What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-09-03 10:12:14 | Malware dev open-sources CodeRAT after being exposed (lien direct) | The source code of a remote access trojan (RAT) dubbed 'CodeRAT' has been leaked on GitHub after malware analysts confronted the developer about attacks that used the tool. [...] | Malware | ||
|
2022-09-02 14:47:17 | Dev backdoors own malware to steal data from other hackers (lien direct) | Cybercriminals using Prynt Stealer to collect data from victims are being swindled by the malware developer, who also receives a copy of the info over Telegram messaging service. [...] | Malware | ||
|
2022-08-30 18:08:01 | Hackers hide malware in James Webb telescope images (lien direct) | Threat analysts have spotted a new malware campaign dubbed 'GO#WEBBFUSCATOR' that relies on phishing emails, malicious documents, and space images from the James Webb telescope to spread malware. [...] | Malware Threat | ||
|
2022-08-30 13:26:40 | Chinese hackers target Australian govt with ScanBox malware (lien direct) | China-based threat actors have been targeting Australian government agencies and wind turbine fleets in the South China Sea by directing select individuals to a fake impersonating an Australian news media outlet. [...] | Malware Threat | ||
|
2022-08-29 13:19:02 | Windows malware delays coinminer install by a month to evade detection (lien direct) | A new malware campaign disguised as Google Translate or MP3 downloader programs was found distributing cryptocurrency mining malware across 11 countries. [...] | Malware | ||
|
2022-08-27 11:14:07 | Fake \'Cthulhu World\' P2E project used to push info-stealing malware (lien direct) | Hackers have created a fake 'Cthulhu World' play-to-earn community, including websites, Discord groups, social accounts, and a Medium developer site, to distribute the Raccoon Stealer, AsyncRAT, and RedLine password-stealing malware infections on unsuspecting victims. [...] | Malware | ||
|
2022-08-25 18:33:35 | How \'Kimsuky\' hackers ensure their malware only reach valid targets (lien direct) | The North Korean 'Kimsuky' threat actors are going to great lengths to ensure that their malicious payloads are only downloaded by valid targets and not on the systems of security researchers. [...] | Malware Threat | ||
|
2022-08-25 12:36:49 | Microsoft: Russian malware hijacks ADFS to log in as anyone in Windows (lien direct) | Microsoft has discovered a new malware used by the Russian hacker group APT29 (a.k.a. NOBELIUM, Cozy Bear) that enables authentication as anyone in a compromised network. [...] | Malware | APT 29 | ★★★ |
|
2022-08-25 07:18:40 | PyPI packages hijacked after developers fall for phishing emails (lien direct) | A phishing campaign caught yesterday was seen targeting maintainers of Python packages published to the PyPI registry. Python packages 'exotel' and 'spam' are among hundreds seen laced with malware after attackers successfully compromised accounts of maintainers who fell for the phishing email. [...] | Malware | ||
|
2022-08-23 18:02:04 | Pirated 3DMark benchmark tool delivering info-stealer malware (lien direct) | Cybersecurity researchers have discovered multiple ongoing malware distribution campaigns that target internet users who seek to download copies of pirated software. [...] | Malware Tool | ||
|
2022-08-21 12:27:34 | An encrypted ZIP file can have two correct passwords - here\'s why (lien direct) | Password-protected ZIP archives are common means of compressing and sharing sets of files-from sensitive documents to malware samples to even malware (phishing "invoices" in emails). But, did you know it is possible for an encrypted ZIP file to have two correct passwords, with both producing the same outcome on extraction? [...] | Malware | ||
|
2022-08-20 11:15:30 | WordPress sites hacked with fake Cloudflare DDoS alerts pushing malware (lien direct) | WordPress sites are being hacked to display fake Cloudflare DDoS protection pages to distribute malware that installs the NetSupport RAT and the RaccoonStealer password-stealing Trojan. [...] | Malware | ||
|
2022-08-19 14:58:29 | Grandoreiro banking malware targets manufacturers in Spain, Mexico (lien direct) | The notorious 'Grandoreiro' banking trojan was spotted in recent attacks targeting employees of a chemicals manufacturer in Spain and workers of automotive and machinery makers in Mexico. [...] | Malware | ||
|
2022-08-18 15:19:28 | Android malware apps with 2 million installs found on Google Play (lien direct) | A new batch of thirty-five Android malware apps that display unwanted advertisements was found on the Google Play Store, with the apps installed over 2 million times on victims' mobile devices. [...] | Malware | ||
|
2022-08-17 13:01:42 | North Korean hackers use signed macOS malware to target IT job seekers (lien direct) | North Korean hackers from the Lazarus group have been using a signed malicious executable for macOS to impersonate Coinbase and lure in employees in the financial technology sector. [...] | Malware Medical | APT 38 | |
|
2022-08-17 12:11:18 | (Déjà vu) Malicious PyPi packages turn Discord into password-stealing malware (lien direct) | A dozen malicious PyPi packages have been discovered installing malware that modifies the Discord client to become an information-sealing backdoor and stealing data from web browsers and Roblox. [...] | Malware | ||
