What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-11-14 17:30:01 | HookAds Malvertising Campaign (lien direct) | The HookAds Malvertising campaign is on the loose again and is downloading various malware through the Fallout Exploit kit. Mike Bittner, Digital Security & Operations Manager at The Media Trust: “Bad actors behind the HookAds campaign appear to be switching their tactics and adding more weapons to their arsenal to make a clean sweep of … The ISBuzz Post: This Post HookAds Malvertising Campaign | Malware | ||
|
2018-11-14 10:45:05 | Cryptojackers That Target Linux Start Using Rootkits In Order To Hide (lien direct) | With the growing popularity of cryptocurrencies, the number of malware pieces that are called cryptojackers also grows infecting more and more victims. Cryptojackers are hidden cryptocurrency miners that are secretly installed on computers. They use computer resources to mine coins thus earning money for cybercrooks. These viruses are also called cryptominers. One of the problems … The ISBuzz Post: This Post Cryptojackers That Target Linux Start Using Rootkits In Order To Hide | Malware | ||
|
2018-11-09 15:30:00 | US Cyber Command Starts Uploading Foreign APT Malware To Virus Total (lien direct) | It’s been reported that The Cyber National Mission Force in the US is now uploading malware samples it finds to VirusTotal. IT security experts commented below. Chris Doman, Threat Engineer at AlienVault: “The US Cyber Command has uploaded two malware samples relating to APT28, the Russian group behind the US election hacking. So far, the … The ISBuzz Post: This Post US Cyber Command Starts Uploading Foreign APT Malware To Virus Total | Malware Threat | APT 28 | |
|
2018-11-05 09:45:04 | Magecart Claims Kitronik As Another Victim (lien direct) | The news recently broke that Kitronik, a leading supplier of electronic project kits in the UK, was the latest victim of Magecart's global payment card-skimming malware. Kitronik suffered a data breach that may have exposed names, email addresses, card numbers, expiry dates, CVV security codes and postal addresses. Rich Campagna, CMO at Bitglass: “Payment card-skimming malware continues to be … The ISBuzz Post: This Post Magecart Claims Kitronik As Another Victim | Data Breach Malware Guideline | ||
|
2018-11-02 18:45:03 | (Déjà vu) New Stuxnet Variant Hits Iran (lien direct) | News broke that a malware similar in nature to Stuxnet but more aggressive and sophisticated allegedly hit the infrastructure and strategic networks in Iran. According to Bleeping Computer, Iranian infrastructure and strategic networks have come under attack in the last few days by a computer virus similar to Stuxnet but “more violent, more advanced and more sophisticated,” … The ISBuzz Post: This Post New Stuxnet Variant Hits Iran | Malware | ||
|
2018-10-31 18:47:05 | DemonBot DDoS Malware (lien direct) | Last week, news broke that an unsophisticated Linux-based botnet dubbed DemonBot is targeting exposed cloud servers using a vulnerability in Hadoop's resource management tool to infect cloud servers with the botnet malware. Gavin Millard, VP of Intelligence at Product Marketing at Tenable “This isn’t the first time the YARN exploit has been used. Back in September … The ISBuzz Post: This Post DemonBot DDoS Malware | Malware Tool Vulnerability | ||
|
2018-10-19 12:30:02 | Protecting Against GreyEnergy (lien direct) | In response to the recent discovery of GreyEnergy, a highly sophisticated piece of malware targeted industrial control systems, please see below comments from Moreno Carullo, co-founder and CTO of Nozomi Networks. Moreno Carullo, Co-founder and CTO at Nozomi Networks: “The recent discovery of yet another undocumented advanced malware, now dubbed GreyEnergy, was inevitable. We are … The ISBuzz Post: This Post Protecting Against GreyEnergy | Malware | ||
|
2018-10-18 20:00:03 | GreyEnergy Malware Targeting Critical Infrastructure (lien direct) | Ray DeMeo, Co-Founder and Chief Operating Officer at Virsec, today commented on ESET's discovery of GreyEnergy malware used to attack energy companies and other critical targets in Ukraine and Poland for the past three years. Ray DeMeo, Co-Founder and Chief Operating Officer at Virsec: “It should be no surprise that threats like BlackEnergy are morphing into new variants. There … The ISBuzz Post: This Post GreyEnergy Malware Targeting Critical Infrastructure | Malware | ||
