Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2023-03-07 20:40:24 |
Hiatus Campaign Infects DrayTek Gear for Cyber Espionage, Proxy Control (lien direct) |
Two novel malware binaries, including "HiatusRAT," offer unique capabilities that point to the need for better security for companies' router infrastructure. |
Malware
|
|
★★
|
|
2023-03-01 19:34:00 |
Linux Support Expands Cyber Spy Group\'s Arsenal (lien direct) |
An infamous Chinese cyber-hacking team has extended its SysUpdate malware framework to target Linux systems. |
Malware
|
|
★★★
|
|
2023-02-28 18:55:00 |
WannaCry Hero & Kronos Malware Author Named Cybrary Fellow (lien direct) |
Marcus Hutchins, who set up a "kill switch" that stopped WannaCry's spread, later pled guilty to creating the infamous Kronos banking malware. |
Malware
|
Wannacry
Wannacry
|
★★★
|
|
2023-02-27 18:30:46 |
Mobile Banking Trojans Surge, Doubling in Volume (lien direct) |
Mobile malware developers were busy bees in 2022, flooding the cybercrime landscape with twice the number of banking trojans than the year before. |
Malware
|
|
★★★
|
|
2023-02-23 21:54:44 |
Pirated Final Cut Pro for macOS Offers Stealth Malware Delivery (lien direct) |
The number of people who have made the weaponized software available for sharing via torrent suggests that many unsuspecting victims may have downloaded the XMRig coin miner. |
Malware
|
|
★★
|
|
2023-02-23 19:54:00 |
Hydrochasma Threat Group Bombards Targets with Slew of Commodity Malware, Tools (lien direct) |
A previously unidentified threat group uses open source malware and phishing to conduct cyber-espionage on shipping and medical labs associated with COVID-19 treatments and vaccines. |
Malware
Threat
Medical
|
|
★★★
|
|
2023-02-23 18:50:35 |
Wiper Malware Surges Ahead, Spiking 53% in 3 Months (lien direct) |
Cybercriminals and hacktivists have joined state-backed actors in using sabotage-bent malware in destructive attacks, new report shows. |
Malware
|
|
★★
|
|
2023-02-08 22:31:00 |
CISA Releases Recovery Script for Victims of ESXiArgs Ransomware (lien direct) |
The malware has affected thousands of VMware ESXi hypervisors in the last few days. |
Ransomware
Malware
|
|
★★★
|
|
2023-02-07 19:18:00 |
New Banking Trojan Targeting 100M Pix Payment Platform Accounts (lien direct) |
New malware demonstrates how threat actors are pivoting toward payment platform attacks, researchers say. |
Malware
Threat
|
|
★★★
|
|
2023-02-06 22:11:00 |
Global Ransomware Attack on VMware EXSi Hypervisors Continues to Spread (lien direct) |
The fresh "ESXiArgs" malware is exploiting a 2-year-old RCE security vulnerability (tracked as CVE-2021-21974), resulting in thousands of unpatched servers falling prey to the campaign. |
Ransomware
Malware
Vulnerability
|
|
★★
|
|
2023-02-03 16:00:00 |
Scores of Redis Servers Infested by Sophisticated Custom-Built Malware (lien direct) |
At least 1,200 Redis servers worldwide have been infected with "HeadCrab" cryptominers since 2021. |
Malware
|
|
★
|
|
2023-02-01 02:05:00 |
How Can Disrupting DNS Communications Thwart a Malware Attack? (lien direct) |
Malware eventually has to exfiltrate the data it accessed. By watching DNS traffic for suspicious activity, organizations can halt the damage. |
Malware
|
|
★★★
|
|
2023-01-19 21:30:00 |
Attackers Crafted Custom Malware for Fortinet Zero-Day (lien direct) |
The "BoldMove" backdoor demonstrates a high level of knowledge of FortiOS, according to Mandiant researchers, who said the attacker appears to be based out of China. |
Malware
|
|
★★
|
|
2023-01-18 19:21:00 |
ChatGPT Could Create Polymorphic Malware Wave, Researchers Warn (lien direct) |
The powerful AI bot can produce malware without malicious code, making it tough to mitigate. |
Malware
|
ChatGPT
|
★★★
|
|
2023-01-18 17:10:00 |
ICS Confronted by Attackers Armed With New Motives, Tactics, and Malware (lien direct) |
Threat actors are diversifying across all aspects to attack critical infrastructure, muddying the threat landscape, and forcing industrial organizations to rethink their security. |
Malware
Threat
Industrial
|
|
★★
|
|
2023-01-13 20:00:00 |
Malware Comes Standard With This Android TV Box on Amazon (lien direct) |
The bargain T95 Android TV device was delivered with preinstalled malware, adding to a trend of Droid devices coming out-of-the-box tainted. |
Malware
Prediction
|
|
★★★★
|
|
2023-01-12 22:20:00 |
Researchers Find \'Digital Crime Haven\' While Investigating Magecart Activity (lien direct) |
A security vendor's investigation of infrastructure associated with a new, crypto-focused Magecart skimmer leads to discovery of cryptoscam sites, malware distribution marketplace, Bitcoin mixers, and more. |
Malware
Guideline
|
|
★★★
|
