What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-11-19 17:10:44 | New \'SharkBot\' Android Banking Malware Hitting U.S., UK and Italy Targets (lien direct) | A new Android banking trojan has been found, targeting international banks from the United Kingdom and Italy (including in the U.S.). and five different cryptocurrency services. Twenty-two instances have been discovered, but more are expected. | Malware | ||
|
2021-11-16 12:47:34 | Emotet Using TrickBot to Get Back in the Game (lien direct) | Roughly one million computers were freed of the Emotet malware in April this year, but the botnet might reappear, as the Trojan's developers have apparently started distributing it again. | Malware | ||
|
2021-11-15 12:47:22 | IoT Protocol Used by NASA, Siemens and Volkswagen Can Be Exploited by Hackers (lien direct) | Researchers Warn DDS Protocol Can Be Abused for Lateral Movement and Malware C&C Researchers have shown that a widely used protocol named Data Distribution Service (DDS) is affected by vulnerabilities that could be exploited by threat actors for various purposes. | Malware Threat | ||
|
2021-11-12 17:55:01 | \'BotenaGo\' Malware Targets Routers, IoT Devices with Over 30 Exploits (lien direct) | A newly discovered Golang-based malware is using over 30 exploits in attacks, potentially putting millions of routers and Internet of Things (IoT) at risk of malware infection, according to a warning from AT&T Alien Labs. | Malware | ||
|
2021-11-12 11:59:37 | macOS Zero-Day Exploited to Deliver Malware to Users in Hong Kong (lien direct) | Google on Thursday shared details about a recent attack that exploited a zero-day vulnerability in macOS to deliver malware to users in Hong Kong. | Malware Vulnerability | ||
|
2021-11-10 16:17:33 | South Korean Users Targeted with Android Spyware \'PhoneSpy\' (lien direct) | More than 1,000 mobile phone users in South Korea have been targeted with a powerful piece of Android spyware as part of an ongoing campaign, according to a new report from Zimperium zLabs. Dubbed PhoneSpy, the malware was designed with extensive spyware capabilities inside, such including data theft, audio and video capture, and location monitoring. | Malware | ★★★ | |
|
2021-11-05 17:24:49 | \'Critical Severity\' Warning: Malware Found in Widely Deployed npm Packages (lien direct) | Software supply chain security jitters escalated again Friday with new “critical severity” warnings about malware embedded in two npm package managers widely used by some of the biggest names in tech. | Malware | ||
|
2021-11-01 19:07:48 | Tens of Thousands Download "AbstractEmu" Android Rooting Malware (lien direct) | Malware hunters at Lookout Security have discovered a new Android rooting malware that managed to score tens of thousands of downloads through Google Play and third-party application stores. | Malware | ||
|
2021-10-29 13:10:46 | Russian Man Extradited to U.S. for Role in TrickBot Malware Development (lien direct) | A Russian national has been extradited from South Korea to the United States to face charges for his alleged role in the cybercriminal organization behind the TrickBot malware. | Malware | ||
|
2021-10-23 16:24:37 | \'Critical Severity\' Warning for Malware Embedded in Popular JavaScript Library (lien direct) | Security responders are scrambling this weekend to assess the damage from crypto-mining malware embedded in an npm package (JavaScript library) that counts close to 8 million downloads per week. | Malware | ||
|
2021-10-22 08:51:49 | Cookie Theft Malware Used to Hijack YouTube Accounts (lien direct) | Google says it has disrupted phishing attacks in which threat actors were attempting to use cookie theft malware to hijack YouTube accounts and abuse them to promote cryptocurrency scams. | Malware Threat | ||
|
2021-10-21 11:31:50 | Two Bulletproof Hosting Administrators Sentenced to Prison in U.S. (lien direct) | The United States Department of Justice this week announced that two individuals involved in providing bulletproof hosting to various malware families were sentenced to prison. | Malware | ||
|
