What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-07-15 08:04:25 | New Mirai variant includes exploits for 9 vulnerable products (lien direct) | The impacted products include routers, IP cameras, DVRs, and smart TVs. Nearly four years after Mirai first demonstrated how ordinary Internet-connected devices could be turned into remotely controlled attack systems, variants of the malware continue to surface with troubling regularity. This week, researchers from Trend Micro discovered a brand-new Mirai variant designed to exploit a […] | Malware | ★★ | |
|
2020-07-13 08:32:20 | A look at Evilnum, the APT Group Behind the Malware (lien direct) | The group behind Evilnum malware, that targets financial institutions, appears to be testing new techniques. ESET researchers published an analysis of advanced persistent threat (APT) group Evilnum, known for developing malware of the same name. A detailed look at its activity reveals an evolved toolset and infrastructure that combine custom malware with tools bought from […] | Malware Threat | ||
|
2020-07-13 08:27:51 | (Déjà vu) Malware evading analysis by adding Any.Run sandbox detection (lien direct) | Any.Run is a malware analysis sandbox service that lets researchers and users safely analyse malware without risk to their computers. And now malware developers are checking if their malware is running in the Any.Run malware analysis service to prevent their malware from being easily analysed by researchers. Source: Bleeping Computer | Malware | ||
|
2020-07-10 08:18:52 | Joker Malware Back in Google Play Store (lien direct) | Google has recently removed yet another 11 compromised Android applications from its app store, Google Play, as a new variant of the Joker malware has returned to the store. This has become a recurring theme since 2019 and has continued to have success in manoeuvring past Google Play’s protections as slight changes are made to […] | Malware | ||
|
2020-07-08 11:08:13 | Malware Sent Through Fake TikTok Links (lien direct) | It has recently been discovered that fake TikTok links are being used by cybercriminals to spread malware that captures user data. As part of 59 other Chinese apps banned in India due to privacy concerns, hackers are now leveraging this to target gullible individuals hoping to download the app. The Maharashtra Cyber Police has warned citizens […] | Malware | ||
|
2020-07-06 11:48:06 | Vulnerability Allows Cybercriminals to Evade Malware Detection (lien direct) | As a result of a Path Traversal bug in the .NET Core library of Microsoft, attackers could now implement malicious code on to a system without being detected by antivirus and end-point detection software. Paul Laîné of Context Information Security was the first to find this vulnerability and claims that this is made possible because […] | Malware Vulnerability | ||
|
2020-07-02 10:08:05 | Hacker claims TikTok rival Chingari\'s developer website has malware (lien direct) | TikTok's rising alternative, Chingari, has been doing the rounds on social media crossing several million downloads in the last few days. However, a new report indicates that the website of the company behind the app has malicious content pinned to its webpages. Robert Baptiste, a security researcher going by the twitter name Elliot Anderson said that […] | Malware | ||
|
2020-07-01 10:00:57 | (Déjà vu) EvilQuest malware uses ransomware as decoy to steal data from Macs (lien direct) | A new info-stealer and data wiper malware called EvilQuest uses ransomware as a cover to steal files from macOS users. The victims get infected after downloading trojanized installers of popular apps from torrent trackers. EvilQuest was first spotted by K7 Lab malware researcher Dinesh Devadoss and analysed by Malwarebytes’ Director of Mac & Mobile Thomas […] | Ransomware Malware | ||
|
2020-07-01 09:44:21 | Fakespy Masquerades as Postal Service Apps Around the World (lien direct) | The Cybereason Nocturnus team is investigating a new campaign involving FakeSpy, an Android mobile malware that emerged around October 2017. FakeSpy is an information stealer used to steal SMS messages, send SMS messages, steal financial data, read account information and contact lists, steal application data, and do much more. FakeSpy first targeted South Korean and […] | Malware | ||
|
2020-06-29 10:40:02 | “Golang” malware used to target Windows and Linux machines (lien direct) | Cyber-security researchers at Barracuda have identified a new variant of cryptominer malware called Golang, which is being used by China-based hackers to target both Windows and Linux machines. The new malware variant tries to mine Monero, an open-source cryptocurrency and researchers have spotted seven IP addresses linked to this it so far, all based out […] | Malware | ||
