Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-01-19 18:25:55 |
Hundreds of Networks Still Host Devices Infected With VPNFilter Malware (lien direct) |
The VPNFilter malware is still present in hundreds of networks and malicious actors could take control of the infected devices, according to researchers at cybersecurity firm Trend Micro.
|
Malware
|
VPNFilter
VPNFilter
|
|
|
2021-01-19 13:09:32 |
SolarWinds Hackers Used \'Raindrop\' Malware for Lateral Movement (lien direct) |
The threat group behind the supply chain attack that targeted Texas-based IT management company SolarWinds leveraged a piece of malware named Raindrop for lateral movement and deploying additional payloads, Broadcom-owned cybersecurity firm Symantec reported on Tuesday.
|
Malware
Threat
|
Solardwinds
|
|
|
2021-01-15 13:12:25 |
Malvuln Project Catalogues Vulnerabilities Found in Malware (lien direct) |
A researcher has launched Malvuln, a project that catalogues vulnerabilities discovered in malware and provides information on how those vulnerabilities can be exploited.
|
Malware
|
|
|
|
2021-01-12 12:04:51 |
\'Sunspot\' Malware Used to Insert Backdoor Into SolarWinds Product in Supply Chain Attack (lien direct) |
CrowdStrike, one of the cybersecurity companies called in by IT management firm SolarWinds to investigate the recently disclosed supply chain attack, on Monday shared details about a piece of malware used by the attackers to insert a backdoor into SolarWinds' Orion product.
|
Malware
|
Solardwinds
|
★★★
|
|
2021-01-11 13:47:16 |
Malware Used in SolarWinds Attack Linked to Backdoor Attributed to Turla Cyberspies (lien direct) |
Researchers have identified some similarities between the Sunburst malware used in the SolarWinds supply chain attack and Kazuar, a backdoor that appears to have been used by the Russia-linked cyber-espionage group known as Turla.
|
Malware
Mobile
|
Solardwinds
Solardwinds
|
|
|
2021-01-07 19:01:38 |
Ezuri Memory Loader Abused in Linux Attacks (lien direct) |
Security researchers at AT&T's Alien Labs have identified multiple malware attacks leveraging the Ezuri memory loader to execute payloads without writing them to disk.
|
Malware
|
|
|
|
2021-01-06 20:44:06 |
\'Earth Wendigo\' Hackers Exfiltrate Emails Through JavaScript Backdoor (lien direct) |
A newly identified malware attack campaign has been exfiltrating emails from targeted organizations using a JavaScript backdoor injected into a webmail system widely used in Taiwan.
|
Malware
|
|
★★★★★
|
|
2019-10-07 13:44:35 |
New Campaign Targets Drupalgeddon2 Flaw to Install Malware (lien direct) |
Hackers continue to target the Drupal vulnerability named Drupalgeddon2 to install malware onto unpatched systems, Akamai's security researchers have discovered.
|
Malware
Vulnerability
|
|
|
|
2019-10-03 14:49:58 |
Adwind Malware Used in Attacks Against U.S. Petroleum Firms (lien direct) |
Attackers using the Adwind remote access Trojan (RAT) are targeting petroleum firms in the United States in a recent campaign, researchers from Netskope report.
|
Malware
|
|
|
|
2019-10-03 14:30:31 |
Alabama Hospital System Halts Admissions Amid Malware Attack (lien direct) |
A hospital system that serves a large part of rural west Alabama temporarily quit accepting new patients after a ransomware attack crippled some of its computer systems Tuesday.
|
Ransomware
Malware
|
|
|
|
2019-10-02 18:59:10 |
MasterMana Campaign Combines Stealth, Free Services and Old Malware (lien direct) |
An ongoing cybercrime campaign that started as early as December 2018, has avoided widespread detection through a combination of stealth tactics and hiding in plain sight.
|
Malware
|
|
|
|
2019-09-30 15:05:45 |
\'WhiteShadow\' Downloader Employs Microsoft SQL for Malware Delivery (lien direct) |
Microsoft Office macros that collectively act as a stage downloader are utilizing Microsoft SQL queries to fetch malicious payloads, Proofpoint's security researchers report.
