What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-11-03 19:14:10 | Offense Gets the Glory, but Defense Wins the Game (lien direct) | When it comes to cybercriminals, defense evasion remains the top tactic globally. In fact, it was the most employed tactic by malware developers in the past six months – and they're often using system binary proxy execution to do so. Hiding malicious intentions is one of the most important actions for adversaries. Therefore, they are attempting to evade defenses by masking malicious intention and attempting to hide commands using a legitimate certificate. | Malware | ||
|
2022-11-03 10:14:02 | Over 250 US News Websites Deliver Malware via Supply Chain Attack (lien direct) | Hundreds of regional and national news websites in the United States are delivering malware as a result of a supply chain attack involving one of their service providers. | Malware | ||
|
2022-10-25 21:05:19 | US Charges Ukrainian \'Raccoon Infostealer\' With Cybercrimes (lien direct) | A Ukrainian man has been charged with computer fraud for allegedly infecting millions of computers with malware in a cybercrime operation known as "Raccoon Infostealer," the US Justice Department said Tuesday. | Malware | ||
|
2022-10-21 10:28:32 | CISA Tells Organizations to Patch Linux Kernel Vulnerability Exploited by Malware (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a Linux kernel flaw to its Known Exploited Vulnerabilities Catalog and instructed federal agencies to address it within three weeks. | Malware Vulnerability | ||
|
2022-10-17 15:55:24 | Zimbra Patches Under-Attack Code Execution Bug (lien direct) | Messaging and collaboration software maker Zimbra has rushed out patches to provide cover for a code execution flaw that has already been exploited to plant malware on target machines. | Malware | ||
|
2022-10-12 12:19:36 | QBot Malware Infects Over 800 Corporate Users in New, Ongoing Campaign (lien direct) | More than 800 corporate users have been infected in a new QBot malware distribution campaign since September 28, Kaspersky warns. | Malware | ||
|
2022-09-29 17:05:59 | North Korean Gov Hackers Caught Rigging Legit Software (lien direct) | Threat hunters at Microsoft have intercepted a notorious North Korean government hacking group lacing legitimate open source software with custom malware capable of data theft, espionage, financial gain and network destruction. | Malware | ||
|
2022-09-27 18:44:39 | Researchers Crowdsourcing Effort to Identify Mysterious Metador APT (lien direct) | Cybersecurity sleuths at SentinelLabs are calling on the wider threat hunting community to help decipher a new mysterious malware campaign hitting telcos, ISPs and universities in the Middle East and Africa. | Malware Threat | ||
|
2022-09-27 13:24:21 | New Infostealer Malware \'Erbium\' Offered as MaaS for Thousands of Dollars (lien direct) | Security researchers are warning of a new information stealer named Erbium being distributed under the Malware-as-a-Service (MaaS) model. The threat made its initial appearance in late July, when a Russian speaking threat actor started advertising it on a dark web forum. | Malware Threat | ||
|
2022-09-21 10:14:28 | VMware Warns of \'ChromeLoader\' Delivering Ransomware, Destructive Malware (lien direct) | VMware's Carbon Black team warns that the ChromeLoader malware is now delivering malware such as ZipBomb and the Enigma ransomware to business services and government organizations. | Ransomware Malware | ||
|
2022-09-14 11:45:00 | Malware Infects Magento-Powered Stores via FishPig Distribution Server (lien direct) | For the past several weeks, Magento stores have been injected with malware via a supply chain attack that targeted the FishPig distribution server. Specialized in Magento optimizations and Magento-WordPress integrations, FishPig offers various Magento extensions that have gathered over 200,000 downloads. | Malware | ||
|
