What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-01-21 12:07:06 | UK govt gives malware infected laptops to vulnerable students (lien direct) | Some of the laptops distributed by the UK Department for Education (DfE) to vulnerable students have been found to be infected with malware as reported by the BBC. [...] | Malware | ||
|
2021-01-21 10:20:24 | QNAP warns users to secure NAS devices against Dovecat malware (lien direct) | QNAP urges customers to secure their network-attached storage (NAS) devices against an ongoing malware campaign that infects and exploits them to mine bitcoin without their knowledge. [...] | Malware | ||
|
2021-01-19 07:48:51 | FreakOut malware exploits critical bugs to infect Linux hosts (lien direct) | An active malicious campaign is currently targeting Linux devices running software with critical vulnerabilities that is powering network-attached storage (NAS) devices or for developing web applications and portals. [...] | Malware | ||
|
2021-01-15 14:34:59 | Windows Finger command abused by phishing to download malware (lien direct) | Attackers are using the normally harmless Windows Finger command to download and install a malicious backdoor on victims' devices. [...] | Malware | ||
|
2021-01-12 08:33:19 | New Sunspot malware found while investigating SolarWinds hack (lien direct) | Cybersecurity firm CrowdStrike has discovered the malware used by the SolarWinds hackers to inject backdoors in Orion platform builds during the supply-chain attack that led to the compromise of several companies and government agencies. [...] | Malware Hack | Solardwinds | |
|
2021-01-11 17:29:11 | Microsoft Sysmon now detects malware process tampering attempts (lien direct) | Microsoft has released Sysmon 13 with a new security feature that detects if a process has been tampered using process hollowing or process herpaderping techniques. [...] | Malware | ||
|
2021-01-11 12:33:00 | Mac malware uses \'run-only\' AppleScripts to evade analysis (lien direct) | A cryptocurrency mining campaign targeting macOS is using malware that has evolved into a complex variant giving researchers a lot of trouble analyzing it. [...] | Malware | ||
|
2021-01-11 09:07:54 | Sunburst backdoor shares features with Russian APT malware (lien direct) | Kaspersky researchers found that the Sunburst backdoor, the malware deployed during the SolarWinds supply-chain attack, shows feature overlaps with Kazuar, a .NET backdoor tentatively linked to the Russian Turla hacking group. [...] | Malware Mobile | Solardwinds Solardwinds | |
|
2021-01-07 06:00:00 | Linux malware authors use Ezuri Golang crypter for zero detection (lien direct) | Multiple malware authors are using the "Ezuri" crypter and memory loader written in Go to evade detection by antivirus products. Source code for Ezuri is available on GitHub for anyone to use. [...] | Malware | ||
|
2021-01-05 12:30:00 | Australian cybersecurity agency used as cover in malware campaign (lien direct) | The Australian government warns of an ongoing campaign impersonating the Australian Cyber Security Centre (ACSC) to infect targets with malware. [...] | Malware | ||
|
2021-01-05 10:00:00 | Cross-platform ElectroRAT malware drains cryptocurrency wallets (lien direct) | Security researchers have discovered a new remote access trojan (RAT) used to empty the cryptocurrency wallets of thousands of Windows, Linux, and macOS users. [...] | Malware | ||
|
2021-01-04 09:36:27 | China\'s APT hackers move to ransomware attacks (lien direct) | Security researchers investigating a set of ransomware incidents at multiple companies discovered malware indicating that the attacks may be the work of a hacker group believed to operate on behalf of China. [...] | Ransomware Malware | ||
|
2020-12-30 09:40:36 | New worm turns Windows, Linux servers into Monero miners (lien direct) | A newly discovered and self-spreading Golang-based malware has been actively dropping XMRig cryptocurrency miners on Windows and Linux servers since early December. [...] | Malware | ||
|
2020-12-29 18:28:07 | Wasabi cloud storage service knocked offline for hosting malware (lien direct) | Cloud storage provider Wasabi suffered an outage after a domain used for storage endpoints was suspended for hosting malware. [...] | Malware | ||
|
2020-12-28 06:57:33 | (Déjà vu) GitHub-hosted malware calculates Cobalt Strike payload from Imgur pic (lien direct) | A new strand of malware uses Word files with macros to download a PowerShell script from GitHub. This PowerShell script further downloads a legitimate image file from image hosting service Imgur to decode a Cobalt Strike script. [...] | Malware | ||
|
2020-12-28 06:57:33 | (Déjà vu) GitHub-based malware calculates Cobalt Strike payload from Imgur pic (lien direct) | A new strand of malware uses Word files with macros to download a PowerShell script from GitHub. This PowerShell script further downloads a legitimate image file from image hosting service Imgur to decode a Cobalt Strike script. [...] | Malware | ||
|
2020-12-26 09:50:11 | SolarWinds releases updated advisory for new SUPERNOVA malware (lien direct) | SolarWinds has released an updated advisory for the additional SuperNova malware discovered to have been distributed through the company's network management platform. [...] | Malware | ||
