What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-12-23 17:33:01 | Stealthy BLISTER malware slips in unnoticed on Windows systems (lien direct) | Security researchers have uncovered a malicious campaign that relies on a valid code-signing certificate to disguise malicious code as legitimate executables. [...] | Malware | ★★★★ | |
|
2021-12-22 12:15:38 | Dridex malware trolls employees with fake job termination emails (lien direct) | A new Dridex malware phishing campaign is using fake employee termination emails as a lure to open a malicious Excel document, which then trolls the victim with a season's greeting message. [...] | Malware | ||
|
2021-12-20 11:33:11 | Log4j vulnerability now used to install Dridex banking malware (lien direct) | Threat actors now exploit the critical Apache Log4j vulnerability named Log4Shell to infect vulnerable devices with the notorious Dridex banking trojan or Meterpreter. [...] | Malware Vulnerability Threat | ||
|
2021-12-19 11:02:01 | New stealthy DarkWatchman malware hides in the Windows Registry (lien direct) | A new malware named 'DarkWatchman' has emerged in the cybercrime underground, and it's a lightweight and highly-capable JavaScript RAT (Remote Access Trojan) paired with a C# keylogger. [...] | Malware | ||
|
2021-12-16 06:00:00 | Phorpiex botnet returns with new tricks making it harder to disrupt (lien direct) | The previously shutdown Phorpiex botnet has re-emerged with new peer-to-peer command and control infrastructure, making the malware more difficult to disrupt. [...] | Malware | ||
|
2021-12-15 16:59:27 | Emotet starts dropping Cobalt Strike again for faster attacks (lien direct) | Right in time for the holidays, the notorious Emotet malware is once again directly installing Cobalt Strike beacons for rapid cyberattacks. [...] | Malware | ||
|
2021-12-14 14:09:44 | Microsoft fixes Windows AppX Installer zero-day used by Emotet (lien direct) | Microsoft has patched a high severity Windows zero-day vulnerability exploited in the wild to deliver Emotet malware payloads. [...] | Malware Vulnerability | ||
|
2021-12-14 13:41:43 | (Déjà vu) Microsoft December 2021 Patch Tuesday fixes 6 zero-days, 67 flaws (lien direct) | Today is Microsoft's December 2021 Patch Tuesday, and with it comes fixes for six zero-day vulnerabilities and a total of 67 flaws. These updates include a fix for an actively exploited Windows Installer vulnerability used in malware distribution campaigns. [...] | Malware Vulnerability | ||
|
2021-12-14 11:25:04 | Anubis Android malware returns to target 394 financial apps (lien direct) | The Anubis Android banking malware is now targeting the customers of nearly 400 financial institutions in a new malware campaign. [...] | Malware | ||
|
2021-12-13 16:22:11 | (Déjà vu) TinyNuke info-stealing malware is again attacking French users (lien direct) | The info-stealing malware TinyNuke has re-emerged in a new campaign targeting French users with invoice-themed lures in emails sent to corporate addresses and individuals working in manufacturing, technology, construction, and business services. [...] | Malware | ||
|
2021-12-13 15:49:11 | Phishing campaign uses PowerPoint macros to drop Agent Tesla (lien direct) | A new variant of the Agent Tesla malware has been spotted in an ongoing phishing campaign that relies on Microsoft PowerPoint documents laced with malicious macro code. [...] | Malware | ||
|
2021-12-12 18:07:20 | Hackers start pushing malware in worldwide Log4Shell attacks (lien direct) | Threat actors and researchers are scanning for and exploiting the Log4j Log4Shell vulnerability to deploy malware or find vulnerable servers. In this article we compiled the known payloads, scans, and attacks using the Log4j vulnerability. [...] | Malware Vulnerability Threat | ||
|
2021-12-11 11:12:06 | Microsoft: These are the building blocks of QBot malware attacks (lien direct) | As QBot campaigns increase in size and frequency, researchers are looking into ways to break the trojan's distribution chain and tackle the threat. [...] | Malware | ||
|
2021-12-09 12:34:17 | Malicious Notepad++ installers push StrongPity malware (lien direct) | The sophisticated hacking group known as StrongPity is circulating laced Notepad++ installers that infect targets with malware. [...] | Malware | ||
|
2021-12-09 06:00:00 | Hundreds of thousands of MikroTik devices still vulnerable to botnets (lien direct) | Approximately 300,000 MikroTik routers are vulnerable to critical vulnerabilities that malware botnets can exploit for cryptomining and DDoS attacks. [...] | Malware | ||
|
2021-12-07 18:21:46 | Emotet now drops Cobalt Strike, fast forwards ransomware attacks (lien direct) | In a concerning development, the notorious Emotet malware now installs Cobalt Strike beacons directly, giving immediate network access to threat actors and making ransomware attacks imminent. [...] | Ransomware Malware Threat | ||
|
