What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-07-22 15:22:47 | Intezer Documents Powerful \'Lightning Framework\' Linux Malware (lien direct) | Security researchers at Intezer are documenting the discovery of a powerful piece of Linux malware that can stay undetected and has the ability to install rootkits. | Malware | ||
|
2022-07-21 13:31:37 | USCYBERCOM Releases IoCs for Malware Targeting Ukraine (lien direct) | The United States Cyber Command (USCYBERCOM) this week released indicators of compromise (IoCs) associated with malware families identified in recent attacks targeting Ukraine. | Malware | ||
|
2022-07-20 15:03:45 | Google, EU Warn of Malicious Russian Cyber Activity (lien direct) | Russia-linked Turla threat actor spotted using Android malware for first time Google and the European Union have issued separate warnings this week over Russian cyberattacks and misinformation campaigns. | Malware Threat | ||
|
2022-07-19 15:28:29 | New \'CloudMensis\' macOS Spyware Used in Targeted Attacks (lien direct) | Researchers at cybersecurity company ESET have analyzed a previously undocumented macOS malware that appears to have been used in targeted attacks to steal valuable information from compromised systems. | Malware | ★★★★ | |
|
2022-07-19 13:20:21 | Ongoing \'Roaming Mantis\' Smishing Campaign Hits Over 70,000 Users in France (lien direct) | A Chinese threat actor named Roaming Mantis has been targeting Android users in France with the MoqHao malware in a new smishing campaign, security researchers with Sekoia warn. | Malware Threat | ||
|
2022-07-18 12:10:24 | PLC and HMI Password Cracking Tools Deliver Malware (lien direct) | Tools advertised as being capable of cracking passwords for HMIs, PLCs and other industrial products have been found to exploit a zero-day vulnerability, and threat actors are using these tools to deliver malware. | Malware Threat | ||
|
2022-07-11 12:07:04 | \'Raspberry Robin\' Windows Worm Abuses QNAP Devices (lien direct) | A recently discovered Windows worm is abusing compromised QNAP network-attached storage (NAS) devices as stagers to spread to new systems, according to Cybereason. Dubbed Raspberry Robin, the malware was initially spotted in September 2021, spreading mainly via removable devices, such as USB drives. | Malware | ||
|
2022-07-06 15:51:48 | Is an Infrastructure War on the Horizon? (lien direct) | On February 24, Russia launched its full-scale assault on Ukraine. The invader's weapons included tanks, heavy artillery… and software. On April 8, attackers armed with Industroyer2, a species of malware designed to incapacitate power stations and plunge whole cities into darkness, managed to briefly penetrate Ukrainian defenses, putting two million homes at risk. | Malware | ||
|
2022-06-30 12:31:52 | SOHO Routers in North America and Europe Targeted With \'ZuoRAT\' Malware (lien direct) | A remote access trojan (RAT) targeting small office/home office (SOHO) devices has remained undetected for nearly two years, according to security researchers with Black Lotus Labs, the threat intelligence arm of Lumen Technologies. | Malware Threat | ||
|
2022-06-16 17:53:41 | \'MaliBot\' Android Malware Steals Financial, Personal Information (lien direct) | Researchers at F5 Labs have nabbed a new Android malware family capable of exfiltrating financial and personal information after taking control of infected devices. | Malware | ||
|
2022-06-16 17:19:09 | Volexity Blames \'DriftingCloud\' APT For Sophos Firewall Zero-Day (lien direct) | Big-game malware hunters at Volexity are shining the spotlight on a sophisticated Chinese APT caught recently exploiting a Sophos firewall zero-day to plant backdoors and launch man-in-the-middle attacks. | Malware | ||
|
2022-06-14 12:10:06 | Chinese Cyberespionage Group Starts Using New \'PingPull\' Malware (lien direct) | A Chinese state-sponsored threat actor known as Gallium has been using new malware in recent attacks that have been targeting organizations in the telecommunications, financial, and government sectors, Palo Alto Networks reports. | Malware Threat | ||