2022-09-13 10:15:39 | Spyware, Ransomware, Cryptojacking Malware Increasingly Detected on ICS Devices (lien direct) | Spyware, ransomware and cryptojacking malware have been increasingly detected on industrial control system (ICS) computers, according to data collected in the first half of 2022 by cybersecurity firm Kaspersky. | Ransomware Malware | ||
|
2022-09-08 18:01:32 | New \'Shikitega\' Linux Malware Grabs Complete Control of Infected Systems (lien direct) | Security researchers with AT&T Alien Labs are warning of a new piece of malware that can take full control of infected Linux systems, including Internet of Things (IoT) devices. | Malware | ||
|
2022-08-25 10:16:06 | Microsoft Details New Post-Compromise Malware Used by Russian Cyberspies (lien direct) | Microsoft this week published technical details on 'MagicWeb', a new post-exploitation tool used by Russia-linked cyberespionage group APT29. | Malware Tool | APT 29 | |
|
2022-08-18 12:54:17 | North Korean Hackers Use Fake Job Offers to Deliver New macOS Malware (lien direct) | Researchers with cybersecurity company ESET have observed a new macOS malware sample developed by the infamous North Korean advanced persistent threat (APT) actor Lazarus. | Malware Threat | APT 38 | |
|
2022-08-18 11:41:44 | Evasive \'DarkTortilla\' Crypter Delivers RATs, Targeted Malware (lien direct) | Secureworks security researchers have analyzed 'DarkTortilla', a .NET-based crypter used to deliver both popular malware and targeted payloads. | Malware | ||
|
2022-08-17 14:25:29 | 81% of Malware Seen on USB Drives in Industrial Facilities Can Disrupt ICS: Honeywell (lien direct) | 
|
Malware | ||
|
2022-08-15 09:59:25 | Chinese Cyberspies Use Supply Chain Attack to Deliver Windows, macOS Malware (lien direct) | China-linked cyberespionage group Iron Tiger was observed using the compromised servers of a chat application for the delivery of malware to Windows and macOS systems, Trend Micro reports. | Malware | APT 27 | |
|
2022-08-08 13:29:22 | Meta Disrupted Two Cyberespionage Operations in South Asia (lien direct) | Facebook's parent company Meta took action earlier this year against two cross-platform cyberespionage operations that relied on various online services for malware distribution. | Malware | ||
|
2022-08-08 11:17:56 | (Déjà vu) US, Australian Cybersecurity Agencies Publish List of 2021\'s Top Malware (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) have published a joint advisory to detail the top malware strains of 2021. | Malware | ||
|
2022-08-04 10:33:22 | VirusTotal Data Shows How Malware Distribution Leverages Legitimate Sites, Apps (lien direct) | Google-owned malware analysis service VirusTotal has published a report showing how threat actors abuse trust to bypass defenses and deliver their malware. According to data collected by VirusTotal, legitimate websites and applications are often leveraged for malware delivery. | Malware Threat | ||
|
2022-07-27 11:15:16 | Dozens of \'Luca Stealer\' Malware Samples Emerge After Source Code Made Public (lien direct) | Security researchers have observed an uptick in new Luca Stealer samples after the malware's source code was made public. Coded in Rust, the malware was initially observed in early July 2022, when its developer posted the source code on cybercrime forums, likely in an effort to boost their reputation. | Malware | ||
|
2022-07-22 15:22:47 | Intezer Documents Powerful \'Lightning Framework\' Linux Malware (lien direct) | Security researchers at Intezer are documenting the discovery of a powerful piece of Linux malware that can stay undetected and has the ability to install rootkits. | Malware | ||
|
2022-07-21 13:31:37 | USCYBERCOM Releases IoCs for Malware Targeting Ukraine (lien direct) | The United States Cyber Command (USCYBERCOM) this week released indicators of compromise (IoCs) associated with malware families identified in recent attacks targeting Ukraine. | Malware | ||
|
2022-07-20 15:03:45 | Google, EU Warn of Malicious Russian Cyber Activity (lien direct) | Russia-linked Turla threat actor spotted using Android malware for first time Google and the European Union have issued separate warnings this week over Russian cyberattacks and misinformation campaigns. | Malware Threat | ||