|
Malware
|
|
|
|
2019-09-30 12:10:18 |
New \'Gucci\' IoT Botnet Targets Europe (lien direct) |
Security researchers with SecNiche Security Labs have discovered a new piece of malware that attempts to ensnare Internet of Things (IoT) devices in Europe into a distributed denial-of-service (DDoS)-capable botnet.
|
Malware
|
|
|
|
2019-09-27 18:45:52 |
Malware Delivery Campaign Employs Advanced Fileless Techniques (lien direct) |
A recently observed malware delivery campaign employs advanced fileless techniques and an elusive network infrastructure that allows it to remain largely undetected.
|
Malware
|
|
|
|
2019-09-27 13:08:04 |
German Auto and Defense Firm Rheinmetall Says Malware Hit Several Plants (lien direct) |
Germany-based car parts and defense solutions provider Rheinmetall announced on Thursday that production at its automotive plants in the United States, Brazil and Mexico was disrupted as a result of a malware attack.
|
Malware
|
|
|
|
2019-09-24 18:56:47 |
North Korean-Linked Dtrack RAT Discovered (lien direct) |
An investigation into banking malware targeting India has led to the discovery of a new remote access Trojan (RAT) employed by the North Korean-linked Lazarus group, Kaspersky reports.
|
Malware
Medical
|
APT 38
|
|
|
2019-09-24 14:19:40 |
Additional U.S. Utilities Targeted With LookBack Malware (lien direct) |
Proofpoint security researchers have observed a new series of phishing attacks targeting entities in the United States utilities sector in an attempt to deliver the LookBack remote access Trojan (RAT).
|
Malware
|
|
|
|
2019-09-23 07:32:10 |
Mac Malware Poses as Trading App (lien direct) |
A Mac Trojan focused on stealing users' information was found masquerading as a legitimate trading application, Trend Micro's security researchers report.
|
Malware
|
|
|
|
2019-09-19 17:49:16 |
Phishing Emails Deliver Amadey Malware to U.S. Taxpayers (lien direct) |
A recently observed phishing campaign is targeting taxpayers in the United States in an attempt to infect their machines with a piece of malware named Amadey, Cofense security researchers have discovered.
|
Malware
|
|
|
|
2019-09-13 14:10:04 |
WiryJMPer Dropper Employs Heavy Obfuscation to Deliver Netwire (lien direct) |
A recently discovered malware dropper employs heavy obfuscation and poses as a virtual coin wallet, in an attempt to deliver a Netwire payload, Avast's security researchers reveal.
|
Malware
|
|
|
|
2019-09-11 02:10:05 |
Ransomware Attack Hits School District Twice in 4 Months (lien direct) |
A Connecticut school district's teachers are working without computer access less than a week after a second malware attack targeted the district's servers.
The Republican American reports the district shut any computers connected to the Wolcott school district networks Sept. 4 after a staff member reported suspicious activity on a district computer.
|
Ransomware
Malware
|
|
|
|
2019-09-09 14:09:05 |
U.S. Cyber Command Adds North Korean Malware Samples to VirusTotal (lien direct) |
The U.S. Cyber Command (USCYBERCOM) this week released 11 malware samples to VirusTotal, all of which appear related to the notorious North Korean-linked threat group Lazarus.
|
Malware
Threat
|
APT 38
|
|
|
2019-09-04 18:17:05 |
TrickBot Makes Heavy Use of Evasion in Recent Attacks (lien direct) |
The operators behind the TrickBot malware have made heavy use of evasion and anti-analysis techniques in recently observed attacks, security researchers warn.
|
Malware
|
|
★★★
|
|
2019-09-02 15:14:03 |
TrickBot Tricks U.S. Users into Sharing their PIN Codes (lien direct) |
The threat actor behind the infamous TrickBot botnet has added new functionality to their malware to request PIN codes from mobile users, Secureworks reports.
