What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-07-25 18:39:56 | Linux-based malware analysis toolkit REMnux 7 released (lien direct) | A new version of REMnux Linux distro is now available for malware researchers, packed with hundreds of tools to dissect malicious executables, documents, scripts, and ill-intended code. [...] | Malware | ||
|
2020-07-24 12:56:53 | Emotet malware operation hacked to show memes to victims (lien direct) | Someone is poking fun at Emotet botnet and heavily disrupting its operations at the same time as payloads hosted on some compromised sites have been replaced by memes and GIFs. [...] | Malware | ||
|
2020-07-22 14:49:59 | Lazarus hackers deploy ransomware, steal data using MATA malware (lien direct) | A recently discovered malware framework known as MATA and linked to the North Korean-backed hacking group known as Lazarus was used in attacks targeting corporate entities from multiple countries since April 2018 for ransomware deployment and data theft. [...] | Ransomware Malware | APT 38 | |
|
2020-07-21 13:25:00 | Emotet botnet is now heavily spreading QakBot malware (lien direct) | Researchers tracking Emotet botnet noticed that the malware started to push QakBot banking trojan at an unusually high rate, replacing the longtime TrickBot payload. [...] | Malware | ||
|
2020-07-20 15:52:08 | Emotet-TrickBot malware duo is back infecting Windows machines (lien direct) | After awakening last week and starting to send spam worldwide, Emotet is now once again installing the TrickBot trojan on infected Windows computers. [...] | Spam Malware | ||
|
2020-07-16 12:42:17 | New Android malware steals your dating and social accounts (lien direct) | A new Android banking trojan dubbed BlackRock steals credentials and credit card information from a list of 337 apps many of them used for many non-financial purposes. [...] | Malware | ||
|
2020-07-16 11:04:33 | Russian hackers target COVID-19 vaccine research with custom malware (lien direct) | Hackers likely working for Russian intelligence services have been attacking organizations involved in the research and development of a vaccine against the new coronavirus. [...] | Malware | ||
|
2020-07-14 09:00:00 | New GoldenHelper malware found in official Chinese tax software (lien direct) | A new backdoor dubbed GoldenHelper was discovered by Trustwave embedded within Golden Tax Invoicing Software, part of the Chinese government' Golden Tax Project and required for issuing invoices and paying value-add tax (VAT) taxes. [...] | Malware | ||
|
2020-07-12 13:39:09 | (Déjà vu) Malware adds online sandbox detection to evade analysis (lien direct) | Malware developers are now checking if their malware is running in the Any.Run malware analysis service to prevent their malware from being easily analyzed by researchers. [...] | Malware | ||
|
2020-07-12 13:39:09 | Malware adds Any.Run sandbox detection to evade analysis (lien direct) | Malware developers are now checking if their malware is running in the Any.Run malware analysis service to prevent their malware from being easily analyzed by researchers. [...] | Malware | ★★★★★ | |
|
2020-07-11 14:12:32 | TrickBot malware mistakenly warns victims that they are infected (lien direct) | The notorious TrickBot malware mistakenly left a test module that is warning victims that they are infected and should contact their administrator. [...] | Malware | ||
|
2020-07-09 14:56:28 | (Déjà vu) Conti ransomware shows signs of being Ryuk\'s successor (lien direct) | The Conti Ransomware is an upcoming threat targeting corporate networks with new features that allow it to perform quicker and more targeted attacks. There are also indications that this ransomware shares the same malware code as Ryuk, who has slowly been fading away, while Conti's distribution is increasing. [...] | Ransomware Malware Threat | ||
|
2020-07-09 14:56:28 | Conti ransomware shows signs of being a Ryuk successor (lien direct) | The Conti Ransomware is an upcoming threat targeting corporate networks with new features that allow it to perform quicker and more targeted attacks. There are also indications that this ransomware shares the same malware code as Ryuk, who has slowly been fading away, while Conti's distribution is increasing. [...] | Ransomware Malware Threat | ||
|
2020-07-09 08:43:59 | Evilnum hackers use the same malware supplier as FIN6, Cobalt (lien direct) | Hackers in the Evilnum group have developed a toolset that combines custom malware, legitimate utilities, and tools bought from a malware-as-a-service (MaaS) provider that caters for big fintech threat actors. [...] | Malware Threat | ||
|
2020-07-09 06:03:39 | Joker Android malware keeps evading Google Play Store defenses (lien direct) | The threat actor behind the Joker Android malware has once again succeeded to successfully slip spyware infected apps onto the Play Store, Google's official Android app store. [...] | Malware Threat | ||
|
2020-07-08 12:34:10 | First look: Microsoft\'s Project Freta detects Linux malware for free (lien direct) | Microsoft Research has announced a cloud-based malware detection service called Project Freta to detect rootkits, cryptominers, and previously undetected malware strains lurking in your Linux cloud VM images. [...] | Malware | ||
