What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-12-06 09:49:45 | (Déjà vu) Company sued by Facebook for Running Bad Ads (lien direct) | In a lawsuit filed today, Facebook alleges that a Chinese company used malware to compromise user accounts to run deceptive ads on the social media platform. The end goal of compromising Facebook accounts was distribution of deceptive ads for counterfeit goods and diet pills. Source: Bleeping Computer | Malware | ||
|
2019-11-29 10:00:37 | (Déjà vu) Thanksgiving eCard Emails Distributing Malware (lien direct) | With Thanksgiving being celebrated in the United States, malware distributors are sending out holiday themed emails to distribute the Emotet Trojan and other malware. New email campaigns are underway that pretend to be Thanksgiving Day greeting cards and office closing notices with last minute invoices. Users who fall for the emails and open the attached word […] | Malware | ||
|
2019-11-28 09:57:14 | Over 80,000 devices were hijacked by Dexphot Malware and used to Mine Cryptocurrency (lien direct) | Microsoft is warning of malware, Dexphot, that has infected more than 80,000 machines, sucking up their CPU power in order to mine cryptocurrency. Researchers first discovered Dexphot in October 2018 and saw its activity peak during July. They said that the malware has a complex attack chain and also uses various methods to outwit detection […] | Malware | ||
|
2019-11-28 09:51:46 | (Déjà vu) Prosegur Security Firm Shut Down Network due to Ryuk Ransomware (lien direct) | In a statement at midday today (local time), Spanish multinational security company Prosegur announced that it was the victim of a cybersecurity incident disrupting its telecommunication platform. The company restricted communications with its customers to avoid malware propagation. Although there is no official confirmation, BleepingComputer has learned that the attack affects all Prosegur locations in Europe. […] | Ransomware Malware | ||
|
2019-11-26 09:48:50 | Customer Data Exposed by PoS Malware of at Catch Restaurants (lien direct) | A newly announced data breach of several popular Catch restaurants stemmed from malware on its point-of-sale (PoS) systems. Popular NYC restaurants Catch NYC, Catch Roof and Catch Steak discovered and removed malware on their point-of-sale (PoS) systems - but not before it exposed credit-card information from unknowing diners. Source: Threat Post | Data Breach Malware Threat | ||
|
2019-11-25 09:51:10 | (Déjà vu) Credit Card Stealing Malware Incident announced by Catch Restaurants (lien direct) | Catch Hospitality Group has disclosed that point-of-sale systems (POS) at NYC hotspots Catch NYC, Catch Rooftop, and Catch Steak were infected with malware that allowed attackers to steal credit card information from customers. According to Catches ‘payment card incident’ notice, the POS malware was active at Catch NYC and Catch Rooftop between March 19, 2019 and […] | Malware | ||
|
2019-11-21 12:08:18 | Under the microscope: inbound versus outbound email protection (lien direct) | By Rahul Powar, CEO and co-founder, Red Sift Times change, technologies continue to evolve, and yet email remains the easiest avenue of attack for cybercriminals looking to hack into your business Need convincing? Well, in 2018 94% of malware attacks were deployed by email, 78% of cyber espionage incidents used phishing, and 32% of all […] | Malware Hack | ||
|
2019-11-21 09:44:51 | (Déjà vu) DoppelPaymer Ransomware Threat warning from Microsoft (lien direct) | The Microsoft Security Response Center (MSRC) warned customers of the threat behind ongoing DoppelPaymer ransomware attacks and reminded them about misleading info on how it spreads. “There is misleading information circulating about Microsoft Teams, along with references to RDP (BlueKeep), as ways in which this malware spreads,” MSRC Director of Incident Response Simon Pope says. Source: Bleeping Computer | Ransomware Malware Threat Guideline | ||
|
2019-11-15 09:59:04 | Malware Spread by Actor Impersonating Government Officials (lien direct) | Since October, a threat actor has been impersonating governmental agencies in phishing emails designed to infect American, German and Italian organizations with various forms of malware, including the Cobalt Strike backdoor, Maze ransomware and the IcedID banking trojan. Source: SC Magazine | Ransomware Malware Threat | ||
|
2019-11-11 09:23:44 | (Déjà vu) Trump and Clinton Themed Malware Infections (lien direct) | Just as people express their political views through art, malware developers express their political ideologies, hopes, and frustrations through the computer infections they create. While investigating a recent malspam campaign, the Cisco Talos Group noticed that the payload was named Trump.exe. Noticing the politically themed name, Talos began researching other malicious programs that contained political […] | Malware | ||