|
2020-06-25 09:58:42 | 67% of malware in Q1 2020 delivered via encrypted HTTPS connections (lien direct) | 67% of all malware in Q1 2020 was delivered via encrypted HTTPS connections and 72% of encrypted malware was classified as zero day, so would have evaded signature-based antivirus protection, according to WatchGuard. These findings show that without HTTPS inspection of encrypted traffic and advanced behavior-based threat detection and response, organizations are missing up to […] | Malware Threat | ||
|
2020-06-24 10:15:41 | Police Comedy TV Show Riskiest to Watch Online (lien direct) | An American police procedural comedy television show has topped the list of most dangerous TV titles for US citizens to watch online. New research published today by global security software company McAfee revealed the web-based entertainment options most commonly targeted with malware by cyber-criminals. McAfee analyzed more than 100 of the most popular TV and movie titles available on […] | Malware | ||
|
2020-06-11 10:56:03 | Malware Functions Bundled in Encryption Utility Product (lien direct) | The increasingly prevalent GuLoader malware has been traced back to a far-reaching encryption service that attempts to pass as above-board. An Italian company that sells what it describes as a legitimate encryption utility is being used as malware packer for the cloud-delivered malicious GuLoader dropper, claim researchers. The tool, according a recent investigation, creates GuLoader […] | Malware | ||
|
2020-06-11 10:17:57 | (Déjà vu) Trickbot Malware Spreads Through Fake Black Lives Matter Campaign (lien direct) | A phishing email campaign asking you to vote anonymously about Black Lives Matter is spreading the TrickBot information-stealing malware. Started as a banking Trojan, the TrickBot has evolved to perform a variety of malicious behavior. This behaviour includes spreading laterally through a network, stealing saved credentials in browsers, stealing Active Directory Services databases, stealing cookies and OpenSSH keys, stealing RDP, […] | Malware | ||
|
2020-06-10 14:47:25 | Qualys Adds Malware Detection to Its Free 60-day Remote Endpoint Protection Offer (lien direct) | FOSTER CITY, Calif. June 9, 2020 – Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of cloud-based IT, security and compliance solutions, today announced it has added malware detection to its cloud-based Remote Endpoint Protection offer, which is free for 60 days. Any customers currently using the offer on a free 60-day license can extend it for […] | Malware Guideline | ||
|
2020-06-10 10:55:49 | (Déjà vu) Valak malware focused on stealing Outlook login credentials (lien direct) | Authors of Valak information stealer are focusing more and more on stealing email credentials as researchers find a new module specifically built for this purpose. The malware emerged in testing mode in mid-October 2019 and has a modular plugin architecture that expands its capabilities to cover the needs of the threat actor. Valak has been […] | Malware Threat | ||
|
2020-06-05 10:02:17 | Resumes and Medical Leave Mask Malware (lien direct) | Criminals are using resumes to hide malicious payloads in a business climate that has seen hundreds of thousands of individuals searching for jobs. According to new research, the fake CVs disguise banking trojans and data stealers in macros within Microsoft Excel files. Researchers at Check Point Software say that a new campaign of Zloader malware has been […] | Malware | ||
|
2020-06-03 10:45:13 | YouTube Accounts in Demand on the Dark Web (lien direct) | Security experts are warning of growing dark web demand for access to users' YouTube accounts. Etay Maor, CSO at cyber-intelligence firm IntSights, explained that in recent weeks his team has noticed an uptick in demand for stolen credentials for prominent accounts on the video site. While account access can be used to spread malware and launch […] | Malware | ||
|
2020-05-29 09:52:44 | (Déjà vu) GitHub supply chain attack via new malware (lien direct) | Security researchers have found a new malware that finds and backdoors open-source NetBeans projects hosted on the GitHub web-based code hosting platform to spread to Windows, Linux, and macOS systems and deploy a Remote Administration Tool (RAT). The malware dubbed Octopus Scanner by researchers at the GitHub Security Lab compromises developers’ computers by infecting their […] | Malware Tool | ||
|
2020-05-28 10:21:05 | Hackers use old code to build new malware (lien direct) | A well-known hacking group, previously linked to the Chinese government, has developed new malware by merging features and source code from older projects. These are the findings of an investigation conducted by cybersecurity researchers at Intezer, who dubbed the new malware Ketrum because it is a patchwork of code from older Ketrican and Okrum backdoors. […] | Malware | ||