|
2023-01-12 19:11:00 |
Critical Cisco SMB Router Flaw Allows Authentication Bypass, PoC Available (lien direct) |
Unpatched Cisco bugs, tracked as CVE-2023-20025 and CVE-2023-20026, allow lateral movement, data theft, and malware infestations. |
Malware
|
|
★★
|
|
2023-01-10 15:04:00 |
Netskope Threat Research: Malware-Delivering Cloud Apps Nearly Tripled in 2022 (lien direct) |
401 distinct cloud apps shown to deliver malware; Microsoft OneDrive delivered 30% of all cloud malware downloads. |
Malware
Threat
|
|
★★★
|
|
2023-01-06 18:46:00 |
PurpleUrchin Gang Embraces DevOps In Massive Cloud Malware Campaign (lien direct) |
The Automated Libra group is deploying all components of its campaign in an automated manner via containers, stealing free trial resources for cryptomining, but the threat could get larger. |
Malware
Threat
|
|
★★★
|
|
2023-01-05 18:02:00 |
Bluebottle Continues Bank Heist Assault With Signed Malware (lien direct) |
The financially motivated threat group, also known as OPERA1ER, demonstrated an evolution in tactics in its compromise of three Francophone financial institutions in Africa, likely adding to its $11 million to-date haul. |
Malware
Threat
|
|
★★★
|
|
2023-01-04 15:46:00 |
BitRat Malware Gnaws at Victims With Bank Heist Data (lien direct) |
Attackers have compromised a Colombian financial institution and are using a bevy of leaked customer details in further malicious activity to spread an info-gathering remote access Trojan (RAT). |
Malware
|
|
★★★
|
|
2023-01-03 19:03:00 |
WordPress Sites Under Attack from Newly Found Linux Trojan (lien direct) |
Researchers who discovered the backdoor Linux malware say it may have been around for more than three years - and it targets 30+ plugin bugs. |
Malware
|
|
★★
|
|
2023-01-03 16:55:17 |
Raspberry Robin Worm Hatches a Highly Complex Upgrade (lien direct) |
The Evil Corp-linked malware family has undergone an evolution, becoming more obfuscated and "several times more complex," as the group behind it tests how far the worm can be spread. |
Malware
|
|
★★★
|
|
2022-12-21 15:03:30 |
Godfather Banking Trojan Masquerades as Legitimate Google Play App (lien direct) |
The malware has resurfaced, using an icon and name similar to the legitimate Google Play app MYT Music, a popular app with more than 10 million downloads. |
Malware
|
|
★★★
|
|
2022-12-19 21:28:00 |
Sophisticated DarkTortilla Malware Serves Imposter Cisco, Grammarly Pages (lien direct) |
Sites spoofing Grammarly and a Cisco webpage are spreading the DarkTortilla threat, which is filled with follow-on malware attacks. |
Malware
|
|
★★
|
|
2022-12-16 16:00:03 |
Chinese APT Group MirrorFace Interferes in Japanese Elections (lien direct) |
The MirrorFace group has deployed popular malware LodeInfo for spying and data theft against certain members of the Japanese House of Representatives. |
Malware
|
|
★★★
|
|
2022-12-16 14:00:00 |
Live From London: Next-Gen Cybersecurity Takes Stage at Black Hat Europe (lien direct) |
Check out our slideshow detailing the emerging cybersecurity trends in cloud, creating a defensible Internet, malware evolution, and more that lit up audiences in London. |
Malware
|
|
★★
|
|
2022-12-15 16:20:20 |
Blackmailing MoneyMonger Malware Hides in Flutter Mobile Apps (lien direct) |
Money-lending apps built using the Flutter software development kit hide a predatory spyware threat and highlight a growing trend of using personal data for blackmail. |
Malware
Threat
Prediction
|
|
★★★
|
|
2022-10-10 20:35:32 |
Emotet Rises Again With More Sophistication, Evasion (lien direct) |
An analysis of the malware and its infection strategies finds nearly 21,000 minor and 139 major variations on the malware - complexity that helps it dodge analysis. |
Malware
|
|
|
|
2022-10-06 15:15:20 |
Russia-Linked Cybercrime Group Hawks Combo of Malicious Services With LilithBot (lien direct) |
The malware-as-a-service group Eternity is selling a one-stop shop for various malware modules it's been distributing individually via a subscription model on Telegram. |
Malware
|
|
|
|
2022-10-05 13:01:39 |
RatMilad Spyware Scurries onto Enterprise Android Phones (lien direct) |
A novel mobile malware found lurking behind a phone-spoofing app is being distributed via Telegram and a dedicated website, in a broad operation to monitor corporate victims. |
Malware
|
|
|
|
2022-10-03 20:56:00 |
Bumblebee Malware Loader\'s Payloads Significantly Vary by Victim System (lien direct) |
On some systems the malware drops infostealers and banking Trojans; on others it installs sophisticated post-compromise tools, new analysis shows. |
Malware
|
|
★★
|
|
2022-09-28 20:59:09 |
Sophisticated Covert Cyberattack Campaign Targets Military Contractors (lien direct) |