|
2018-10-15 12:15:02 | How To Close Security Gaps With A Threat Intelligence Library (lien direct) | Companies have invested in protection technologies for decades – firewalls, web and email security gateways and endpoint protection. Over time, these technologies have increasingly relied upon threat intelligence to create real-time block lists for malware signatures, bad domains and IP addresses, file hashes and more. Despite these measures, attacks still get through. People tend to … The ISBuzz Post: This Post How To Close Security Gaps With A Threat Intelligence Library | Malware Threat | ||
|
2018-10-06 15:30:00 | Chinese Spy Chips (lien direct) | Anthony James is vice president at CipherCloud and former CMO at TrapX, whose researchers previously discovered the Chinese-generated Zombie Zero nation‐state sponsored Zero Day attack. Anthony James, Vice President at CipherCloud and Former CMO at TrapX: “The accusation that the Chinese are embedding malware and surveillance into standard devices is quite real and based on facts. In … The ISBuzz Post: This Post Chinese Spy Chips | Malware | ||
|
2018-10-06 08:00:05 | Fornite Gaming Cheats Suffer From Malware Attack (lien direct) | It has been discovered that Fortnite gamers are suffering from a new malware attack that is concealed within the game. Malwarebytes issues the report which found scammers had found a way to release the malware within “cheat tools” that offered “season passes”, which were deemed “free” for Android users. Commenting on the news and offering insight is Tyler … The ISBuzz Post: This Post Fornite Gaming Cheats Suffer From Malware Attack | Malware | ||
|
2018-10-05 17:30:03 | Smoke Loader Malware Updated And Detected In The Wild (lien direct) | In response to the news that an updated version of the Smoke Loader malware downloader has been sampled in the wild and contains one of the first successful uses of the PROPagate injection technique, Jake Moore, Security Specialist at ESET commented below. Jake Moore, Security Specialist at ESET: “Password stealing malware is nothing new. Clicking … The ISBuzz Post: This Post Smoke Loader Malware Updated And Detected In The Wild | Malware | ||
|
2018-10-04 18:30:04 | New Betabot Infostealer Malware Campaign (lien direct) | A new report by Cybereason has detected multiple Betabot (aka Neurevt) infections in customer environments. Betabot is a sophisticated infostealer malware that's evolved significantly since it first appeared in late 2012. The malware began as a banking Trojan and is now packed with features that allow its operators to practically take over a victim's machine and steal … The ISBuzz Post: This Post New Betabot Infostealer Malware Campaign | Malware | ||
|
2018-10-01 17:30:04 | (Déjà vu) Torii Botnet – Not Another Mirai Variant (lien direct) | Avast's threat labs team have uncovered “the most sophisticated botnet that they have ever seen”, and it is targeting IoT devices. The new IoT malware strain/botnet labelled 'Torii' has spread over poorly secured Telnet services, with the attack coming from Tor exit nodes. The malware captures data from IoT devices and gives attackers remote code execution – … The ISBuzz Post: This Post Torii Botnet – Not Another Mirai Variant | Malware Threat | ||
|
2018-10-01 13:45:04 | Potential Misuse Of Legitimate Websites To Avoid Malware Detection (lien direct) | Some common malware will attempt to gather information about its environment, such as public IP address, Language, and Location. System queries and identifier websites such as whatismyipaddress.com are often used for these purposes but are easily identified by modern network monitors and antivirus. Everyday interactions with legitimate websites provide much of this information and is not monitored … The ISBuzz Post: This Post Potential Misuse Of Legitimate Websites To Avoid Malware Detection | Malware | ||
|