|
2020-05-28 10:19:56 | Governments targeted with revamped malware (lien direct) | Turla, a sophisticated hacking group with suspected ties to the Russian government, recently used a revamped version of its malware to target government entities in Eastern Europe, according to new research from the security firm ESET. Recent attacks using the revised malware have targeted two ministries of foreign affairs in Eastern Europe as well as […] | Malware | ||
|
2020-05-27 09:46:40 | Backdoor into Windows computers opened my malware (lien direct) | A new version of the Sarwent malware can open the Remote Desktop Protocol (RDP) port on target Windows computers to make sure that crooks can find their way back into the system through the backdoor. Whether that access is used later by the same crooks or sold to ransomware gangs or cyber espionage groups is […] | Ransomware Malware | ||
|
2020-05-27 09:45:20 | (Déjà vu) Android bug, Strandhogg 2.0, allows malware to steal data (lien direct) | Security researchers have found a major vulnerability in almost every version of Android, which lets malware imitate legitimate apps to steal app passwords and other sensitive data. The vulnerability, dubbed Strandhogg 2.0 (named after the Norse term for a hostile takeover) affects all devices running Android 9.0 and earlier. It's the “evil twin” to an […] | Malware Vulnerability | ||
|
2020-05-27 09:43:36 | Monero Mining Malware infects corporate systems (lien direct) | The Blue Mockingbird malware gang has infected more than 1000 business systems with Monero mining malware since December 2019. The global scale of the hacker group's operations was revealed by cloud security firm Red Canary on May 26. The report outlined the group's methodology. The malware attacks servers running ASP.NET applications and exploits a vulnerability […] | Malware Vulnerability | ||
|
2020-05-26 10:50:08 | Blue Mockingbird malware gang infect enterprise systems (lien direct) | Thousands of enterprise systems are believed to have been infected with a cryptocurrency-mining malware operated by a group tracked under the codename of Blue Mockingbird. Discovered earlier this month by malware analysts from cloud security firm Red Canary, the Blue Mockingbird group is believed to have been active since December 2019. Researchers say Blue Mockingbird […] | Malware | ||
|
2020-05-26 10:42:00 | Stealthy Malware Steals Your Discord Password And Attacks Your Friends (lien direct) | In just five short years, Discord's popularity with gamers has soared. Today, Discord has 250 million registered users and around 15 million of them active on any given day… which is why it's become a popular target for cybercriminals. One persistent threat that has plagued Discord for some time is AnarchyGrabber. It's a particularly stealthy […] | Malware Threat | ||
|
2020-05-22 10:19:46 | (Déjà vu) Banking Malware ZLoader spotted in over 100 email campaigns (lien direct) | A banking malware called ZLoader, last seen in early 2018, has been spotted in more than 100 email campaigns since the beginning of the year. The trojan is under active development with 25 versions seen in the wild since its comeback in December 2019, the latest one observed this month. The malicious email campaigns target […] | Malware | ||
|
2020-05-18 10:12:06 | (Déjà vu) European supercomputers hacked to mine cryptocurrency (lien direct) | Multiple supercomputers across Europe have been infected this week with cryptocurrency mining malware and have shut down to investigate the intrusions. Security incidents have been reported in the UK, Germany, and Switzerland, while a similar intrusion is rumored to have also happened at a high-performance computing center located in Spain. The first report of an […] | Malware | ||
|
2020-05-18 10:08:55 | Malware in Microsoft Edge Browser Extension (lien direct) | The new Microsoft Edge browser is based on Chromium, the same engine that powers Google Chrome, so it's capable of running any extension published in the Chrome Web Store. But at the same time, Microsoft also maintains its own add-on stores where the company says it's only publishing recommended extensions that have been previously verified […] | Malware | ||
|
2020-05-15 09:25:35 | HTTP status codes used by hackers to control malware implants (lien direct) | Security researchers from Kaspersky have identified a new version of the COMpfun malware that controls infected hosts using a mechanism that relies on HTTP status codes. The malware has been first spotted last year, in November, and has been deployed in attacks against diplomatic entities across Europe. Responsible for the attacks is a group known […] | Malware | ||