|
Malware
Threat
|
|
★★★
|
|
2019-08-28 20:36:02 |
(Déjà vu) Malware Found in Google Play App With 100 Million Downloads (lien direct) |
Security researchers have discovered malicious code in an Android application that has gathered over 100 million downloads on Google Play.
|
Malware
|
|
|
|
2019-08-28 20:31:01 |
Malware Takes Down Lumber Liquidators\' Network (lien direct) |
North American hard-surface flooring retailer Lumber Liquidators this week revealed that it managed to restore most of its network after a malware attack disabled parts of it for nearly a week.
|
Malware
|
|
|
|
2019-08-28 11:27:03 |
Avast, French Police Remove Retadup Malware From 850,000 PCs (lien direct) |
Cybersecurity firm Avast and French police have neutralized the Retadup malware on over 850,000 computers after taking control of its command and control (C&C) server.
|
Malware
|
|
|
|
2019-08-27 17:30:02 |
Dridex Operator Updates Tactics and Targets (lien direct) |
The threat actor behind the infamous Dridex and Locky malware families has updated tactics and expanded its target list in recent campaigns, Trend Micro reports.
|
Malware
Threat
|
|
|
|
2019-08-23 17:23:05 |
Asruex Malware Exploits Old vulnerabilities to Infect PDF, Word Docs (lien direct) |
A recently observed variant of the Asruex backdoor acts as an infector by targeting old vulnerabilities in Microsoft Office and Adobe Reader and Acrobat 9.x, Trend Micro reports.
|
Malware
|
|
|
|
2019-08-19 11:55:00 |
Organizations Expose Sensitive Data via Malware Analysis Sandboxes (lien direct) |
Researchers at UK-based threat intelligence firm Cyjax have studied files submitted to three popular online malware analysis sandboxes and found that many of the publicly accessible files contain sensitive information.
|
Malware
Threat
|
|
|
|
2019-08-15 12:46:04 |
DLL Hijacking Flaws Patched in Trend Micro Password Manager (lien direct) |
Trend Micro recently patched a couple of DLL hijacking vulnerabilities in Password Manager that could allow malicious actors to escalate privileges, make their malware persistent, and to load and execute their payloads via a signed service.
|
Malware
|
|
|
|
2019-08-13 07:45:00 |
SQLite Vulnerabilities Demoed With Hacking of iPhone, Malware C&C (lien direct) |
Researchers have uncovered some potentially serious SQLite vulnerabilities and they have demonstrated their findings by hacking an iPhone and a command and control (C&C) server used by malware.
|
Malware
|
|
|
|
2019-08-12 15:37:00 |
\'Cloud Atlas\' Cyberspies Use Polymorphic Malware in Government Attacks (lien direct) |
The Cloud Atlas threat group has continued conducting cyber espionage operations and its recent attacks have involved a new piece of polymorphic malware.
|
Malware
Threat
|
|
|
|
2019-08-11 15:27:02 |
Vulnerabilities in Device Drivers From 20 Vendors Expose PCs to Persistent Malware (lien direct) |
|
Malware
|
|
|
|
2019-08-09 15:01:01 |
Repurposing Mac Malware Not Difficult, Researcher Shows (lien direct) |
Repurposing Mac malware is not a difficult task for someone with reverse-engineering skills, and it's a far simpler approach compared to writing malware from scratch, a researcher has demonstrated.
|
Malware
|
|
|
|
2019-08-08 18:50:04 |
New Windows Process Injection Can Be Useful for Stealthy Malware (lien direct) |
|
Malware
|
|
|
|
2019-08-06 18:20:05 |
Baldr Malware: A Short-Lived Star or Info Stealer That Will Return? (lien direct) |
The Baldr malware is a bit of an enigma. Appearing first in late 2018, researchers at Sophos have tracked it through four rapid revisions until suddenly, on May 31, 2019, the distributor (overdot) declared that further development and support had ceased. Users had been expecting the developer -- thought to be LordOdin by Malwarebytes -- to deliver a major upgrade to version 4.0.