|
2019-11-07 09:47:32 | Industrial sector targeted by Adversary harboring DopplePaymer ransomware (lien direct) | A cyber adversary in possession of both ransomware and point-of-sale malware was recently found to have obtained “a deep level of access” to the infrastructures of at least two targets, including a U.S.-based aluminum and stainless steel gratings company, researchers have reported. Source: SC Magazine | Ransomware Malware | ★★★★ | |
|
2019-11-06 15:29:56 | (Déjà vu) 8 Years on the Run – Researchers Discover DarkUniverse APT (lien direct) | Security researchers today published technical details about malware used by a new threat actor that matches a signature in a scanner likely built by the U.S. National Security Agency and leaked more than two years ago. The new threat received the name DarkUniverse and was active for at least eight years, between 2009 and 2017. […] | Malware Threat | ||
|
2019-11-05 13:02:33 | (Déjà vu) Trik botnet now spreads Nemty ransomware (lien direct) | The operators of Nemty ransomware have found a new distributor for their file-encrypting malware, which now spreads via Trik, a botnet that pushes all sorts of threats. The malware is spread to systems that have the Server Message Block (SMB) network communication protocol exposed on the web and protected by weak credentials. Source: Bleeping Computer | Ransomware Malware | ||
|
2019-11-01 09:44:45 | (Déjà vu) Malware Scare with Halloween Emails (lien direct) | The Emotet Trojan is celebrating Halloween by pushing out new spam templates that want to invite you to a neighborhood party. While these emails promise you a treat, in reality Emotet is tricking you into installing an infection. For those not familiar with Emotet, it is a malware infection that is spread through spam emails containing […] | Spam Malware | ||
|
2019-11-01 09:44:09 | (Déjà vu) Telco Networks SMS Messages stolen by Chinese Cyber Espionage Group (lien direct) | APT41’s new campaign is latest to highlight trend by Chinese threat groups to attack upstream service providers as a way to reach its intended targets, FireEye says. APT41, a Chinese hacking group known for its prolific state-sponsored espionage campaigns, has begun targeting telecommunications companies with new malware designed to monitor and save SMS traffic from […] | Malware Threat Guideline | APT 41 | |
|
2019-10-31 10:05:09 | List of victims added to Xhelper ad dropper (lien direct) | There has been a surge in activity surrounding the Xhelper Android ad dropper, with more than 45,000 devices being infected since the malware made its first appearance six months ago. In the past month an average of 131 devices were infected each day, with about 2,400 devices persistently infected throughout the month. The malware mostly […] | Malware | ||
|
2019-10-30 09:50:14 | Israeli firm sued by WhatsApp over phone hacking claims (lien direct) | Facebook-owned WhatsApp has filed a lawsuit against Israel’s NSO Group, alleging the firm was behind cyber-attacks that infected devices with malicious software. WhatsApp accuses the company of sending malware to roughly 1,400 mobile phones for the purposes of surveillance. Users affected included journalists, human rights activists, political dissidents, and diplomats. Source: BBC | Malware | ||
|
2019-10-29 09:47:37 | American Cancer Society online stores attacked with skimming malware (lien direct) | One Magecart group decided that helping cancer victims is not enough of a reason to deter them from hitting the American Cancer Society's online store with skimming malware. Sanguine Security found the malware on www.shop.cancer.org/ hiding behind the GoogleTagManager code. The store sells t-shirts emblazoned with the organization's logo. Source: SC Magazine | Malware | ||
|
2019-10-25 09:14:59 | Mobile users targeted with malware (lien direct) | Cybercriminals continue to seed app stores with malicious apps, advanced attackers successfully compromise mobile devices, and advertisers continue to track users, new reports show. The ubiquity of mobile devices continues to attract attackers as malicious apps have surged 20% across third-party app stores, advertisers and tracking firms account for nine of 10 API calls for […] | Malware | ||
|
2019-10-24 10:15:50 | (Déjà vu) New malware targeting Discord users (lien direct) | A new malware is targeting Discord users by modifying the Windows Discord client so that it is transformed into a backdoor and an information-stealing Trojan. The Windows Discord client is an Electron application, which means that almost all of its functionality is derived from HTML, CSS, and JavaScript. This allows malware to modify its core files […] | Malware | ||
|