|
2022-08-17 12:11:18 | A dozen PyPI packages turn Discord into an info-stealing backdoor (lien direct) | A dozen malicious PyPi packages have been discovered installing malware that modifies the Discord client to become an information-sealing backdoor and stealing data from web browsers and Roblox. [...] | Malware | ||
|
2022-08-17 10:00:00 | Malware devs already bypassed Android 13\'s new security feature (lien direct) | Android malware developers are already adjusting their tactics to bypass a new 'Restricted settings' security feature introduced by Google in the newly released Android 13. [...] | Malware | ||
|
2022-08-13 10:12:06 | SOVA malware adds ransomware feature to encrypt Android devices (lien direct) | The SOVA Android banking trojan continues to evolve with new features, code improvements, and the addition of a new ransomware feature that encrypts files on mobile devices. [...] | Ransomware Malware | ★★★ | |
|
2022-08-12 16:45:00 | Chinese hackers backdoor chat app with new Linux, macOS malware (lien direct) | Versions of a cross-platform instant messenger application focused on the Chinese market known as 'MiMi' have been trojanized to deliver a new backdoor (dubbed rshell) that can be used to steal data from Linux and macOS systems. [...] | Malware | ★★★★ | |
|
2022-08-10 14:04:44 | Hacker uses new RAT malware in Cuba Ransomware attacks (lien direct) | A member of the Cuba ransomware operation is employing previously unseen tactics, techniques, and procedures (TTPs), including a novel RAT (remote access trojan) and a new local privilege escalation tool. [...] | Ransomware Malware | ★★★★★ | |
|
2022-08-09 10:02:04 | Hackers install Dracarys Android malware using modified Signal app (lien direct) | Researchers have discovered more details on the newly discovered Android spyware 'Dracarys,' used by the Bitter APT group in cyberespionage operations targeting users from New Zealand, India, Pakistan, and the United Kingdom. [...] | Malware | ||
|
2022-08-08 09:36:53 | Chinese hackers use new Windows malware to backdoor govt, defense orgs (lien direct) | An extensive series of attacks detected in January used new Windows malware to backdoor government entities and organizations in the defense industry from several countries in Eastern Europe. [...] | Malware | ||
|
2022-08-05 10:40:33 | Facebook finds new Android malware used by APT hackers (lien direct) | Meta (Facebook) has released its Q2 2022 adversarial threat report, and among the highlights is the discovery of two cyber-espionage clusters connected to hacker groups known as 'Bitter APT' and APT36 (aka 'Transparent Tribe') using new Android malware. [...] | Malware Threat | APT 36 | |
|
2022-08-04 12:22:22 | New Linux malware brute-forces SSH servers to breach networks (lien direct) | A new botnet called 'RapperBot' has emerged in the wild since mid-June 2022, focusing on brute-forcing its way into Linux SSH servers and then establishing persistence. [...] | Malware | ||
|
2022-08-04 11:55:29 | Cybersecurity agencies reveal last year\'s top malware strains (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a list of the topmost detected malware strains last year in a joint advisory with the Australian Cyber Security Centre (ACSC). [...] | Malware | ||
|
2022-08-03 18:35:14 | Russian organizations attacked with new Woody RAT malware (lien direct) | Unknown attackers target Russian entities with newly discovered malware that allows them to control and steal information from compromised devices remotely. [...] | Malware | ||
|
2022-08-03 17:43:59 | Cloned Atomic Wallet website is pushing Mars Stealer malware (lien direct) | A fake website impersonating the official portal for the Atomic wallet, a popular decentralized wallet that also operates as a cryptocurrency exchange portal, is, in reality, distributing copies of the Mars Stealer information-stealing malware. [...] | Malware | ||
|
2022-08-03 16:35:51 | Windows 11 Smart App Control blocks files used to push malware (lien direct) | Smart App Control, a Windows 11 security feature that blocks threats at the process level, now comes with support for blocking several new file types threat actors have recently adopted to infect targets with malware in phishing attacks. [...] | Malware Threat | ||
|
2022-08-03 05:11:19 | 35,000 code repos not hacked-but clones flood GitHub to serve malware (lien direct) | Thousands of GitHub repositories were forked (cloned) and altered to include malware, a software engineer discovered. [...] | Malware | ★★★★ | |
|
2022-08-02 12:00:00 | Wolf in sheep\'s clothing: how malware tricks users and antivirus (lien direct) | One of the primary methods used by malware distributors to infect devices is by deceiving people into downloading and running malicious files, and to achieve this deception, malware authors are using a variety of tricks. [...] | Malware | ★★★★★ | |
|
2022-07-29 07:31:00 | Microsoft links Raspberry Robin malware to Evil Corp attacks (lien direct) | Microsoft has discovered that an access broker it tracks as DEV-0206 uses the Raspberry Robin Windows worm to deploy a malware downloader on networks where it also found evidence of malicious activity matching Evil Corp tactics. [...] | Malware | ||
|