Malware used in the STEEP#MAVERICK campaign features rarely seen obfuscation, anti-analysis, and evasion capabilities. |
Malware
|
|
|
|
2022-09-28 16:12:09 |
Chaos Malware Resurfaces With All-New DDoS & Cryptomining Modules (lien direct) |
The previously identified ransomware builder has veered in an entirely new direction, targeting consumers and business of all sizes by exploiting known CVEs through brute-forced and/or stolen SSH keys. |
Ransomware
Malware
|
|
|
|
2022-09-20 20:33:17 |
ChromeLoader Malware Evolves into Prevalent, More Dangerous Cyber Threat (lien direct) |
Microsoft and VMware are warning that the malware, which first surfaced as a browser-hijacking credential stealer, is now being used to drop ransomware, steal data, and crash systems at enterprises. |
Malware
Threat
|
|
|
|
2022-09-07 15:53:37 |
Next-Gen Linux Malware Takes Over Devices With Unique Tool Set (lien direct) |
The Shikitega malware takes over IoT and endpoint devices, exploits vulnerabilities, uses advanced encoding, abuses cloud services for C2, installs a cryptominer, and allows full remote control. |
Malware
Tool
|
|
|
|
2022-09-06 20:16:44 |
TeslaGun Primed to Blast a New Wave of Backdoor Cyberattacks (lien direct) |
What under-the-hood details of newly discovered attack control panel tells us about how the Evil Corp threat group manages its ServHelper backdoor malware campaigns. |
Malware
Threat
|
|
|
|
2022-09-02 16:52:51 |
Raspberry Robin Malware Connected to Russian Evil Corp Gang (lien direct) |
Infections attributed to the USB-based worm have taken off, and now evidence links the malware to Dridex and the sanctioned Russian cybercriminal group Evil Corp. |
Malware
|
|
|
|
2022-09-01 14:45:27 |
Apple Quietly Releases Another Patch for Zero-Day RCE Bug (lien direct) |
Apple continues a staged update process to address a WebKit vulnerability that allows attackers to craft malicious Web content to load malware on affected devices. |
Malware
Vulnerability
|
|
|
|
2022-08-31 18:00:00 |
James Webb Telescope Images Loaded With Malware Are Evading EDR (lien direct) |
New Golang cyberattacks use deep space images and a new obfuscator to target systems - undetected. |
Malware
|
|
|
|
2022-08-26 13:18:17 |
Endpoint Protection / Antivirus Products Tested for Malware Protection (lien direct) |
Six out of the eight products achieved an "A" rating or higher for blocking malware attacks. Reports are provided to the community for free. |
Malware
|
|
|
|
2022-08-24 19:29:23 |
Efficient \'MagicWeb\' Malware Subverts AD FS Authentication, Microsoft Warns (lien direct) |
The Russia-backed Nobelium APT has pioneered a post-exploitation tool allowing attackers to authenticate as any user. |
Malware
Tool
|
|
|
|
2022-08-24 13:46:20 |
CyberRatings.org Announces New Web Browser Test Results for 2022 (lien direct) |
Three of the world's leading browsers were measured for phishing and malware protection, with time to block and protection over time as key metrics in test scores. |
Malware
Guideline
|
|
|
|
2022-08-23 16:15:00 |
One-Third of Popular PyPI Packages Mistakenly Flagged as Malicious (lien direct) |
The scans used by the Python Package Index (PyPI) to find malware fail to catch 41% of bad packages, while creating plentiful false positives. |
Malware
|
|
|
|
2022-08-22 16:32:52 |
New \'BianLian\' Ransomware Variant on the Rise (lien direct) |
Novel ransomware was created with the Go open source programming language, demonstrating how malware authors increasingly are opting to employ the flexible coding language. |
Ransomware
Malware
|
|
|
|
2022-08-18 14:38:22 |
Summertime Blues: TA558 Ramps Up Attacks on Hospitality, Travel Sectors (lien direct) |
The cybercriminal crew has used 15 malware families to target travel and hospitality companies globally, constantly changing tactics over the course of its four-year history. |
Malware
|
|
|
|
2022-08-17 18:39:51 |
\'DarkTortilla\' Malware Wraps in Sophistication for High-Volume RAT Infections (lien direct) |
The stealthy crypter, active since 2015, has been used to deliver a wide range of information stealers and RATs at a rapid, widespread clip. |
Malware
|
|
|
|
2022-08-10 15:47:13 |
OPSWAT Presents New Malware Analysis Capabilities for Operational Technology at Black Hat USA 2022 (lien direct) |
Product enhancements to offer full IT and OT threat intelligence services for OPSWAT customers. |
Malware
Threat
|
|
|
|
2022-08-10 14:46:53 |
Deepfence ThreatMapper 1.4 Unveils Open Source Threat Graph to Visualize Cloud-Native Threat Landscape (lien direct) |
New release also includes enterprise-grade cloud security posture management (CSPM) and YARA-based malware scanning capabilities. |
Malware
Threat
|
|
|