2021-10-15 13:22:31 | Russia-Linked TA505 Back at Targeting Financial Institutions (lien direct) | Russia-linked threat actor TA505 has been observed using a lightweight Office file for malware distribution in a new campaign targeting financial institutions in multiple geographies. The attacks target organizations across multiple sectors in Canada, the United States, Hong Kong, Europe, and more, and have seen low detection rates in Google's VirusTotal scanning engine. | Malware Threat | ||
|
2021-10-13 12:20:12 | Apple Points to Android Malware Infections in Argument Against Sideloading on iOS (lien direct) | Apple Threat Analysis Report Highlights Risks Posed by Sideloading on iOS Apple on Wednesday published a 30-page threat analysis report in an effort to show why allowing sideloading on iOS would pose serious privacy and security risks to iPhone users. | Malware Threat | ||
|
2021-10-08 14:26:39 | FontOnLake Linux Malware Used in Targeted Attacks (lien direct) | A previously unknown, modular malware family that targets Linux systems has been used in targeted attacks to collect credentials and gain access to victim systems, ESET reported on Thursday. | Malware | ||
|
2021-09-29 17:03:38 | Akamai to Acquire Guardicore in $600M Zero Trust Tech Deal (lien direct) | Edge security and content delivery giant Akamai Technologies on Wednesday announced plans to spend $600 million to acquire Guardicore, an Israeli micro-segmentation technology startup. Akamai said the deal would add new capabilities to help customers thwart ransomware attacks by blocking the spread of malware within an already-compromised enterprise. | Ransomware Malware | ||
|
2021-09-29 16:29:56 | Cyberespionage Implant Delivered via Targeted Government DNS Hijacking (lien direct) | Threat hunters at Kaspersky have intercepted a new cyberespionage implant being delivered via targeted DNS hijacking of government zones in Eastern Europe and published a new report Wednesday with clues linking the malware to the SolarWinds attackers. | Malware | ||
|
2021-09-28 17:28:54 | Microsoft Details FoggyWeb Backdoor Used by SolarWinds Hackers (lien direct) | Microsoft on Monday published a blog post detailing a piece of malware used by the threat actor behind the SolarWinds attack to exfiltrate data from compromised servers. | Malware Threat | ||
|
2021-09-20 13:11:59 | Attackers Use Linux Binaries as Loaders for Windows Malware (lien direct) | Using Microsoft's Windows Subsystem for Linux (WSL), attackers have leveraged Linux binaries to load payloads into Windows processes, according to researchers with Black Lotus Labs, the threat intelligence unit of tech company Lumen. | Malware Threat | ||
|
2021-09-02 19:01:26 | Hacked SolarWinds Software Lacked Basic Anti-Exploit Mitigation: Microsoft (lien direct) | Software vendor SolarWinds failed to enable an anti-exploit mitigation available since the launch of Windows Vista 15 years ago, an oversight that made it easy for attackers to launch targeted malware attacks in July this year. | Malware | ||
|
2021-09-01 09:53:39 | Proxyware Platforms Increasingly Targeted by Cybercriminals (lien direct) | Proxyware platforms are increasingly targeted in cybercrime operations aimed at distributing malware or at monetizing the internet bandwidth of victims, according to Cisco's Talos research and intelligence unit. | Malware | ★★ | |
|
2021-08-26 18:13:01 | FIN8 Hackers Add \'Sardonic\' Backdoor to Malware Arsenal (lien direct) | The financially-motivated threat actor tracked as FIN8 has added a potent new backdoor to its arsenal and is already using it in attacks in-the-wild, according to researchers at endpoint security firm Bitdefender. | Malware Threat | ||
|
2021-08-26 09:03:59 | (Déjà vu) CISA Details Additional Malware Targeting Pulse Secure Appliances (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week released five new analysis reports detailing malware discovered on compromised Pulse Secure devices. | Malware | ||
|
2021-08-24 13:45:24 | FBI Shares Details on "OnePercent Group" Ransomware Operators (lien direct) | The FBI on Monday published details on the activities of a cybercrime group that uses ransomware and other malware to encrypt and exfiltrate data and extort victims. | Ransomware Malware | ||
|