|
2022-06-10 10:08:04 | Highly-Evasive Linux Malware \'Symbiote\' Infects All Running Processes (lien direct) | Security researchers with BlackBerry and Intezer have shared details on a new Linux malware that “parasitically” infects all running processes on a target machine. | Malware | ||
|
2022-06-09 13:51:23 | \'Follina\' Vulnerability Exploited to Deliver Qbot, AsyncRAT, Other Malware (lien direct) | Several malware families are being delivered using the recently disclosed Windows vulnerability identified as Follina and CVE-2022-30190, which remains without an official patch. | Malware Vulnerability | ||
|
2022-06-01 11:44:02 | Europol Announces Takedown of FluBot Mobile Spyware (lien direct) | Europol today announced the takedown of FluBot, a piece of mobile malware targeting both Android and iOS devices that has been fast-spreading via SMS messages. | Malware | ||
|
2022-05-24 10:41:48 | Cybersecurity Community Warned of Fake PoC Exploits Delivering Malware (lien direct) | Researchers have spotted fake proof-of-concept (PoC) exploits that appear to have been created by threat actors in an effort to deliver malware to members of the cybersecurity community. | Malware Threat | ||
|
2022-05-23 08:52:29 | IBM Dives Into TrickBot Gang\'s Malware Crypting Operation (lien direct) | Researchers with IBM Security's X-Force division have analyzed 13 crypters employed by the cybercrime group behind the infamous TrickBot and Conti malware. | Malware | ||
|
2022-05-19 17:35:51 | Researchers Spot Supply Chain Attack Targeting GitLab CI Pipelines (lien direct) | Security researchers at SentinelLabs are calling attention to a software chain supply attack targeting Rust developers with malware aimed directly at infecting GitLab Continuous Integration (CI) pipelines. | Malware | ||
|
2022-05-16 15:12:22 | Hackers Can Abuse Low-Power Mode to Run Malware on Powered-Off iPhones (lien direct) | 
|
Malware | ||
|
2022-05-10 18:02:52 | New Malware Samples Indicate Return of REvil Ransomware (lien direct) | New malware samples and a new Tor-based leak website suggest that the REvil ransomware operation has been resumed. Secureworks, which tracks the group behind REvil as Gold Southfield, has conducted an analysis of malware samples apparently created in March and April, and determined that the developer likely has access to the original REvil source code. | Ransomware Malware | ★★★ | |
|
2022-05-04 19:25:46 | Kaspersky Warns of Fileless Malware Hidden in Windows Event Logs (lien direct) | Threat hunters at Kaspersky are publicly documenting a malicious campaign that abuses Windows event logs to store fileless last stage Trojans and keep them hidden in the file system. | Malware | ||
|
2022-05-04 19:16:02 | Google Sees More APTs Using Ukraine War-Related Themes (lien direct) | Researchers at Google's Threat Analysis Group (TAG) say the number of advanced threat actors using Ukraine war-related themes in cyberattacks went up in April with a surge in malware attacks targeting critical infrastructure. | Malware Threat | ||
|
2022-05-04 11:20:20 | Chinese Hackers Abuse Cybersecurity Products for Malware Execution (lien direct) | Researchers at cybersecurity firm SentinelOne have observed a Chinese hacking group taking a trial-and-error approach to abusing antivirus applications for the sideloading of malicious DLLs. | Malware | ||
|
2022-05-04 10:37:29 | Vulnerabilities Allow Hijacking of Most Ransomware to Prevent File Encryption (lien direct) | A researcher has shown how a type of vulnerability affecting many ransomware families can be exploited to control the malware and terminate it before it can encrypt files on compromised systems. | Ransomware Malware Vulnerability | ||
|
2022-05-03 10:08:45 | Russian Cyberspies Target Diplomats With New Malware (lien direct) | Russian cyberespionage group APT29 has been observed using new malware and techniques in phishing campaigns targeting diplomatic organizations in Europe, the Americas, and Asia, Mandiant reports. | Malware | APT 29 | |