|
2020-12-25 10:15:15 | Fake Amazon gift card emails deliver the Dridex malware (lien direct) | The Dridex malware gang is delivering a nasty gift for the holidays using a spam campaign pretending to be Amazon Gift Cards. [...] | Spam Malware | ||
|
2020-12-22 09:11:33 | SolarWinds victims revealed after cracking the Sunburst malware DGA (lien direct) | Security researchers have shared lists of organizations where threat actors deployed Sunburst/Solarigate malware, after ongoing investigations of the SolarWinds supply chain attack. [...] | Malware Threat | Solardwinds Solardwinds | |
|
2020-12-18 14:47:56 | Stealthy Magecart malware mistakenly leaks list of hacked stores (lien direct) | A list of dozens of online stores hacked by a web skimming group was inadvertently leaked by a dropper used to deploy a stealthy remote access trojan (RAT) on compromised e-commerce sites. [...] | Malware | ||
|
2020-12-16 16:21:50 | FireEye, Microsoft create kill switch for SolarWinds backdoor (lien direct) | Microsoft, FireEye, and GoDaddy have collaborated to create a kill switch for the SolarWinds Sunburst backdoor that forces the malware to terminate itself. [...] | Malware Mobile | Solardwinds | |
|
2020-12-16 09:00:00 | Ransomware gangs automate payload delivery with SystemBC malware (lien direct) | SystemBC, a commodity malware sold on underground marketplaces, is being used by ransomware-as-a-service (RaaS) operations to hide malicious traffic and automate ransomware payload delivery on the networks of compromised victims. [...] | Ransomware Malware | ||
|
2020-12-15 13:50:00 | New Windows malware may soon target Linux, macOS devices (lien direct) | Newly discovered Windows info-stealing malware linked to an active threat group tracked as AridViper shows signs that it might be used to infect computers running Linux and macOS. [...] | Malware Threat | ||
|
2020-12-14 10:04:46 | US govt, FireEye breached after SolarWinds supply-chain attack (lien direct) | SolarWinds's Orion IT monitoring and management software has been used in a supply chain attack leading to the breach of government and high-profile companies using a malware dubbed SUNBURST or Solorigate. [...] | Malware Guideline | Solardwinds | |
|
2020-12-13 17:44:05 | Hacking group\'s new malware abuses Google and Facebook services (lien direct) | Molerats cyberespionage group has been using in recent spear-phishing campaigns fresh malware that relies on Dropbox, Google Drive, and Facebook for command and control communication and to store stolen data. [...] | Malware | ||
|
2020-12-12 15:10:54 | Subway marketing system hacked to send TrickBot malware emails (lien direct) | Subway UK has disclosed that a hacked system used for marketing campaigns is responsible for the malware-laden phishing emails sent to customers yesterday. [...] | Malware | ||
|
2020-12-11 08:59:22 | Microsoft: New malware can infect over 30K Windows PCs a day (lien direct) | Microsoft has warned of an ongoing campaign pushing a new browser hijacking and credential-stealing malware dubbed Adrozek which, at its peak, was able to take over more than 30,000 devices every day. [...] | Malware | Adrozek | |
|
2020-12-11 08:41:11 | Massive Subway UK phishing attack is pushing TrickBot malware (lien direct) | A massive phishing campaign pretending to be a Subway order confirmation is underway distributing the notorious TrickBot malware. [...] | Malware | ||
|
2020-12-10 09:47:27 | Hackers can use WinZip insecure server connection to drop malware (lien direct) | The server-client communication in certain versions of the WinZip file compression tool is insecure and could be modified to serve malware or fraudulent content to users. [...] | Malware Tool | ||
|
2020-12-09 16:00:00 | Qbot malware switched to stealthy new Windows autostart method (lien direct) | A new Qbot malware version now activates its persistence mechanism right before infected Windows devices shutdown and it automatically removes any traces when the system restarts or wakes up from sleep. [...] | Malware | ||
|
2020-12-09 11:10:41 | Russian hackers hide Zebrocy malware in virtual disk images (lien direct) | Russian-speaking hackers behind Zebrocy malware have changed their technique for delivering malware to high-profile victims and started to pack the threats in Virtual Hard Drives (VHD) to avoid detection. [...] | Malware | ||
|
2020-12-08 11:35:00 | Credit card stealing malware bundles backdoor for easy reinstall (lien direct) | An almost impossible to remove malware set to automatically activate on Black Friday was deployed on multiple Magento-powered online stores by threat actors according to researchers at Dutch cyber-security company Sansec. [...] | Malware Threat | ||
|
2020-12-05 15:33:14 | Police arrest two in data theft cyberattack on Leonardo defense corp (lien direct) | Italian police have arrested two people allegedly for using malware to steal 10 GB of confidental data and military secrets from defense company Leonardo S.p.A. [...] | Malware | ||
|
2020-12-03 14:59:42 | Credit card stealing malware hides in social media sharing icons (lien direct) | Newly discovered web skimming malware is capable of hiding in plain sight to inject payment card skimmer scripts into compromised online stores. [...] | Malware | ||