2021-08-17 16:03:33 | Houdini Malware Returns and Amazon\'s Sidewalk Enter Corporate Networks (lien direct) | The nature of a secure access service edge (SASE) platform provides visibility into a large number of internet data flows – and the larger the platform, the more dataflows can be analyzed. An analysis of more than 250 billion network flows during Q2 2021 shows increasing threats, a new use of an old malware, and the growing incidence of consumer devices in the workplace. | Malware | ||
|
2021-08-06 12:39:29 | Prometheus TDS – Underground Service Distributing Several Malware Families (lien direct) | Group-IB security researchers have shared a technical analysis of Prometheus TDS, an underground service that over the past several months has been used for the distribution of various malware families, such as Buer Loader, Campo Loader, | Malware | ||
|
2021-08-05 10:59:01 | Researchers Analyze Chinese Malware Used Against Russian Government (lien direct) | At least two Chinese cyberespionage groups targeted Russian federal executive authorities in 2020, security researchers with threat hunting and intelligence firm Group-IB reveal. | Malware Threat | ||
|
2021-08-04 20:12:34 | Black Hat Keynote: Mobile Platforms \'Actively Obstructing\' Zero-Day Malware Hunters (lien direct) | Prominent security practitioner Matt Tait kicked off the annual Black Hat security conference Wednesday with a call for platform vendors to make major technology changes to help cope with the surge in major software supply chain attacks. | Malware | ||
|
2021-08-04 12:03:07 | Chinese Cyberspy Group APT31 Starts Targeting Russia (lien direct) | China-linked hacking group APT31 has been using new malware in recent attacks targeting Mongolia, Belarus, Canada, the United States, and - for the first time - Russia, according to enterprise cybersecurity firm Positive Technologies. | Malware | APT 31 | |
|
2021-08-02 15:20:49 | Chipotle\'s Email Marketing Account Hacked to Spread Malware (lien direct) | Nobelium-style Phishing Tactics Used to Spread Malware | Malware | ||
|
2021-07-30 15:25:25 | Russia\'s APT29 Still Actively Delivering Malware Used in COVID-19 Vaccine Spying (lien direct) | The Russian cyberespionage group known as APT29 and Cozy Bear is still actively delivering a piece of malware named WellMess, despite the fact that the malware was exposed and detailed last year by Western governments. | Malware | APT 29 APT 29 | |
|
2021-07-29 15:37:25 | How Low-level Hackers Access High-end Malware (lien direct) | Hacking tool downloads from underground forums are increasing, and the tools are becoming more sophisticated; low-level hackers are gaining access to hacked versions of sophisticated tools; access broking is growing; and existing tools are repurposed for more aggressive attacks. | Malware Tool | ||
|
2021-07-29 13:01:21 | Researchers Link Mysterious \'MeteorExpress\' Wiper to Iranian Train Cyberattack (lien direct) | Security researchers at SentinelOne have stumbled upon a hitherto unknown data-wiping malware that was part of a disruptive cyberattack against Iran's train system earlier this month. | Malware | ||
|
2021-07-26 19:36:42 | Apple Patches \'Actively Exploited\' Mac, iOS Security Flaw (lien direct) | Apple on Monday released a major security update with fixes for a security defect the company says “may have been actively exploited” to plant malware on macOS and iOS devices. | Malware | ||
|
2021-07-26 14:00:16 | Amnesty Urges Moratorium on Surveillance Technology in Pegasus Scandal (lien direct) | Allegations that governments used phone malware supplied by an Israeli firm to spy on journalists, activists and heads of state have "exposed a global human rights crisis," Amnesty International said, asking for a moratorium on the sale and use of surveillance technology. | Malware | ||
|
2021-07-22 11:52:38 | CISA Details Malware Used in Attacks Targeting Pulse Secure Devices (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday released analysis reports for 13 malware samples discovered on Pulse Secure devices that were compromised in recent attacks. | Malware | ||
|
2021-07-20 11:01:48 | UN Rights Chief Alarmed by Reported Use of Powerful Spyware (lien direct) | The United Nations' human rights chief voiced alarm Monday over the reported use of military-grade malware from Israel-based NSO Group to spy on journalists, human rights activists and political dissidents. | Malware | ||