2021-12-06 10:00:00 | Russian hacking group uses new stealthy Ceeloader malware (lien direct) | The Nobelium hacking group continues to breach government and enterprise networks worldwide by targeting their cloud and managed service providers and using a new custom "Ceeloader" malware. [...] | Malware | ||
|
2021-12-05 13:45:16 | Malicious Excel XLL add-ins push RedLine password-stealing malware (lien direct) | Cybercriminals are spamming website contact forms and discussion forums to distribute Excel XLL files that download and install the RedLine password and information-stealing malware. [...] | Malware | ||
|
2021-12-04 12:06:12 | Malicious KMSPico installers steal your cryptocurrency wallets (lien direct) | Threat actors are distributing altered KMSpico installers to infect Windows devices with malware that steals cryptocurrency wallets. [...] | Malware Threat | ||
|
2021-12-03 12:40:10 | Fake support agents call victims to install Android banking malware (lien direct) | The BRATA Android remote access trojan (RAT) has been spotted in Italy, with threat actors calling victims of SMS attacks to steal their online banking credentials. [...] | Malware Threat | ||
|
2021-12-02 05:12:19 | New malware hides as legit nginx process on e-commerce servers (lien direct) | eCommerce servers are being targeted with remote access malware that hides on Nginx servers in a way that makes it virtually invisible to security solutions. [...] | Malware | ||
|
2021-12-01 18:43:10 | Emotet now spreads via fake Adobe Windows App Installer packages (lien direct) | The notorious Emotet malware is now distributed through malicious Windows App Installer packages that pretend to be Adobe PDF software. [...] | Malware | ★★★ | |
|
2021-11-30 18:04:42 | Microsoft Defender scares admins with Emotet false positives (lien direct) | Microsoft Defender for Endpoint is currently blocking Office documents from being opened and some executables from launching due to a false positive tagging the files as potentially bundling an Emotet malware payload. [...] | Malware | ||
|
2021-11-30 15:06:34 | Finland warns of Flubot malware heavily targeting Android users (lien direct) | Finland's National Cyber Security Centre (NCSC-FI) has issued a "severe alert" to warn of a massive campaign targeting the country's Android users with Flubot banking malware pushed via text messages sent from compromised devices. [...] | Malware | ||
|
2021-11-30 11:07:09 | Android banking malware infects 300,000 Google Play users (lien direct) | Malware campaigns distributing Android trojans that steals online bank credentials have infected almost 300,000 devices through malicious apps pushed via Google's Play Store. [...] | Malware | ||
|
2021-11-30 06:56:06 | Yanluowang ransomware operation matures with experienced affiliates (lien direct) | An affiliate of the recently discovered Yanluowang ransomware operation is focusing its attacks on U.S. organizations in the financial sector using BazarLoader malware in the reconnaissance stage. [...] | Ransomware Malware | ||
|
2021-11-29 08:43:29 | APT37 targets journalists with Chinotto multi-platform malware (lien direct) | North Korean state hacking group APT37 targets South Korean journalists, defectors, and human rights activists in watering hole, spear-phishing emails, and smishing attacks delivering malware dubbed Chinotto capable of infecting Windows and Android devices. [...] | Malware Cloud | APT 37 | |
|
2021-11-26 13:02:16 | TrickBot phishing checks screen resolution to evade researchers (lien direct) | The TrickBot malware operators have been using a new method to check the screen resolution of a victim system to evade detection of security software and analysis by researchers. [...] | Malware | ||
|
2021-11-25 14:30:00 | How cybercriminals adjusted their scams for Black Friday 2021 (lien direct) | Black Friday is approaching, and while shoppers prepare to open their wallets, cybercriminals hone their malware droppers, phishing lures, and fake sites. [...] | Malware | ||
|
2021-11-25 10:45:38 | (Déjà vu) New Linux malware hides in cron jobs with invalid dates (lien direct) | Security researchers have discovered a new remote access trojan (RAT) for Linux that keeps an almost invisible profile by hiding in tasks scheduled for execution on a non-existent day, February 31st. [...] | Malware | ||
|
2021-11-25 10:45:38 | New CronRAT malware infects Linux systems using odd day cron jobs (lien direct) | Security researchers have discovered a new remote access trojan (RAT) for Linux that keeps an almost invisible profile by hiding in tasks scheduled for execution on a non-existent day, February 31st. [...] | Malware | ||
|
2021-11-25 09:26:52 | Discord malware campaign targets crypto and NFT communities (lien direct) | A new malware campaign on Discord uses the Babadeda crypter to hide malware that targets the crypto, NFT, and DeFi communities. [...] | Malware | ||
|
2021-11-24 11:08:18 | Stealthy new JavaScript malware infects Windows PCs with RATs (lien direct) | A new stealthy JavaScript malware loader named RATDispenser is being used to infect devices with a variety of remote access trojans (RATs) in phishing attacks. [...] | Malware | ||