2018-09-29 23:30:02 | “Most Sophisticated Botnet”, Dubbed Torii, Targeting IoT Devices (lien direct) | It has been reported that security researchers at Avast have uncovered “the most sophisticated botnet that they have ever seen”, and it is targeting IoT devices. This new IoT malware strain/botnet labelled 'Torii' has spread over poorly secured Telnet services, with the attack coming from Tor exit nodes. The malware captures data from IoT devices, and gives attackers remote … The ISBuzz Post: This Post “Most Sophisticated Botnet”, Dubbed Torii, Targeting IoT Devices | Malware | ||
|
2018-09-13 14:00:04 | Handy Tools And Websites For Malware Analysis (lien direct) | Malware Analysis: VirusTotal: One of the most famous Multi-Antivirus scanning Website, VirusTotal aggregates many antivirus products and online scan engines to check for viruses that the user’s own antivirus may have missed, or to verify against any false positives. Files up to 256 MB can be uploaded to the website or sent via email.Anti-virus software … The ISBuzz Post: This Post Handy Tools And Websites For Malware Analysis | Malware | ||
|
2018-09-12 23:30:05 | New Security Research Reveals Password Inadequacy Still A Top Threat (lien direct) | WatchGuard's Q2 2018 Internet Security Report uncovers heightened use of credential-focused attacks and continued prevalence of malicious Office documents New research from the WatchGuard Threat Lab shows the emergence of the Mimikatz credential-stealing malware as a top threat and the growing popularity of brute force login attacks against web applications. The research also reveals that 50 percent of government and military employee LinkedIn … The ISBuzz Post: This Post New Security Research Reveals Password Inadequacy Still A Top Threat | Malware Threat | ||
|
2018-09-06 16:13:02 | Hakai IoT Botnet Hits D-Link, Huawei, Realtek, Includes Efficient Telnet Scanner (lien direct) | In response to reports that a New Hakai IoT botnet is taking aim at D-Link, Huawei, and Realtek routers (link to ZDNet interview with researcher Ankit Anubhav) and that the malware includes efficient Telnet scanner, an expert with Corero Network Security offers perspective. Sean Newman, Director Product Management at Corero Network Security: “It's possibly no coincidence that, within a … The ISBuzz Post: This Post Hakai IoT Botnet Hits D-Link, Huawei, Realtek, Includes Efficient Telnet Scanner | Malware | ||
|
2018-09-05 16:15:01 | Camubot Malware Camouflaged As Bank Security App To Steal Credentials (lien direct) | It has been reported that a new banking malware has been discovered that is targeting bank customers in Brazil. Dubbed CamuBot, it is said to be a unique malware because it is disguised as a necessary security module of the bank. The malware can also bypass the biometric authentication feature, which is a disturbing sign. According to IBM X-Force researchers who discovered … The ISBuzz Post: This Post Camubot Malware Camouflaged As Bank Security App To Steal Credentials | Malware | ||
|
2018-09-04 13:17:01 | MagnetoCore Malware (lien direct) | 7,339 Magento stores has been found to have malware that collects payment card data according to security researcher William de Groot who says it is the most successful infiltration campaign to date. Devon Merchant, Digital Security and Operations Manager at The Media Trust: “Magento is an open source platform and for this reason is also … The ISBuzz Post: This Post MagnetoCore Malware | Malware | ||
|
2018-08-20 20:30:01 | Marap Malware Targets Banking Sector (lien direct) | Recently, a new malware campaign was identified called Marap that targets the financial sector, James Hadley, CEO & founder of Immersive Labs commented below. James Hadley, CEO & Founder at Immersive Labs: “The banking sector will always be a prime target for cyber attacks. With this threat never ceasing, it’s vital for the industry to acknowledge the challenges … The ISBuzz Post: This Post Marap Malware Targets Banking Sector | Malware Threat | ||
|
2018-08-06 14:27:01 | Pakistani Hacking Group Targets Nation States (lien direct) | Following the news that a hacking group based in Pakistan is attempting to carry out targeted malware attacks against nation states and individual citizens, IT security experts commented below. Rob Shapland, Principal Cyber Security Consultant at Falanx Group: Why are government targets being duped by such unsophisticated methods? “The Gorgon group are running two types … The ISBuzz Post: This Post Pakistani Hacking Group Targets Nation States | Malware | ||