|
2022-05-02 10:05:30 | New \'Bumblebee\' Malware Loader Used by Several Cybercrime Groups (lien direct) | Cybersecurity companies have analyzed “Bumblebee,” a relatively new custom malware downloader that appears to have been used by several cybercrime groups. | Malware | ||
|
2022-04-28 16:40:59 | Microsoft Warns of \'Nimbuspwn\' Security Flaws Haunting Linux (lien direct) | Vulnerability researchers at Microsoft are documenting the discovery of a pair of Linux privilege escalation flaws that could be chained together to plant dangerous malware or backdoors. | Malware | ||
|
2022-04-28 15:41:05 | 1.2 Million Bad Apps Blocked From Reaching Google Play in 2021 (lien direct) | Google claims that it prevented 1.2 million bad applications from reaching Google Play in 2021, but cybercriminals are still finding ways to deliver malware through the official Android app store. | Malware | ||
|
2022-04-21 08:36:12 | New BotenaGo Variant Infects Lilin Security Cameras With Mirai (lien direct) | A newly identified variant of the BotenaGo malware is specifically targeting security cameras manufactured by Taiwan-based Lilin, warns OT and IoT security firm Nozomi Networks. | Malware | ||
|
2022-04-18 19:54:13 | Citizen Lab Documents Israeli Surveillance Spyware Infections in Spain (lien direct) | Security researchers have found fresh evidence linking a pair of mercenary Israeli hacking companies to mobile malware attacks on members of Catalan civil society. | Malware | ||
|
2022-04-14 10:59:28 | Russia-Linked Pipedream/Incontroller ICS Malware Designed to Target Energy Facilities (lien direct) | Schneider Electric says no evidence that Incontroller/Pipedream malware exploits vulnerabilities | Malware | ||
|
2022-04-13 19:37:53 | U.S. Warns New Sophisticated Malware Can Target ICS/SCADA Devices (lien direct) | [BREAKING NEWS - Check Back for Updates] Custom made, modular ICS attack framework can be used to disrupt and/or destruct devices in industrial environments | Malware | ||
|
2022-04-08 08:46:57 | SharkBot Android Malware Continues Popping Up on Google Play (lien direct) | Over the past couple of months, security researchers identified several applications in Google Play that were designed to download the SharkBot Android trojan. | Malware | ||
|
2022-04-06 18:47:37 | Hamas-Linked Hackers Using Sexy Facebook \'Catfish\' Lures, New Malware (lien direct) | Hamas-linked APT Group targeting high-ranking Israelis with new new malware | Malware | ||
|
2022-04-06 15:04:59 | Denonia: First Malware Targeting AWS Lambda (lien direct) | Researchers have come across what appears to be the first piece of malware designed to specifically target AWS Lambda environments. | Malware | ||
|
2022-04-04 13:42:44 | New Android Spyware Uses Turla-Linked Infrastructure (lien direct) | Lab52 security researchers have dissected a new piece of Android malware that they discovered while analyzing infrastructure associated with Russian cyberespionage group Turla. | Malware | ||
|
2022-03-31 17:27:39 | SentinelLabs: New Modem Wiper Malware May be Connected to Viasat Hack (lien direct) | A pair of security researchers at SentinelLabs have intercepted a piece of destructive wiper malware hitting routers and modems and found digital breadcrumbs suggesting a link to the devastating Viasat hack that took down wind turbines in Germany. | Malware Hack | ||
|
2022-03-24 15:42:32 | New Vidar Infostealer Campaign Hidden in Help File (lien direct) | Researchers discovered an email malware campaign in February 2022 that demonstrates the complexity attackers are introducing to the delivery mechanism in order to avoid detection. The new campaign delivers an old but frequently updated infostealer: Vidar. | Malware | ||
|
2022-03-23 14:26:08 | Chinese Cyberspies Seen Using macOS Variant of \'Gimmick\' Malware (lien direct) | In late 2021, incident response and threat intelligence firm Volexity observed a Chinese threat actor using a macOS variant of the malware known as Gimmick. | Malware Threat | ||
|