|
2020-12-03 11:57:08 | Hacker-for-hire group develops new stealthy Windows backdoor (lien direct) | Kaspersky researchers discovered a previously undocumented Windows PowerShell malware dubbed PowerPepper and developed by the hacker-for-hire group DeathStalker. [...] | Malware | ||
|
2020-12-02 05:30:00 | Russian hacking group uses Dropbox to store malware-stolen data (lien direct) | Russian-backed hacking group Turla has used a previously undocumented malware toolset to deploy backdoors and steal sensitive documents in targeted cyber-espionage campaigns directed at high-profile targets such as the Ministry of Foreign Affairs of European Union countries. [...] | Malware | ||
|
2020-12-01 11:30:24 | Critical Oracle WebLogic flaw actively exploited by DarkIRC malware (lien direct) | A botnet known as DarkIRC is actively targeting thousands of exposed Oracle WebLogic servers in attacks designed to exploit the CVE-2020-14882 remote code execution (RCE) vulnerability fixed by Oracle two months ago. [...] | Malware Vulnerability | ||
|
2020-11-30 14:40:41 | Gootkit malware returns to life alongside REvil ransomware (lien direct) | After a year-long vacation, the Gootkit information-stealing Trojan has returned to life alongside REvil Ransomware in a new campaign targeting Germany. [...] | Ransomware Malware | ||
|
2020-08-05 09:07:40 | Hackers can abuse Microsoft Teams updater to install malware (lien direct) | Microsoft Teams can still double as a Living off the Land binary (LoLBin) and help attackers retrieve and execute malware from a remote location. [...] | Malware | ||
|
2020-08-03 11:12:43 | (Déjà vu) US govt exposes Chinese espionage malware secretly used since 2008 (lien direct) | The U.S. government today released information on a malware variant used by Chinese government-sponsored hackers in cyber espionage campaigns targeting governments, corporations, and think tanks. [...] | Malware | ||
|
2020-08-03 11:12:43 | US govt exposes Chinese cyber espionage malware used since 2008 (lien direct) | The U.S. government today released information on a malware variant used by Chinese government-sponsored hackers in cyber espionage campaigns targeting governments, corporations, and think tanks. [...] | Malware | ||
|
2020-07-31 13:21:05 | QNAP urges users to update Malware Remover after QSnatch alert (lien direct) | QNAP urges its users to update the Malware Remover app and bolster their NAS devices' security following a QSnatch malware joint alert published earlier this week by UK's NCSC and the US CISA government cybersecurity agencies. [...] | Malware | ||
|
2020-07-31 00:38:38 | (Déjà vu) Linux warning: TrickBot malware is now infecting your systems (lien direct) | TrickBot's Anchor malware platform has been ported to infect Linux devices and compromise further high-impact and high-value targets using covert channels. (47a9275c481dbf25e49cf753f7102ec1)[...] | Malware | ||
|
2020-07-30 02:32:22 | TrickBot\'s new Linux malware covertly infects Windows devices (lien direct) | TrickBot's Anchor malware platform has been ported to infect Linux devices and compromise further high-impact and high-value targets using covert channels. (47a9275c481dbf25e49cf753f7102ec1)[...] | Malware | ||
|
2020-07-29 17:13:49 | Sneaky Doki Linux malware infiltrates Docker cloud instances (lien direct) | Attackers are targeting misconfigured cloud-based docker instances running on Linux distributions with an undetectable strand of malware. (6f4c434995edef0548165457c4d90ce3)[...] | Malware | ||
|
2020-07-29 13:00:00 | BootHole GRUB bootloader bug lets hackers hide malware in Linux, Windows (lien direct) | A severe vulnerability exists in almost all signed versions of GRUB2 bootloader used by most Linux systems. When properly exploited, it could allow threat actors to compromise an operating system's booting process even if the Secure Boot verification mechanism is active. (d6e07de8573fc9018707f22eee885a5d)[...] | Malware Vulnerability Threat | ||
|
2020-07-28 15:21:40 | Emotet malware now steals your email attachments to attack contacts (lien direct) | The Emotet malware botnet is now also using stolen attachments to increase the authenticity of spam emails used for infecting targets' systems. [...] | Spam Malware | ||
|
2020-07-28 03:33:33 | Feature-rich Ensiko malware can encrypt, targets Windows, macOS, Linux (lien direct) | Threat researchers have found a new feature-rich malware that can encrypt files on any system running PHP, making it a high risk for Windows, macOS, and Linux web servers. [...] | Malware Threat | ||
|
2020-07-27 12:16:59 | UK and US warn QNAP owners to upgrade firmware to block malware (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the UK's National Cyber Security Centre (NCSC) today issued an alert about the risks of infection faced by QNAP NAS devices if QSnatch malware attacks restart. [...] | Malware | ||
|
2020-07-27 07:47:47 | Cerberus Android malware source code offered for sale for $100,000 (lien direct) | The maintainer of Cerberus banking trojan for Android is auctioning the entire project for a price starting at $50,000 or close the deal for double the money. [...] | Malware |
To see everything:
Our RSS (filtrered)