|
2021-11-24 08:02:04 | Black Friday 2021 deal: 20% off Zero2Automated malware analysis courses (lien direct) | The popular Zero2Automated malware analysis and reverse-engineering course is having another Black Friday and Cyber Monday promotion this year, where you can get 20% off all courses on their site. [...] | Malware | ||
|
2021-11-23 16:09:03 | Malware now trying to exploit new Windows Installer zero-day (lien direct) | Malware creators have already started testing a proof-of-concept exploit targeting a new Microsoft Windows Installer zero-day publicly disclosed by security researcher Abdelhamid Naceri over the weekend. [...] | Malware | ||
|
2021-11-23 11:00:29 | Over nine million Android devices infected by info-stealing trojan (lien direct) | A large-scale malware campaign on Huawei's AppGallery has led to approximately 9,300,000 installs of Android trojans masquerading as over 190 different apps [...] | Malware | ||
|
2021-11-23 10:38:06 | Hackers target biomanufacturing with stealthy Tardigrade malware (lien direct) | An advanced hacking group is actively targeting biomanufacturing facilities with a new custom malware called 'Tardigrade.' [...] | Malware | ||
|
2021-11-23 10:38:06 | Tardigrade hackers target big pharma vaccine makers with stealthy malware (lien direct) | An advanced hacking group known as 'Tardigrade' is targeting biomanufacturing facilities and research centers working on vaccines and critical medicines. [...] | Malware | ||
|
2021-11-20 12:55:47 | Microsoft Exchange servers hacked in internal reply-chain attacks (lien direct) | Threat actors are hacking Microsoft Exchange servers using ProxyShell and ProxyLogon exploits to distribute malware and bypass detection using stolen internal reply-chain emails. [...] | Malware Threat | ||
|
2021-11-18 16:19:09 | Android malware BrazKing returns as a stealthier banking trojan (lien direct) | The BrazKing Android banking trojan has returned with dynamic banking overlays and a new implementation trick that enables it to operate without requesting risky permissions. [...] | Malware | ||
|
2021-11-18 09:47:45 | North Korean cyberspies target govt officials with custom malware (lien direct) | A state-sponsored North Korean threat actor tracked as TA406 was recently observed deploying custom info-stealing malware in espionage campaigns. [...] | Malware Threat | ||
|
2021-11-16 18:07:17 | Here are the new Emotet spam campaigns hitting mailboxes worldwide (lien direct) | The Emotet malware kicked into action yesterday after a ten-month hiatus with multiple spam campaigns delivering malicious documents to mailboxes worldwide. [...] | Spam Malware | ||
|
2021-11-15 15:04:23 | (Déjà vu) Emotet malware is back and rebuilding its botnet via TrickBot (lien direct) | The Emotet malware was considered the most widely spread malware in the past, using spam campaigns and malicious attachments to distribute the malware. [...] | Spam Malware | ||
|
2021-11-15 15:04:23 | The Emotet malware is back and rebuilding its botnet via TrickBot (lien direct) | The Emotet malware was considered the most widely spread malware in the past, using spam campaigns and malicious attachments to distribute the malware. [...] | Spam Malware | ||
|
2021-11-15 14:15:27 | Alibaba ECS instances actively hijacked by cryptomining malware (lien direct) | Threat actors are hijacking Alibaba Elastic Computing Service (ECS) instances to install cryptominer malware and harness the available server resources for their own profit. [...] | Malware | ||
|
2021-11-12 10:27:11 | Microsoft warns of surge in HTML smuggling phishing attacks (lien direct) | Microsoft has seen a surge in malware campaigns using HTML smuggling to distribute banking malware and remote access trojans (RAT). [...] | Malware | ||
|
2021-11-11 16:34:07 | Windows 10 App Installer abused in BazarLoader malware attacks (lien direct) | The TrickBot gang operators are now abusing the Windows 10 App Installer to deploy their BazarLoader malware on the systems of targets who fall victim to a highly targeted spam campaign. [...] | Spam Malware | ||
|
2021-11-11 15:41:09 | BotenaGo botnet targets millions of IoT devices with 33 exploits (lien direct) | A new BotenaGo malware botnet has been discovered using over thirty exploits to attack millions of routers and IoT devices. [...] | Malware | ||
|
2021-11-11 02:45:34 | Careful: \'Smart TV remote\' Android app on Google Play is malware (lien direct) | Two Android apps sitting on the Google Play store have been found to contain malware this week. These apps are called 'Smart TV remote' and 'Halloween Coloring'. [...] | Malware | ||
|
2021-11-10 08:56:28 | New Android malware targets Netflix, Instagram, and Twitter users (lien direct) | A new Android malware known as MasterFred uses fake login overlays to steal the credit card information of Netflix, Instagram, and Twitter users. [...] | Malware |
To see everything:
Our RSS (filtrered)