|
2020-05-14 09:51:48 | Ransomware attack on Diebold Nixdorf (lien direct) | ATM manufacturer Diebold Nixdorf has suffered a ransomware attack on its corporate network, disrupting some operations. The malware attack, first reported by security blogger Brian Krebs, did not affect the company’s ATMs or customer networks. Diebold Nixdorf discovered the issue – in which crooks appear to have installed the ProLock ransomware – on 25 April. […] | Ransomware Malware | ||
|
2020-05-12 10:06:33 | U.S. Targets hit by returning Sphinx malware (lien direct) | The banking trojan has upgraded and is seeing a resurgence on the back of coronavirus stimulus payment themes. The Zeus Sphinx banking trojan has seen a recent resurgence in the United States, sporting some modifications and using COVID-19 spam as a lure. Sphinx re-emerged in December but saw a big spike in March via the […] | Spam Malware | ||
|
2020-05-12 09:48:32 | YouTube channel descriptions conceal Astaroth malware (lien direct) | Over the past year, the Astaroth infostealer trojan has evolved into one of today’s stealthiest malware strains, containing a slew of anti-analysis and anti-sandbox checks to prevent security researchers from detecting and analyzing its operations. Luckily, all these innovations are only used to target and infect users in one country alone — namely Brazil. The […] | Malware | ||
|
2020-05-11 10:18:47 | EVILNUM malware targeting global financial sector (lien direct) | Hackers behind a series of targeted financial attacks have been updating their malware to better evade detection over the last year, according to new Prevailion research slated to be published Wednesday. Since at least February 2019, the hackers, who have begun impersonating CEOs and banks in their lure documents, have introduced at least seven updates […] | Malware | ||
|
2020-05-11 10:17:52 | Microsoft and Intel project converts malware into pictures (lien direct) | Microsoft and Intel have recently collaborated on a new research project that explored a new approach to detecting and classifying malware. Called STAMINA (STAtic Malware-as-Image Network Analysis), the project relies on a new technique that converts malware samples into grayscale images and then scans the image for textural and structural patterns specific to malware samples. […] | Malware | ||
|
2020-05-06 09:30:10 | DNS filtering increased by Telstra to combat malware (lien direct) | Australia’s incumbent telco Telstra announced on Wednesday it has stepped up its DNS filtering capabilities in an effort to fight malware passing through its network. Dubbed Cleaner Pipes, the initiative focuses on blocking command and control communications of botnets, the downloading of remote access trojans, as well as other forms of malware. The telco said […] | Malware | ||
|
2020-05-06 09:28:59 | Coronavirus Android app locks screens with malware (lien direct) | An existing version of the Android device screen-locking malware SLocker has apparently been copied and repackaged in the form of a mobile coronavirus app, in hopes of drawing in victims and encouraging downloads from third-party marketplace sites. Researchers at Bitdefender found the malicious app, which has been targeting users in Ukraine, Russia, Kazakhstan, Turkmenistan and […] | Malware | ||
|
2020-05-05 09:53:37 | SSH brute-force attacks on IoT via Kaiji malware (lien direct) | Security researchers say they’ve discovered yet another strain of malware that was specifically built to infect Linux-based servers and smart Internet of Things (IoT) devices, and then abuse these systems to launch DDoS attacks. Named Kaiji, this new malware was spotted last week by a security researcher named MalwareMustDie and the team at Intezer Labs. […] | Malware | ||
|
2020-04-30 10:01:37 | EventBot malware steals banking passwords and codes (lien direct) | Security researchers are sounding the alarm over a newly discovered Android malware that targets banking apps and cryptocurrency wallets. The malware, which researchers at security firm Cybereason recently discovered and called EventBot, masquerades as a legitimate Android app - like Adobe Flash or Microsoft Word for Android - which abuses Android's in-built accessibility features to […] | Malware | ||
|
2020-04-24 09:20:51 | Robert Dyas data breach slammed by customers (lien direct) | UK hardware store Robert Dyas has revealed that card-skimming malware on the chain’s e-commerce website has led to the theft of customer financial data. For 23 days, starting on March 7 and ending March 30, a card skimmer was operational on the Robert Dyas’ website, according to an email sent to customers and obtained by […] | Data Breach Malware | ||