|
2018-08-02 16:30:03 | PowerGhost File-Less Cryptomining Malware Hitting Corp. Networks (lien direct) | In response to Kaspersky research finding that the fileless PowerGhost cryptomining malware is targeting corporate networks is moredifficult to detect than other miners because it doesn't download malicious files to the device and so is likely to operate longer unnoticed, an expert with Corero Network Security offers comments. Sean Newman, Director Product Management at Corero Network Security: “The … The ISBuzz Post: This Post PowerGhost File-Less Cryptomining Malware Hitting Corp. Networks | Malware | ||
|
2018-08-02 08:15:02 | Chinese Hackers Sending Malware Through The Post (lien direct) | In response to the news that hackers from China have taken to sending CDs full of malware to state officials in the post, Mark James, security specialist at ESET commented below. Mark James, Security Specialist at ESET: “This approach, while unusual, does not surprise me. A disk appears out of the blue in the post, it … The ISBuzz Post: This Post Chinese Hackers Sending Malware Through The Post | Malware | ||
|
2018-07-31 21:00:01 | New Cryptomining Malware That Is Targeting Corporate Networks (lien direct) | Researchers have uncovered a cryptojacking campaign that looks to spread across infected networks, targeting business PCs and servers. Bob Noel, Director of Marketing and Strategic Partnerships at Plixer: “When PowerGhost makes its way onto a corporate network, the business is being robbed of key resources. This negatively impacts productivity, profitability and customer satisfaction. There are … The ISBuzz Post: This Post New Cryptomining Malware That Is Targeting Corporate Networks | Malware | ||
|
2018-07-31 19:30:05 | Analyzing A Sophisticated, Large-Scale Malvertising Campaign (lien direct) | Researchers at leading cyber-security vendor Check Point have shown how criminals are using a new and complex method to abuse the digital infrastructure of the online advertising industry to spread malware to millions of online surfers worldwide. This is widely known as 'malvertising' and, in this case, started with the compromising of thousands of WordPress … The ISBuzz Post: This Post Analyzing A Sophisticated, Large-Scale Malvertising Campaign | Malware Guideline | ||
|
2018-07-27 19:38:01 | Microsoft Office Vulnerabilities Used To Distribute FELIXROOT Backdoor Malware (lien direct) | A new hacking campaign aims to use old vulnerabilities in Microsoft Office software to create a backdoor into Windows systems to spy and steal files. Dubbed Felixroot, the malware is delivered to individuals in Ukraine using a weaponised phishing email claiming to contain seminar information on environmental protection, indicating that the selected victims are likely to … The ISBuzz Post: This Post Microsoft Office Vulnerabilities Used To Distribute FELIXROOT Backdoor Malware | Malware | ||
|
2018-07-26 14:00:03 | (Déjà vu) “Death” Botnet Exploits Old AVTech Flaw (lien direct) | It’s being reported that a malware author by the name of EliteLands is currently building a botnet named “Death” by targeting unpatched AVTech devices. The hacker is using an exploit for these devices that was published back in late 2016. The exploit targets 14 well-known vulnerabilities in the firmware shared by several AVTech device types, such as DVRs, NVRs, IP … The ISBuzz Post: This Post “Death” Botnet Exploits Old AVTech Flaw | Malware | ||
|
2018-07-25 11:25:04 | Source Code For Exobot Android Banking Trojan Leaked Online (lien direct) | It has been reported that the source code of Exobot, an Android banking Trojan, has been leaked online. The malware has spread rapidly, targeting Android users via malicious apps. Thomas Richards, Associate Principal Consultant at Synopsys: “Now that the source code for the Trojan has been released, other hackers or criminal organisations can create new variants. By making new … The ISBuzz Post: This Post Source Code For Exobot Android Banking Trojan Leaked Online | Malware | ||
|