2019-10-22 09:12:26 | (Déjà vu) Chinese hackers use malware to backdoor Microsoft SQL servers (lien direct) | New malware created by Chinese-backed Winnti Group has been discovered by researchers at ESET while being used to gain persistence on Microsoft SQL Server (MSSQL) systems. The new malicious tool dubbed skip-2.0 can be used by the attackers to backdoor MSSQL Server 11 and 12 servers, enabling them to connect to any account on the server using a so-called “magic password” and […] | Malware Tool | ||
|
2019-10-18 10:13:01 | (Déjà vu) Russian hackers noticed after being undetected for years (lien direct) | Cyber-espionage operations from Cozy Bear, a threat actor believed to work for the Russian government, continued undetected for the past years by using malware families previously unknown to security researchers. Relying on stealthy communication techniques between infected systems and the command and control (C2) servers, the group managed to keep their activity under the radar […] | Malware Threat | APT 29 | |
|
2019-10-17 09:28:06 | (Déjà vu) 30,000 Sextortion email sent per hour due to malware attack on your PC (lien direct) | Sextortion emails stating that your computer was hacked and video was created of you on porn sites have become so common that many ignore them and treat them simply as another spam. That does not mean, though, that they are not profitable as a new report shows that the attackers are generating a decent revenue […] | Malware | ||
|
2019-10-17 09:27:37 | (Déjà vu) WAV Audio Files hides cryptominers by hackers (lien direct) | Attackers behind a new malicious campaign are using WAV audio files to hide and drop backdoors and Monero cryptominers on their targets’ systems as BlackBerry Cylance threat researchers discovered. While various other malware peddlers were previously observed injecting payloads in JPEG or PNG image files with the help of steganography, a well-known technique used to evade anti-malware detection, this is […] | Malware Threat | ||
|
2019-10-16 09:05:36 | Mac malware spread by fake company pushing cryptocurrency app (lien direct) | It appears North Korean hackers have revisited a tried-and-true scheme to attack Mac owners who work at cryptocurrency exchanges: creating a fake company and corresponding cryptocurrency trading app that actually infects users with malware. Researcher Patrick Wardle, creator of OS X security firm Objective-See, reported in a blog post late last week that malicious actors set up a […] | Malware | ||
|
2019-10-15 10:43:42 | (Déjà vu) Winnti Group uses new PortReuse malware on Asian Manufacturers (lien direct) | Winnti Group hackers have updated their arsenal with a new modular Windows backdoor that they used to infect the servers of a high-profile Asian mobile hardware and software manufacturer. The hacking group’s ShadowPad malware also received some updates, with random module IDs and some extra obfuscation being the most noteworthy additions according to ESET researchers who monitored the hackers’ attacks […] | Malware | ||
|
2019-10-15 10:32:53 | Pitney Bowes system taken down by malware (lien direct) | Pitney Bowes reported today that it was hit with malware that has made some files inaccessible, but stopped short of calling it a ransomware attack. Pitney Bowes said the attack has encrypted some corporate information and disrupted customer access to certain services, but at this time the company does not believe any customer or employee […] | Ransomware Malware | ||
|
2019-10-11 09:21:49 | (Déjà vu) Diplomats are being targeted by a new malware software (lien direct) | A new modular and malware designed to target diplomatic and government entities was spotted by ESET researchers while being utilized in attacks aimed at Russian-speaking individuals for at least 7 years. The espionage malware strain dubbed Attor by the researchers comes with some unusual capabilities including the use of encrypted modules, Tor-based communications, and a plugin […] | Malware | ||
|
2019-10-09 09:15:58 | (Déjà vu) 269% increase in attacks to Business Emails (lien direct) | A new Mimecast report finds a significant uptick in BEC attacks, malware attachments, and spam landing in target inboxes. Business email compromise (BEC) ramped up 269% from last quarter to this quarter, according to Mimecast’s latest Email Security Risk Assessment (ESRA). This quarter showed a massive spike in emails containing dangerous file types, malware attachments, […] | Spam Malware | ||
|
2019-10-08 09:00:07 | New Report Finds Staggering Increase in Business Email Compromise (BEC) Attacks (lien direct) | Mimecast (NASDAQ: MIME), a leading email and data security company, announced the availability of its latest Email Security Risk Assessment (ESRA). The quarterly assessment is an aggregated report of tests that measure the efficacy of widely used email security systems.[1] This quarter's ESRA report found a significant increase in Business Email Compromise (BEC) attacks, emails containing dangerous file types, malware […] | Malware Guideline | ||