|
2020-07-05 12:30:50 | .NET Core vulnerability lets attackers evade malware detection (lien direct) | A vulnerability in the .NET Core library allows malicious programs to be launched while evading detection by security software. [...] | Malware Vulnerability | ||
|
2020-07-03 14:26:25 | The Week in Ransomware - July 3rd 2020 - Yes, Macs need antivirus (lien direct) | Many macOS users, including my family and friends, have been under the impression that Macs are not affected by malware and thus do not need security software. After this week, I hope the point is clear; that assumption is wrong, and Macs need antivirus software. [...] | Ransomware Malware | ||
|
2020-07-02 17:48:08 | Malwarebytes AdwCleaner now removes malware from the command line (lien direct) | The popular AdwCleaner tool from Malwarebytes is about to get even more popular as it now can be used entirely from the command line. [...] | Malware Tool | ||
|
2020-07-02 15:23:00 | Windows 10 background image tool can be abused to download malware (lien direct) | A binary in Windows 10 responsible for setting an image for the desktop and lock screen can help attackers download malware on a compromised system without raising the alarm. [...] | Malware Tool | ||
|
2020-07-01 17:29:24 | TrickBot malware now checks screen resolution to evade analysis (lien direct) | The infamous TrickBot trojan has started to check the screen resolutions of victims to detect whether the malware is running in a virtual machine. [...] | Malware | ||
|
2020-07-01 15:38:19 | Windows POS malware uses DNS to smuggle stolen credit cards (lien direct) | A Windows Point-of-Sale (POS) malware has been discovered using the DNS protocol to smuggle stolen credit cards to a remote server under attacker's control. [...] | Malware | ||
|
2020-06-28 09:30:00 | Chinese malware used in attacks against Australian orgs (lien direct) | The Australian government released an advisory late last week about increased cyber activity from a state actor against networks belonging to its agencies and companies in the country. [...] | Malware | ||
|
2020-06-25 12:46:08 | New Lucifer DDoS malware creates a legion of Windows minions (lien direct) | A new botnet identified in the wild leverages close to a dozen exploits for high and critical-severity vulnerabilities against Windows systems to turn them into cryptomining clients and sources for distributed denial-of-service (DDoS) attacks. [...] | Malware | ||
|
2020-06-15 09:00:00 | Intel adds CPU-level malware protection to Tiger Lake processors (lien direct) | Intel today announced a new CPU-level security capability known as Control-Flow Enforcement Technology (Intel CET) that offers protection against malware using control-flow hijacking attack methods on devices with Intel's future Tiger Lake mobile processors. [...] | Malware | ||
|
2020-06-11 06:28:38 | Gamaredon hackers use Outlook macros to spread malware to contacts (lien direct) | New tools attributed to the Russia-linked Gamaredon hacker group include a module for Microsoft Outlook that creates custom emails with malicious documents and sends them to a victim's contacts. [...] | Malware | ||
|
2020-06-10 19:18:01 | Fake Black Lives Matter voting campaign spreads Trickbot malware (lien direct) | A phishing email campaign asking you to vote anonymously about Black Lives Matter is spreading the TrickBot information-stealing malware. [...] | Malware | ||
|
2020-06-09 12:00:00 | Valak malware gets new plugin to steal Outlook login credentials (lien direct) | Authors of the Valak information stealer are focusing more and more on stealing email credentials as researchers find a new module specifically built for this purpose. [...] | Malware | ||
|
2020-06-08 14:45:00 | US energy providers hit with new malware in targeted attacks (lien direct) | Several U.S. energy providers were targeted by spear-phishing campaigns delivering a new remote access trojan (RAT) capable of providing attackers with full control over infected systems. [...] | Malware | ||
|
2020-06-04 09:43:57 | USBCulprit malware targets air-gapped systems to steal govt info (lien direct) | The newly revealed USBCulprit malware is used by a group known as Cycldek, Conimes, or Goblin Panda and is designed for compromising air-gapped devices via USB. [...] | Malware | ||
|
2020-06-04 09:13:56 | Bruteforce malware probes login for popular web platforms (lien direct) | The malware looks for various systems for managing content, databases, and file transfers as well as backup files and administrator login paths. [...] | Malware | ||
|
2020-05-31 11:25:54 | Here are the new security features in Windows 10 2004 (lien direct) | Windows 10's May 2020 Update is rolling out to seekers, and it comes with new security features that offer better malware protection, easier logins, and stronger encryption for your wireless connections. [...] | Malware | ||
|
2020-05-31 09:35:00 | Office 365 to give detailed info on malicious email attachments (lien direct) | Microsoft will provide Office 365 Advanced Threat Protection (ATP) users with more details on malware samples and malicious URLs discovered following detonation. [...] | Malware Threat | ||
|