2018-07-19 21:41:05 | Password-Stealing, Eavesdropping Malware Targets Ukrainian Government (lien direct) | News broke that a cyber espionage campaign is targeting the Ukrainian government with custom-built malware which creates a backdoor into systems for stealing data – including login credentials and audio recordings of surroundings. The remote access Trojan is called Vermin and is delivered alongside two other strains of malware – Sobaken RAT and Quasar RAT – … The ISBuzz Post: This Post Password-Stealing, Eavesdropping Malware Targets Ukrainian Government | Malware | ||
|
2018-07-19 20:33:02 | Checkpoint Cyber Attack Trends Mid-Year Report 2018. (lien direct) | Following are main findings of latest CheckPoint Cyber Attack Trends: Mid-Year Report 2018: A 100% increase in organizations who reported being hit by cryptomining malware which hijacked CPU power in 1H:18 vs 2H:17; The three most prevalent exploits in 1H:18 were each cryptominers; New techniques are evolving to attack cloud storage services; and Multi-platform attacks increased, … The ISBuzz Post: This Post Checkpoint Cyber Attack Trends Mid-Year Report 2018. | Malware | ||
|
2018-07-12 11:15:01 | (Déjà vu) June\'s Most Wanted Malware: Use Of Banking Trojans Up 50% (lien direct) | Check Point's latest Global Threat Index reveals that Trojan malware families enter Top 10 Most Wanted Ranking; Cryptomining remains top of list Check Point's latest Global Threat Index for June 2018 shows that the global impact of banking Trojans has increased by 50% during the past four months, with two Trojan malware families entering the Index's top … The ISBuzz Post: This Post June's Most Wanted Malware: Use Of Banking Trojans Up 50% | Malware Threat | ||
|
2018-07-11 17:30:00 | Updated Rakhni Can Be Either A Crypto Miner Or Ransomware (lien direct) | Kaspersky Labs reported late last week that an Updated version of the Rakhni malware strain can be either ransomware or a cryptominer. A Corero expert offers perspective in response. Sean Newman, Director Product Management at Corero Network Security: “We're often remarking on the typical hackers' penchant for taking the easy option, where possible, which often includes reuse … The ISBuzz Post: This Post Updated Rakhni Can Be Either A Crypto Miner Or Ransomware | Ransomware Malware | ||
|
2018-07-11 17:00:01 | Hacked Coinhive Shortlinks For Cryptomining (lien direct) | Coinhive has been hacked by cybercriminals who have obfuscated Coinhive's shortlinks to perform in-browser mining according to researchers at Malwarebytes. Chris Olson, CEO at The Media Trust: “Cryptomining malware has unseated ransomware as malware perpetrators’ top weapon of choice, mainly because it is lucrative and hard to detect. The sizable cryptomining malware “ring” recently uncovered … The ISBuzz Post: This Post Hacked Coinhive Shortlinks For Cryptomining | Ransomware Malware | ||
|
2018-07-10 17:30:02 | Stolen Certificates Used In Malware Campaign (lien direct) | The discovery of stolen code signing certificates used in a new malware campaign in Taiwan. Kevin Bocek, Vice President of Security Strategy and Threat Intelligence at Venafi commented below. Kevin Bocek, Vice President of Security Strategy and Threat Intelligence at Venafi: “These attacks are not new. As ESET points out, the attacker learned from the model established by Stuxnet: … The ISBuzz Post: This Post Stolen Certificates Used In Malware Campaign | Malware Threat | ||
|
2018-07-09 17:25:04 | (Déjà vu) This Password-Stealing Malware Just Added A New Way To Infect Your PC (lien direct) | It has been reported that a powerful form of malware which can be used to distribute threats including Trojans, ransomware and malicious cryptocurrency mining software has been updated with a new technique which has rarely been seen in the wild. Distributed in spam email phishing campaigns, Smoke Loader has been sporadically active since 2011 but has continually evolved. The malware … The ISBuzz Post: This Post This Password-Stealing Malware Just Added A New Way To Infect Your PC | Malware | ||
|