|
2019-10-04 10:25:52 | (Déjà vu) Payment Card Theft via PoS Malware in Four U.S Food Chains (lien direct) | Hackers caused havoc at four restaurant chains in the U.S. over the summer after compromising their payment systems with malware that stole customers’ payment card information. In the last two days, McAlister’s Deli, Moe's Southwest Grill, Schlotzsky's, and Hy-Vee disclosed publicly that their networks were infected with point-of-sale malware copying data from cards used in […] | Malware | ||
|
2019-10-02 09:39:01 | GhostCat malware hits publishing companies (lien direct) | A malicious campaign that waged 13 attacks against hundreds of well-known publishers has been identified and put down by The Media Trust. Rather appropriately for the Halloween season, the malware was given the name GhostCat-3PC by researchers in the Trust’s Digital Security & Operations (DSO) team. GhostCat-3PC ran behind an ad that used advanced, obfuscated code and […] | Malware | ||
|
2019-10-02 09:38:15 | (Déjà vu) US petroleum companies hit by new malware (lien direct) | Attackers are using an obfuscated version of Adwind Remote Access Trojan for stealing data, Netskope says. An unknown threat actor is targeting companies in the US petroleum industry with a sophisticated data-stealing remote access Trojan (RAT) that previously had been used in attacks against retail and hospitality organizations. Netskope says it observed a recent spike […] | Malware Threat | ||
|
2019-09-30 09:24:37 | Legit tools Node.JS and WinDivert abused by fileless malware campaign (lien direct) | An attack campaign targeting primarily the U.S. and Europe is leveraging two legitimate tools, the Node.js framework and WinDivert, to install “fileless” malware that appears to either turn victims' systems into proxies or perpetrates click fraud. Researchers from both Microsoft Corporation and Cisco Talos yesterday filed separate reports warning of this campaign, which they have named Nodersok or Divergent, respectively. Microsoft, which […] | Malware | ||
|
2019-09-30 09:22:14 | Malware spread by scammers using fake Google Alerts (lien direct) | Cybercriminals have found a way to use Google Alerts to hook victims into scams or push malware. Bleeping Computer CEO Lawrence Abrams found that malicious actors are creating malicious sites into Google so they will be emailed to people who have alerts set for that particular subject matter. The malicious pages are created using popular keywords […] | Malware | ||
|
2019-09-26 10:53:13 | Over 8,000 Florida residents hit by possible data breach (lien direct) | The city of Palm Bay is monitoring a possible data breach involving the city's online utilities payment system. The company that operates the system found evidence of malware that may have compromised the billing information of thousands of customers. The city said the information on Click2Gov is encrypted, meaning if someone attempted to access billing information, […] | Data Breach Malware | ||
|
2019-09-17 13:49:33 | Cyrptojacking enabled by Skidmap malware on Linux machines. (lien direct) | Researchers have discovered a sophisticated cryptomining program that uses loadable kernel modules (LKMs) to help infiltrate Linux machines, and hides its malicious activity by displaying fake network traffic stats. Dubbed Skidmap, the malware can also grant attackers backdoor access to affected systems by setting up a secret master password that offers access to any user account […] | Malware | ||
|
2019-09-16 11:20:19 | (Déjà vu) New Spam Malware Campaign Targeting Germany. (lien direct) | A new spam campaign is underway that pretends to be a job application from “Eva Richter” who is sending her photo and resume. This resume, though, is actually an executable masquerading as a PDF file that destroys a victim’s files by installing the Ordinypt Wiper. Ordinypt is a destructive malware commonly targeted at German people that […] | Spam Malware | ||
|
2019-09-12 13:02:01 | (Déjà vu) Confidential Military, Financial Files stolen from Ryuk Related Malware. (lien direct) | A new malware with strange associations to the Ryuk Ransomware has been discovered to look for and steal confidential financial, military, and law enforcement files. While Ryuk Ransomware encrypts a victim’s files and then demands a ransom, it is not known for actually stealing files from an infected computer. A new infection discovered today by MalwareHunterTeam, […] | Ransomware Malware | ||
|
2019-09-11 11:25:05 | Montegomery County School District Ransomware Attack. (lien direct) | A Montgomery County school district has become the latest apparent victim of a ransomware cyberattack that struck just after the start of the new school year. On Monday, Souderton Area School District Superintendent Dr. Frank Gallagher said that the district's computer network was hit by the malware attack on Sunday, Sept. 1. Students had returned […] | Ransomware Malware | ||