|
2021-07-16 15:53:16 | Google: New Chrome Zero-Day Being Exploited (lien direct) | For the seventh time this year, Google is dealing with zero-day attacks targeting users of its flagship Chrome web browser. The search advertising giant released a Chrome security refresh overnight with a warning that malicious hackers are actively exploiting a critical type confusion vulnerability to launch malware attacks. | Malware Vulnerability | ||
|
2021-07-09 14:58:51 | ZLoader Adopts New Macro-Related Delivery Technique in Recent Attacks (lien direct) | The ZLoader malware family has switched to a new delivery mechanism in recent spam campaigns, fetching malicious code only after the initial attachment has been opened, McAfee reports. | Spam Malware | ||
|
2021-07-08 14:20:43 | Use of Common Malware in Operation Targeting Energy Sector Makes Attribution Difficult (lien direct) | Researchers at cybersecurity firm Intezer have been monitoring a campaign that appears to be mainly aimed at the energy sector, but attribution to a known threat group is made difficult by the fact that the operation involves several common malware families. | Malware Threat | ||
|
2021-07-08 13:01:17 | Mac Malware Used in Attacks Targeting Industrial Organizations in Middle East (lien direct) | A malicious campaign focused on the industrial sector in the Middle East has been expanded to also target Mac computers, security researchers at Kaspersky have discovered. | Malware | ||
|
2021-07-08 11:24:50 | Emails Offering Kaseya Patches Deliver Malware (lien direct) | IT management software maker Kaseya is still working on patching the vulnerabilities exploited in the recent ransomware attack, but some cybercriminals are sending out emails offering the patches in an effort to distribute their malware. | Ransomware Malware Patching | ||
|
2021-07-02 15:59:37 | Hackers Compromise Mongolian Certificate Authority to Spread Malware (lien direct) | An unknown threat actor has compromised the servers of Mongolian certificate authority (CA) MonPass and abused the organization's website for malware distribution, according to security researchers at Avast. | Malware Threat | ||
|
2021-06-29 11:38:14 | Malvuln Project Catalogues 260 Vulnerabilities Found in Malware (lien direct) | 
|
Malware | ||
|
2021-06-22 16:18:41 | Much of Malware Found by Industrial Firms on USB Drives in 2020 Targeted OT (lien direct) | 
|
Malware Threat | ||
|
2021-06-22 10:10:19 | Research Shows Many Security Products Fail to Detect Android Malware Variants (lien direct) | A group of academic researchers has created a tool that can be used to clone Android malware and test the resilience of these new variants against anti-malware detection. | Malware Tool | ||
|
2021-06-17 12:11:35 | Russian Accused of Helping Kelihos Malware Evade Detection Convicted in U.S. (lien direct) | A Russian national accused of operating online services designed to help malware evade detection by security products was convicted this week in the United States. | Malware | ||
|
2021-06-07 17:06:15 | \'Siloscape\' Malware Targets Windows Server Containers (lien direct) | A newly identified piece of malware that targets Windows Server containers can execute code on the underlying node and then spread in the Kubernetes cluster, according to a warning from security researchers at Palo Alto Networks. | Malware | Uber | |
|
2021-06-07 10:36:39 | Russian Hackers Use New \'SkinnyBoy\' Malware in Attacks on Military, Government Orgs (lien direct) | The Russia-linked threat group known as APT28 has been observed using a new backdoor in a series of attacks targeting military and government institutions, researchers with threat intelligence company Cluster25 reveal. | Malware Threat | APT 28 | ★★★ |
|
2021-06-01 22:44:15 | Poisoned Installers Found in Solarwinds Hackers Toolkit (lien direct) | The ongoing multi-vendor investigations into the Solarwinds mega-hack took another twist this week with the discovery of new malware artifacts that could be used in future supply chain attacks. | Malware |
To see everything:
Our RSS (filtrered)