2018-07-05 20:00:00 | (Déjà vu) Kaspersky Lab Discovers Rakhni Trojan\'s Ability To Choose Between Being A Miner Or Cryptor When Infecting A Victim (lien direct) | Kaspersky Lab products have detected new malicious samples related to the infamous Trojan family Trojan-Ransom.Win32.Rakhni. The main feature of the malware is that it can choose how to infect its victims – either with a cryptor or with a miner. According to our researchers, the malware primarily targets companies rather than ordinary users, and is … The ISBuzz Post: This Post Kaspersky Lab Discovers Rakhni Trojan's Ability To Choose Between Being A Miner Or Cryptor When Infecting A Victim | Malware | ||
|
2018-07-05 17:28:05 | IoT And Malware The Biggest Worries Of Industrial Organisations (lien direct) | A report by Kaspersky Lab has found that the rise of IoT within industrial organisations is putting the likes of power plants, manufacturers and water treatment centres at risk of suffering a cyber attack. Almost two thirds (65 per cent) of companies believe that ICS security risks are more likely with IoT. The report also states that … The ISBuzz Post: This Post IoT And Malware The Biggest Worries Of Industrial Organisations | Malware | ★★★ | |
|
2018-06-29 23:39:00 | Developers Rarely Feel Their Applications Could Be Targets (lien direct) | Hackers have exploited a web application vulnerability on a FastBooking server to install malware and pilfer data – such as names, email addresses, booking information and payment card data – on guests at hundreds of hotels. Mark Noctor, VP EMEA at Arxan Technologies, comments on this latest breach and explains just how risky application vulnerabilities … The ISBuzz Post: This Post Developers Rarely Feel Their Applications Could Be Targets | Malware Vulnerability | ||
|
2018-06-28 23:00:02 | Adware And Cryptomining Plaguing Enterprises (lien direct) | Adware and Cryptomining are quietly plaguing enterprise networks according to the Morhisec Labs Threat Report. Chris Olson, CEO at The Media Trust: “We are witnessing an intensifying digital arms race between malicious actors and organizations, where adware and cryptojacking malware are among the former’s favorite weapons because they reach thousands, if not millions of web … The ISBuzz Post: This Post Adware And Cryptomining Plaguing Enterprises | Malware Threat | ||
|
2018-06-27 11:43:04 | World Cup Wall Chart Phishing Scam (lien direct) | Check Point has identified a phishing campaign linked to the start of the FIFA World Cup where cyber-criminals attempt to lure would-be victims into downloading a schedule of fixtures and a result tracker. When opened, the attachment uses a malware variant called 'DownloaderGuide,' a known downloader of potentially unwanted programs (PUPs) that is most commonly used as … The ISBuzz Post: This Post World Cup Wall Chart Phishing Scam | Malware | ||
|
2018-06-26 23:30:05 | Hackers Weaponize Secure USB Drives To Target Air-Gapped Critical Systems (lien direct) | Researchers have found that the Tick cyberespionage group are weaponizing secure USB drives to target air-gapped critical systems. The group, which largely targets organisations from Japan and South Korea, are known to conduct attack campaigns with various custom malware such as Minzen, Datper, Nioupale (aka Daserf), and HomamDownloader. Javvad Malik, Security Advocate at AlienVault commented below. Javvad Malik, Security … The ISBuzz Post: This Post Hackers Weaponize Secure USB Drives To Target Air-Gapped Critical Systems | Malware | ||
|
2018-06-25 18:30:03 | GZipDe (lien direct) | A new malware named GZipDe that is a downloader used by hackers in a cyber-espionage campaign was discovered by researchers at AlienVault. IT security experts commented below. Sean Newman, Director of Product Management at Corero Network Security: “It's interesting to see a new downloader malware instance being discovered after a sample of it was uploaded … The ISBuzz Post: This Post GZipDe | Malware | ||
|
2018-06-25 10:00:05 | Kardon Malware Downloader (lien direct) | A malware downloader with full bot capabilities named Kardon has been discovered by security researchers at Netscout Arbor.* Kardon is believed to be a rebrand of the ZeroCool Botnet built by the same cybercriminal that goes by Yattaze. Sean Newman, Director of Product Development at Corero Network Security commented below. Sean Newman, Director of Product … The ISBuzz Post: This Post Kardon Malware Downloader | Malware |
To see everything:
Our RSS (filtrered)