2022-03-22 17:22:44 | \'Serpent\' Backdoor Used in Malware Attacks on French Entities (lien direct) | French organizations in the construction, government, and real estate sectors have been targeted with a new backdoor in a string of malware attacks, according to a warning from Proofpoint. | Malware | ||
|
2022-03-15 11:38:33 | CaddyWiper: Another Destructive Wiper Malware Targeting Ukraine (lien direct) | ESET's security researchers have identified another data wiper targeting Ukrainian organizations, the third destructive malware identified since Russia began its invasion of the country. Dubbed CaddyWiper, the threat does not show significant code similarities with known malware families, and has been used only against a small number of organizations. | Malware Threat | ★★★★ | |
|
2022-03-07 12:20:18 | Google Fights Phishing With Updated Workspace Notifications (lien direct) | Google has made some changes to Google Workspace comment notifications in an effort to protect users against malware and phishing attacks. Previously, email notifications that were automatically sent to a user when someone mentioned them in a comment in a Google Workspace document only included the comment and the commenter's name. | Malware | ||
|
2022-03-01 15:35:11 | Cyberattacks in Ukraine: New Worm-Spreading Data-Wiper With Ransomware Smokescreen (lien direct) | Cybersecurity researchers tracking destructive data-wiping malware attacks in Ukraine are finding signs of new malware with worm-spreading capabilities and what appears to be a rudimentary ransomware decoy. | Ransomware Malware | ||
|
2022-03-01 14:30:26 | Three Ways to Defeat Ransomware (lien direct) | Ransomware is very difficult to stop, mostly because the attackers are adept at locking up a network long before anybody in an organization even sees a ransom note. In many attacks, the malware combines an encryption payload with automated propagation. | Ransomware Malware | ||
|
2022-03-01 02:49:28 | A Free-for-All But No Crippling Cyberattacks in Ukraine War (lien direct) | Russia has some of the best hackers in the world, but in the early days of the war in Ukraine, its ability to create mayhem through malware hasn't had much of a noticeable impact. | Malware | ||
|
2022-02-28 21:51:06 | Microsoft: Cyberattacks in Ukraine Hitting Civilian Digital Targets (lien direct) | Microsoft is calling attention to a surge in cyber attacks on Ukrainian civilian digital targets, warning that the new “digital war” includes destructive malware attacks on emergency response services and humanitarian aid efforts. The Redmond, Wash. software giant said the attacks on civilian targets raise serious concerns under the Geneva Convention. | Malware | ||
|
2022-02-28 16:52:01 | Symantec: Super-Stealthy \'Daxin\' Backdoor Linked to Chinese Threat Actor (lien direct) | Threat hunters at Symantec are calling global attention to a new, highly sophisticated piece of malware being used by a Chinese threat actor to burrow into -- and hijack data from -- government and critical infrastructure targets. | Malware Threat | ||
|
2022-02-28 16:06:59 | CISA, FBI Issue Warnings on WhisperGate, HermeticWiper Attacks (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released indicators of compromise to help threat hunters look for signs of WhisperGate and HermeticWiper, two destructive malware files seen in recent attacks against organizations in Ukraine. | Malware Threat | ||
|
2022-02-24 11:59:38 | Destructive \'HermeticWiper\' Malware Targets Computers in Ukraine (lien direct) | Just as Russia was preparing to launch an invasion of Ukraine, Ukrainian government websites were disrupted by DDoS attacks and cybersecurity firms reported seeing what appeared to be a new piece of malware on hundreds of devices in the country. | Malware | ||
|
2022-02-24 11:34:25 | New \'Cyclops Blink\' Malware Linked to Russian State Hackers Targets Firewalls (lien direct) | Russia-Linked Sandworm Group Replaces VPNFilter With New Malware | Malware | VPNFilter VPNFilter |
To see everything:
Our RSS (filtrered)