|
2019-09-10 14:58:00 | (Déjà vu) Captcha Used to Bypass Automated Detection on Microsoft Phishing Pages. (lien direct) | A new phishing campaign has been observed in the wild using captcha boxes to hide a fake Microsoft account login page from secure email gateways (SEGs). Businesses use SEGs to protect against a wide variety of email-based attacks. They scan all messages, in or out, for malicious content and protect at least against malware and […] | Malware | ||
|
2019-09-09 09:22:04 | (Déjà vu) Nemty Ransomware Spread From Fake PaylPal Site. (lien direct) | A web page pretending to offer an official application from PayPal is currently spreading a new variant of Nemty ransomware to unsuspecting users. It appears that the operators of this file-encrypting malware are trying various distribution channels as it was recently observed as a payload from the RIG exploit kit (EK). Source: Bleeping Computer | Ransomware Malware | ||
|
2019-09-09 09:19:05 | \'Joke\' Spyware attacking Android smartphones. (lien direct) | Android smartphone users have been hit by a new malware – Joker. Aleksejs Kuprins, a security researcher at cybersecurity threat intelligence specialists CSIS Security Group, said ‘Joker’ spyware — which derives its name from one of the command-and-control servers found by CSIS researchers — has been detected in 24 apps that have collectively been installed […] | Malware Threat | ||
|
2019-09-04 10:08:05 | Malware campaign to track Muslims, Android and windows devices have been reported in China. (lien direct) | A recently exposed malware campaign that used watering-hole attacks to target iPhone users for more than two years was reportedly part of an effort to track Uyghur Muslims based in China's Xinjiang state. The campaign was actually broader than originally thought, and attempted to infect Android and Microsoft Windows devices as well, reports are also stating. Citing […] | Malware | ||
|
2019-08-19 12:15:03 | Ransomware Modifications Double Year-On-Year In Q2 2019. (lien direct) | Kaspersky researchers detected 16,017 new ransomware modifications in Q2 2019 – including ones belonging to eight new malware families. This is more than double the number of new samples detected a year ago, in Q2 2018 (7,620). The Kaspersky IT Threat Evolution Q2 2019 report also highlights that more than 230,000 users were attacked during […] | Ransomware Malware Threat | ||
|
2019-08-12 17:13:04 | DSLR cameras are vulnerable to ransomware attack according to reseachers. (lien direct) | Check Point Software Technologies issued a report yesterday that detailed how its security researchers were able to remotely install malware on a digital DSLR camera. In it, researcher Eyal Itkin found that a hacker can easily plant malware on a digital camera. He says that the standardised Picture Transfer Protocol is an ideal method for […] | Ransomware Malware | ||
|
2019-07-19 14:35:01 | Malware that waits for three mouse clicks before running. (lien direct) | An elusive hacking operation is using a previously unreported backdoor in a malware campaign targeting diplomats and government departments around the world. The Ke3chang advanced persistent threat group is thought to operate out of China and has conducted cyber-espionage campaigns using remote access trojans and other malware since at least 2010. Now cybersecurity researchers at ESET have identified […] | Malware Threat | APT 15 APT 25 | ★★ |
|
2019-07-04 11:53:04 | Anti-Virus Companies Now Flag Malware China Installs on Tourists\' Phones. (lien direct) | Multiple antivirus companies are now explicitly flagging in their products an app that Chinese authorities were planting onto the phones of tourists at the country’s border. Tuesday, a collaboration between Motherboard, Süddeutsche Zeitung, the Guardian, the New York Times, and the German public broadcaster NDR revealed Chinese authorities are installing the malware-called BXAQ or Fengcai-onto travelers’ Android devices at […] | Malware | ||
|
2019-07-02 13:55:04 | Cyberattack forces Georgia agency to shut down websites. (lien direct) | A Georgia state agency says a cyberattack has forced it to shut down some court websites. aNews outlets report hackers demanding a ransom infected computers with malware at the Georgia Administrative Office of the Courts. Agency spokesman Bruce Shaw said Monday that officials have “quarantined our servers and shut off our network to the outside.” […] | Malware | ||
|
2019-06-26 10:44:05 | (Déjà vu) Silex malware is bricking IoT devices. (lien direct) | Over 2,000 devices have been bricked in the span of a few hours. Attacks still ongoing. A new strain of malware is wiping the firmware of IoT devices in attacks reminiscent of the old BrickerBot malware that destroyed millions of devices back in 2017. Source: ZDNet | Malware |
To see everything:
Our RSS (filtrered)
