of a DLL payload into memory. [...] | Malware Tool | ||
|
2022-09-07 10:18:39 | New Iranian hacking group APT42 deploys custom Android spyware (lien direct) | A new Iranian state-sponsored hacking group known as APT42 has been discovered using a custom Android malware to spy on targets of interest. [...] | Malware | APT 42 | |
|
2022-09-06 16:40:11 | Moobot botnet is coming for your unpatched D-Link router (lien direct) | The Mirai malware botnet variant known as 'MooBot' has re-emerged in a new attack wave that started early last month, targeting vulnerable D-Link routers with a mix of old and new exploits. [...] | Malware | ||
|
2022-09-06 15:53:09 | Minecraft is hackers\' favorite game title for hiding malware (lien direct) | Security researchers have discovered that Minecraft is the most heavily abused game title by cybercriminals, who use it to lure unsuspecting players into installing malware. [...] | Malware | ||
|
2022-09-06 11:34:48 | New Linux malware evades detection using multi-stage deployment (lien direct) | A new stealthy Linux malware known as Shikitega has been discovered infecting computers and IoT devices with additional payloads. [...] | Malware | ||
|
2022-09-04 10:07:14 | SharkBot malware sneaks back on Google Play to steal your logins (lien direct) | A new and upgraded version of the SharkBot malware has returned to Google's Play Store, targeting banking logins of Android users through apps that have tens of thousands of installations. [...] | Malware |
To see everything:
Our RSS (filtrered)