|
2020-04-17 10:49:09 | Portuguese energy giant EDP being held to ransom after malware attack (lien direct) | We can report that this week, Portuguese multinational energy giant Energias de Portugal (EDP) is the latest enterprise to be battling against cyber attackers after suffering a ransomware attack. The group behind this attack used the RagnorLocker malware variant and it has been reported that the hackers are demanding $10.9m as ransom in return for […] | Ransomware Malware | ||
|
2020-04-17 10:07:47 | KnowBe4 Launches PhishRIP to Remove Suspicious Emails From Inboxes (lien direct) | KnowBe4 has launched a new feature to its PhishER product called PhishRIPTM, which helps security professionals remove, inoculate and protect against email threats faster. Technical controls do not filter out all of the malicious emails that come into a user's inbox. Various research has shown that phishing, spam and malware attachments still make it through email filters. Mimecast notes filters are missing 12% of unwanted emails. According to research […] | Spam Malware | ||
|
2020-04-17 09:58:54 | MBRLocker ransomware campaign trolls SentinelOne (lien direct) | SentinelOne has spoken out after an “attention-seeking prankster” trolled one of the firm’s security researchers with the release of a new ransomware strain. On Wednesday, the cybersecurity firm said that new MBRLocker malware variants have been released in a consistent wave over April, and while many of them appear to be little more than “pranks” […] | Ransomware Malware | ||
|
2020-04-16 09:36:03 | Nemty shuts down public RaaS (lien direct) | The operators of the Nemty ransomware have announced this week they were shutting down their public Ransomware-as-a-Service operation and opting to go private in order to focus and put more resources on targeted attacks. For those unfamiliar with this malware operation, Nemty is a classic RaaS (Ransomware-as-a-Service). It launched in the summer of 2019 and […] | Ransomware Malware | ||
|
2020-04-08 09:45:39 | (Déjà vu) xHelper Malware Re-Installs After Factory Reset (lien direct) | A mysterious piece of Android malware that re-installs itself on infected devices even after users delete it or factory reset their devices-making it nearly impossible to remove. xHelper reportedly infected over 45,000 devices last year, and since then, cybersecurity researchers have been trying to unfold how the malware survives factory reset and how it infected […] | Malware | ||
|
2020-04-08 09:44:52 | Malware Concealed Under SSL Certificates (lien direct) | Cybercriminals are increasingly relying on SSL certificates to lull people into a false sense of security when clicking malicious links. The assumption that HTTPS links and the accompanying lock icon protect employees from attack can threaten businesses without sufficient SSL inspection. Nearly 52% of the top 1 million websites were available over HTTPS in 2019, […] | Malware | ||
|
2020-04-02 08:55:01 | VelvetSweatshop Excel encryption spreads LimeRAT malware (lien direct) | A new campaign is spreading the LimeRAT Remote Access Trojan by harnessing an old encryption technique in Excel files. LimeRAT is a simple Trojan designed for Windows machines. The malware is able to install backdoors on infected machines and encrypt files in the same way as typical ransomware strains, add PCs to botnets, and […] | Ransomware Malware | ||
|
2020-04-02 08:53:42 | Holy Water watering hole attacks with malware (lien direct) | With many malicious websites, a user typically needs to click on a link to set off a chain of events that could then lead to a malware infection. But in some cases, all you have to do is visit a particular site to trigger a possible malware attack. That’s true with a series of […] | Malware Guideline | ★★★★ | |
|
2020-04-02 08:52:49 | COVID-19 malware wipes PC and rewrites MBR (lien direct) | With the coronavirus (COVID-19) pandemic raging all over the globe, some malware authors have developed malware that destroys infected systems, either by wiping files or rewriting a computer’s master boot record (MBR). With help from the infosec community, ZDNet has identified at least five malware strains, some distributed in the wild, while others appear […] | Malware | ★★ | |
|
2020-03-31 09:39:04 | Drop in Nation-State Attacks According to Google Analysis (lien direct) | Google has registered a significant drop in government-backed cyberattacks against its properties and the people who use its products. Google sends out warnings if it detects that an account is a target of government-backed phishing or malware attempts. For 2019, the internet giant sent almost 40,000 warnings – which, while a large number, is […] | Malware |
To see everything:
Our RSS (filtrered)