|
2022-07-19 15:28:29 | New \'CloudMensis\' macOS Spyware Used in Targeted Attacks (lien direct) | Researchers at cybersecurity company ESET have analyzed a previously undocumented macOS malware that appears to have been used in targeted attacks to steal valuable information from compromised systems. | Malware | ★★★★ | |
|
2022-07-19 13:20:21 | Ongoing \'Roaming Mantis\' Smishing Campaign Hits Over 70,000 Users in France (lien direct) | A Chinese threat actor named Roaming Mantis has been targeting Android users in France with the MoqHao malware in a new smishing campaign, security researchers with Sekoia warn. | Malware Threat | ||
|
2022-07-18 12:10:24 | PLC and HMI Password Cracking Tools Deliver Malware (lien direct) | Tools advertised as being capable of cracking passwords for HMIs, PLCs and other industrial products have been found to exploit a zero-day vulnerability, and threat actors are using these tools to deliver malware. | Malware Threat | ||
|
2022-07-11 12:07:04 | \'Raspberry Robin\' Windows Worm Abuses QNAP Devices (lien direct) | A recently discovered Windows worm is abusing compromised QNAP network-attached storage (NAS) devices as stagers to spread to new systems, according to Cybereason. Dubbed Raspberry Robin, the malware was initially spotted in September 2021, spreading mainly via removable devices, such as USB drives. | Malware | ||
|
2022-07-06 15:51:48 | Is an Infrastructure War on the Horizon? (lien direct) | On February 24, Russia launched its full-scale assault on Ukraine. The invader's weapons included tanks, heavy artillery… and software. On April 8, attackers armed with Industroyer2, a species of malware designed to incapacitate power stations and plunge whole cities into darkness, managed to briefly penetrate Ukrainian defenses, putting two million homes at risk. | Malware | ||
|
2022-06-30 12:31:52 | SOHO Routers in North America and Europe Targeted With \'ZuoRAT\' Malware (lien direct) | A remote access trojan (RAT) targeting small office/home office (SOHO) devices has remained undetected for nearly two years, according to security researchers with Black Lotus Labs, the threat intelligence arm of Lumen Technologies. | Malware Threat | ||
|
2022-06-16 17:53:41 | \'MaliBot\' Android Malware Steals Financial, Personal Information (lien direct) | Researchers at F5 Labs have nabbed a new Android malware family capable of exfiltrating financial and personal information after taking control of infected devices. | Malware | ||
|
2022-06-16 17:19:09 | Volexity Blames \'DriftingCloud\' APT For Sophos Firewall Zero-Day (lien direct) | Big-game malware hunters at Volexity are shining the spotlight on a sophisticated Chinese APT caught recently exploiting a Sophos firewall zero-day to plant backdoors and launch man-in-the-middle attacks. | Malware | ||
|
2022-06-14 12:10:06 | Chinese Cyberespionage Group Starts Using New \'PingPull\' Malware (lien direct) | A Chinese state-sponsored threat actor known as Gallium has been using new malware in recent attacks that have been targeting organizations in the telecommunications, financial, and government sectors, Palo Alto Networks reports. | Malware Threat | ||
|
2022-06-10 10:08:04 | Highly-Evasive Linux Malware \'Symbiote\' Infects All Running Processes (lien direct) | Security researchers with BlackBerry and Intezer have shared details on a new Linux malware that “parasitically” infects all running processes on a target machine. | Malware | ||
|
2022-06-09 13:51:23 | \'Follina\' Vulnerability Exploited to Deliver Qbot, AsyncRAT, Other Malware (lien direct) | Several malware families are being delivered using the recently disclosed Windows vulnerability identified as Follina and CVE-2022-30190, which remains without an official patch. | Malware Vulnerability | ||
|
2022-06-01 11:44:02 | Europol Announces Takedown of FluBot Mobile Spyware (lien direct) | Europol today announced the takedown of FluBot, a piece of mobile malware targeting both Android and iOS devices that has been fast-spreading via SMS messages. | Malware | ||