2020-05-29 14:36:46 | Nworm: TrickBot gang\'s new stealthy malware spreading module (lien direct) | The Trickbot banking trojan has evolved once again with a new malware spreading module that uses a stealth mode to quietly infect Windows domain controllers without being detected. [...] | Malware | ||
|
2020-05-29 12:57:47 | Valak malware steals credentials from Microsoft Exchange servers (lien direct) | Classified initially as a malware loader, Valak has morphed into an information stealer that targets Microsoft Exchange servers to rob email login credentials and certificates from enterprises. [...] | Malware | ||
|
2020-05-28 11:00:00 | New Octopus Scanner malware spreads via GitHub supply chain attack (lien direct) | Security researchers have found a new malware that finds and backdoors open-source NetBeans projects hosted on the GitHub web-based code hosting platform to spread to Windows, Linux, and macOS systems and deploy a Remote Administration Tool (RAT). [...] | Malware Tool | ★★ | |
|
2020-05-26 11:22:03 | Hacking group builds new Ketrum malware from recycled backdoors (lien direct) | The Ke3chang hacking group historically believed to be operating out of China has developed new malware dubbed Ketrum by merging features and source code from their older Ketrican and Okrum backdoors. [...] | Malware | APT 15 APT 25 | |
|
2020-05-26 05:30:00 | Russian cyberspies use Gmail to control updated ComRAT malware (lien direct) | ESET security researchers have discovered a new version of the ComRAT backdoor controlled using the Gmail web interface and used by the state-backed Russian hacker group Turla for harvesting and stealing in attacks against governmental institutions. [...] | Malware | ||
|
2020-05-24 09:27:58 | (Déjà vu) Discord client turned into a password stealer by updated malware (lien direct) | A threat actor converted the AnarchyGrabber trojan into a new malware that steals passwords and user tokens, disables 2FA, and spreads malware to a victim's friends. [...] | Malware Threat | ||
|
2020-05-24 09:27:58 | Discord client turned into a password stealer by new malware (lien direct) | A threat actor converted the AnarchyGrabber trojan into a new malware that steals passwords and user tokens, disables 2FA, and spreads malware to a victim's friends. [...] | Malware Threat | ||
|
2020-05-22 03:28:00 | ZLoader banking malware is back, deployed in over 100 campaigns (lien direct) | A banking malware called ZLoader, last seen in early 2018, has been spotted in more than 100 email campaigns since the beginning of the year. [...] | Malware | ||
|
2020-05-21 07:40:09 | New PipeMon malware uses Windows print processors for persistence (lien direct) | Video game companies are once again victims of the Winnti hacking group, who used new malware that researchers named PipeMon and a novel method to achieve persistence. [...] | Malware | ||
|
2020-05-20 12:46:05 | GhostDNS exploit kit source code leaked to antivirus company (lien direct) | Malware analysts received unrestricted access to the components of GhostDNS exploit kit after the malware package essentially fell into their lap. [...] | Malware | ★★★★★ | |
|
2020-05-19 11:27:39 | NetWalker adjusts ransomware operation to only target enterprise (lien direct) | NetWalker ransomware group is moving away from phishing for malware distribution and has adopted a network-intrusion model focusing on huge businesses only. [...] | Ransomware Malware | ||
|
2020-05-18 12:17:03 | Fake U.S. Dept of Treasury emails spreads new Node.js malware (lien direct) | A new Node.js based remote access trojan and password-stealing malware is being distributed through malicious emails pretending to be from the U.S. Department of the Treasury. [...] | Malware | ||
|
2020-05-15 15:23:20 | WordPress malware finds WooCommerce sites for Magecart attacks (lien direct) | Researchers at website security firm Sucuri have discovered a new WordPress malware used by threat actors to scan for and identify WooCommerce online shops with a lot of customers. [...] | Malware Threat | ||
|
2020-05-15 10:25:57 | RATicate drops info stealing malware and RATs on industrial targets (lien direct) | Security researchers from Sophos have identified a hacking group that abused NSIS installers to deploy remote access tools (RATs) and information-stealing malware in attacks targeting industrial companies. [...] | Malware | ||
|
2020-05-15 05:32:00 | Backdoors in recent espionage attempts link to Microcin malware (lien direct) | Antivirus engines foiled an advanced attacker's attempts to infiltrate a governmental institution and corporate networks of two companies in the telecommunications and gas sector. [...] | Malware | ||
|
2020-05-15 03:00:00 | Microsoft Office 365 ATP getting malware campaign analysis (lien direct) | Microsoft is in the process of expanding the Office 365 Advanced Threat Protection (ATP) capabilities with attack flow overviews of malware attacks targeting organizations. [...] | Malware Threat | ||
|
2020-05-14 16:32:56 | New COMpfun malware variant gets commands from HTTP error codes (lien direct) | A new COMpfun remote access trojan (RAT) variant controlled using uncommon HTTP status codes was used in attacks targeting European diplomatic entities. [...] | Malware |
To see everything:
Our RSS (filtrered)