2022-07-28 10:13:54 | Malicious npm packages steal Discord users\' payment card info (lien direct) | Multiple npm packages are being used in an ongoing malicious campaign to infect Discord users with malware that steals their payment card information. [...] | Malware | ||
|
2022-07-28 05:00:00 | As Microsoft blocks Office macros, hackers find new attack vectors (lien direct) | Hackers who normally distributed malware via phishing attachments with malicious macros gradually changed tactics after Microsoft Office began blocking them by default, switching to new file types such as ISO, RAR, and Windows Shortcut (LNK) attachments. [...] | Malware | ||
|
2022-07-27 11:09:43 | Microsoft: Windows, Adobe zero-days used to deploy Subzero malware (lien direct) | Microsoft has linked a threat group it tracks as Knotweed to a cyber mercenary outfit (aka private-sector offensive actor) named DSIRF, targeting European and Central American entities using a malware toolset dubbed Subzero. [...] | Malware Threat | ||
|
2022-07-26 13:21:59 | New Android malware apps installed 10 million times from Google Play (lien direct) | A new batch of malicious Android apps filled with adware and malware was found on the Google Play Store that have been installed close to 10 million times on mobile devices. [...] | Malware | ||
|
2022-07-25 21:37:04 | CosmicStrand UEFI malware found in Gigabyte, ASUS motherboards (lien direct) | Chinese-speaking hackers have been using since at least 2016 malware that lies virtually undetected in the firmware images for some motherboards, one of the most persistent threats commonly known as a UEFI rootkit. [...] | Malware | ||
|
2022-07-25 14:30:47 | Source code for Rust-based info-stealer released on hacker forums (lien direct) | A malware author released the source code of their info-stealer for free on hacking forums earlier this month, and security analysts already report observing several samples being deployed in the wild. [...] | Malware | ★★★★★ | |
|
2022-07-24 12:11:22 | Amadey malware pushed via software cracks in SmokeLoader campaign (lien direct) | A new version of the Amadey Bot malware is distributed through the SmokeLoader malware, using software cracks and keygen sites as lures. [...] | Malware | ||
|
2022-07-24 11:18:09 | QBot phishing uses Windows Calculator sideloading to infect devices (lien direct) | The operators of the QBot malware have been using the Windows Calculator to side-load the malicious payload on infected computers. [...] | Malware | ||
|
2022-07-23 12:08:04 | North Korean hackers attack EU targets with Konni RAT malware (lien direct) | Threat analysts have uncovered a new campaign attributed to APT37, a North Korean group of hackers, targeting high-value organizations in the Czech Republic, Poland, and other European countries. [...] | Malware Threat Cloud | APT 37 | |
|
2022-07-21 05:42:43 | New \'Lightning Framework\' Linux malware installs rootkits, backdoors (lien direct) | A new and previously undetected malware dubbed 'Lightning Framework' targets Linux systems and can be used to backdoor infected devices using SSH and deploy multiple types of rootkits. [...] | Malware | ||
|
2022-07-19 14:19:59 | Malicious Android apps with 300K installs found on Google Play (lien direct) | Cybersecurity researchers have discovered three Android malware families infiltrating the Google Play Store, hiding their malicious payloads inside many seemingly innocuous applications. [...] | Malware | ||
|
2022-07-19 13:06:41 | Google catches Turla hackers deploying Android malware in Ukraine (lien direct) | Google's Threat Analysis Group (TAG), whose primary goal is to defend Google users from state-sponsored attacks, said today that Russian-backed threat groups are still focusing their attacks on Ukrainian organizations. [...] | Malware Threat | ||
|
2022-07-19 05:30:00 | New CloudMensis malware backdoors Macs to steal victims\' data (lien direct) | Unknown threat actors are using previously undetected malware to backdoor macOS devices and exfiltrate information in a highly targeted series of attacks. [...] | Malware Threat | ||
|
2022-07-16 10:11:12 | (Déjà vu) Elastix VoIP systems hacked in massive campaign to install PHP web shells (lien direct) | Threat analysts have uncovered a large-scale campaign targeting Elastix VoIP telephony servers with more than 500,000 malware samples over a period of three months. [...] | Malware Threat | ||
|
2022-07-16 10:11:12 | Massive campaign hits Elastix VoIP systems with 500,000 unique malware samples (lien direct) | Threat analysts have uncovered a large-scale campaign targeting Elastix VoIP telephony servers with more than 500,000 malware samples over a period of three months. [...] | Malware Threat | ||
|
2022-07-15 13:46:43 | Password recovery tool infects industrial systems with Sality malware (lien direct) | A threat actor is infecting industrial control systems (ICS) to create a botnet through password "cracking" software for programmable logic controllers (PLCs). [...] | Malware Tool Threat | ||
|
2022-07-13 11:00:33 | New Android malware on Google Play installed 3 million times (lien direct) | A new Android malware family on the Google Play Store that secretly subscribes users to premium services was downloaded over 3,000,000 times. [...] | Malware | ||
|
2022-07-07 17:04:09 | Fake copyright complaints push IcedID malware using Yandex Forms (lien direct) | [...] | Malware |
To see everything:
Our RSS (filtrered)