|
2022-05-24 10:41:48 | Cybersecurity Community Warned of Fake PoC Exploits Delivering Malware (lien direct) | Researchers have spotted fake proof-of-concept (PoC) exploits that appear to have been created by threat actors in an effort to deliver malware to members of the cybersecurity community. | Malware Threat | ||
|
2022-05-23 08:52:29 | IBM Dives Into TrickBot Gang\'s Malware Crypting Operation (lien direct) | Researchers with IBM Security's X-Force division have analyzed 13 crypters employed by the cybercrime group behind the infamous TrickBot and Conti malware. | Malware | ||
|
2022-05-19 17:35:51 | Researchers Spot Supply Chain Attack Targeting GitLab CI Pipelines (lien direct) | Security researchers at SentinelLabs are calling attention to a software chain supply attack targeting Rust developers with malware aimed directly at infecting GitLab Continuous Integration (CI) pipelines. | Malware | ||
|
2022-05-16 15:12:22 | Hackers Can Abuse Low-Power Mode to Run Malware on Powered-Off iPhones (lien direct) | 
|
Malware | ||
|
2022-05-10 18:02:52 | New Malware Samples Indicate Return of REvil Ransomware (lien direct) | New malware samples and a new Tor-based leak website suggest that the REvil ransomware operation has been resumed. Secureworks, which tracks the group behind REvil as Gold Southfield, has conducted an analysis of malware samples apparently created in March and April, and determined that the developer likely has access to the original REvil source code. | Ransomware Malware | ★★★ | |
|
2022-05-04 19:25:46 | Kaspersky Warns of Fileless Malware Hidden in Windows Event Logs (lien direct) | Threat hunters at Kaspersky are publicly documenting a malicious campaign that abuses Windows event logs to store fileless last stage Trojans and keep them hidden in the file system. | Malware | ||
|
2022-05-04 19:16:02 | Google Sees More APTs Using Ukraine War-Related Themes (lien direct) | Researchers at Google's Threat Analysis Group (TAG) say the number of advanced threat actors using Ukraine war-related themes in cyberattacks went up in April with a surge in malware attacks targeting critical infrastructure. | Malware Threat | ||
|
2022-05-04 11:20:20 | Chinese Hackers Abuse Cybersecurity Products for Malware Execution (lien direct) | Researchers at cybersecurity firm SentinelOne have observed a Chinese hacking group taking a trial-and-error approach to abusing antivirus applications for the sideloading of malicious DLLs. | Malware | ||
|
2022-05-04 10:37:29 | Vulnerabilities Allow Hijacking of Most Ransomware to Prevent File Encryption (lien direct) | A researcher has shown how a type of vulnerability affecting many ransomware families can be exploited to control the malware and terminate it before it can encrypt files on compromised systems. | Ransomware Malware Vulnerability | ||
|
2022-05-03 10:08:45 | Russian Cyberspies Target Diplomats With New Malware (lien direct) | Russian cyberespionage group APT29 has been observed using new malware and techniques in phishing campaigns targeting diplomatic organizations in Europe, the Americas, and Asia, Mandiant reports. | Malware | APT 29 | |
|
2022-05-02 10:05:30 | New \'Bumblebee\' Malware Loader Used by Several Cybercrime Groups (lien direct) | Cybersecurity companies have analyzed “Bumblebee,” a relatively new custom malware downloader that appears to have been used by several cybercrime groups. | Malware | ||
|
2022-04-28 16:40:59 | Microsoft Warns of \'Nimbuspwn\' Security Flaws Haunting Linux (lien direct) | Vulnerability researchers at Microsoft are documenting the discovery of a pair of Linux privilege escalation flaws that could be chained together to plant dangerous malware or backdoors. | Malware | ||
|
2022-04-28 15:41:05 | 1.2 Million Bad Apps Blocked From Reaching Google Play in 2021 (lien direct) | Google claims that it prevented 1.2 million bad applications from reaching Google Play in 2021, but cybercriminals are still finding ways to deliver malware through the official Android app store. | Malware |
To see everything:
Our RSS (filtrered)