|
Malware
|
|
|
|
2019-08-06 15:08:00 |
Pakistani Man Bribed AT&T Employees to Unlock Phones, Plant Malware (lien direct) |
A Pakistani national has been charged by U.S. authorities for his role in a scheme that involved bribing employees of telecommunications giant AT&T to help unlock phones and plant malware on the company's network.
|
Malware
|
|
|
|
2019-08-02 16:34:01 |
New Mirai Variant Hides C&C Server on Tor Network (lien direct) |
A recently discovered variant of the Mirai Internet of Things (IoT) malware is using a command and control (C&C) server on the Tor network, Trend Micro's security researchers have discovered.
|
Malware
|
|
|
|
2019-08-02 14:39:05 |
New "LookBack" Malware Used in Attacks Against U.S. Utilities Sector (lien direct) |
A series of phishing attacks have been targeting U.S. companies in the utilities sector in an effort to infect systems with a new remote access Trojan (RAT), Proofpoint reports.
|
Malware
|
|
|
|
2019-07-31 14:31:03 |
Mobile Malware and Mobile Attackers are Getting More Sophisticated (lien direct) |
For many years, the primary threat to mobile devices was click-jacking and adware. But as the mobile device has become more deeply embedded in everybody's life, as mobile banking has increased and the amalgamation of personal data on devices has grown, so has the attraction of the mobile device increased for both cyber criminals and even nation states.
|
Malware
Threat
|
|
|
|
2019-07-29 14:24:00 |
Encrypted Threats, IoT Malware Surge Past 2018 Levels: Report (lien direct) |
The first half of 2019 was dominated by an increase in malware using encryption, and in malware targeting Internet of Things (IoT) devices, a recent SonicWall report reveals.
|
Malware
|
|
★★★★★
|
|
2019-07-26 15:25:01 |
British Cyber Expert to be Sentenced for Creating Malware (lien direct) |
Just as Marcus Hutchins was hailed as a hero for helping stop a worldwide computer virus in May 2017, his criminal past as a malware developer was about to catch up to him.
|
Malware
|
|
|
|
2019-07-26 15:00:03 |
Researchers Discover Android Surveillance Malware Built by Sanctioned Russian Firm (lien direct) |
Mobile security firm Lookout has discovered a new set of sophisticated custom Android surveillanceware tools developed and distributed by a Russian-based company.
|
Malware
|
|
|
|
2019-07-25 14:18:01 |
Guildma Malware Expands Targets Beyond Brazil (lien direct) |
Researchers at Avast have published a detailed analysis of a banking trojan they call Guildma. This is almost certainly the same malware as that described by Cybereason as Astaroth, but analyzed here in greater detail.
|
Malware
|
|
|
|
2019-07-25 05:16:04 |
Louisiana School Systems Cyber Attacked; Emergency Declared (lien direct) |
Louisiana Gov. John Bel Edwards has issued an emergency declaration after malware attacks against three school systems in the state have been detected.
|
Malware
|
|
|
|
2019-07-24 05:04:00 |
Indiana County Targeted in Malware Assault on Computers (lien direct) |
Officials of an Indiana county say they are trying to determine the extent of a malware attack on the county's computers.
Vigo County Commissioner Judith Anderson says commissioners were informed of a “ransomware” attack early Tuesday.
|
Malware
|
|
|
|
2019-07-19 17:46:01 |
Iranian Hackers Use New Malware in Recent Attacks (lien direct) |
The Iran-linked cyber-espionage group OilRig has started using three new malware families in campaigns observed over the past month, FireEye reports.
|
Malware
|
APT 34
|
★★★
|
|
2019-07-18 12:36:03 |
Malware Framework Gathers 1 Billion Ad Impressions in 3 Months (lien direct) |
Flashpoint security researchers have discovered a new malware framework that managed to gather over one billion fraudulent ad impressions in the past three months.
|
Malware
|
|
★★
|
|
2019-07-17 15:12:03 |
EvilGnome Malware Helps Hackers Spy on Linux Users (lien direct) |
Intezer security researchers have discovered a new backdoor targeting Linux systems with the purpose of spying on users.
|
Malware
|
|
|