Security Affairs

MAY 1, 2024

A new malware named Cuttlefish targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data. The malware creates a proxy or VPN tunnel on the compromised router to exfiltrate data, and then uses stolen credentials to access targeted resources.

Malware 113

Malware DNS Authentication Telecommunications 113

Security Affairs

APRIL 15, 2024

The Ukrainian hacking group Blackjack used a destructive ICS malware dubbed Fuxnet in attacks against Russian infrastructure. Team82 and Claroty have been unable to verify the attackers’ claims, however, they conducted a detailed analysis of the Fuxnet malware relying on information provided by the attackers.

Malware 134

Malware Firmware IoT Hacking 134

Bleeping Computer

SEPTEMBER 30, 2022

Security researchers have discovered a malicious campaign by the 'Witchetty' hacking group, which uses steganography to hide a backdoor malware in a Windows logo. [.].

Hacking 134

Hacking Malware 134

Security Affairs

APRIL 13, 2024

Researchers warn threat actors are manipulating GitHub search results to target developers with persistent malware. Checkmarx researchers reported that t hreat actors are manipulating GitHub search results to deliver persistent malware to developers systems. Merely checking for known vulnerabilities is insufficient.

Malware 131

Malware Cryptocurrency Encryption Hacking 131

Schneier on Security

MAY 10, 2023

Reuters is reporting that the FBI “had identified and disabled malware wielded by Russia’s FSB security service against an undisclosed number of American computers, a move they hoped would deal a death blow to one of Russia’s leading cyber spying programs.” Presumably we will learn more soon.

Malware 259

Malware Hacking 259

Bleeping Computer

DECEMBER 6, 2021

The Nobelium hacking group continues to breach government and enterprise networks worldwide by targeting their cloud and managed service providers and using a new custom "Ceeloader" malware. [.].

Hacking 144

Hacking Malware Government 144

Schneier on Security

JULY 20, 2022

The Russian hacking group Turla released an Android app that seems to aid Ukrainian hackers in their attacks against Russian networks. But the app they developed was actually malware. To add more credibility to the ruse they hosted the app on a domain “spoofing” the Azov Regiment: cyberazov[.]com. com. […].

Malware 254

Malware DDOS Hacking 254

Krebs on Security

JUNE 21, 2023

If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. This story explores the history and identity behind Cryptor[.]biz WHO RUNS CRYPTOR[.]BIZ?

Malware 216

Malware Antivirus Cybercrime Hacking 216

Bleeping Computer

APRIL 26, 2023

The Chinese APT hacking group known as 'Evasive Panda' are behind a mysterious attack that distributed the MsgBot malware as part of an automatic update for the Tencent QQ messaging app. [.]

Hacking 105

Hacking Malware 105

Security Affairs

APRIL 27, 2024

ThreatFabric researchers identified a new Android malware called Brokewell, which implements a wide range of device takeover capabilities. ThreatFabric researchers uncovered a new mobile malware named Brokewell, which is equipped with sophisticated device takeover features. ” reads the report published by ThreatFabric.

Malware 117

Malware Spyware Authentication Mobile 117

Security Affairs

APRIL 12, 2024

Proofpoint researchers observed a threat actor, tracked as TA547, targeting German organizations with an email campaign delivering the Rhadamanthys malware. The security firm pointed out that this is the first TA547 group to use this malware family. The experts also discovered the attempts of using LLM in malware campaigns.

Malware 114

Malware Social Engineering Retail Engineering 114

The Hacker News

NOVEMBER 7, 2023

The North Korea-linked nation-state group called BlueNoroff has been attributed to a previously undocumented macOS malware strain dubbed ObjCShellz. Jamf Threat Labs, which disclosed details of the malware, said it's used as part of the RustBucket malware campaign, which came to light earlier this year.

Malware 118

Malware Hacking 118

Bleeping Computer

MARCH 4, 2024

The North Korean APT hacking group Kimsuky is exploiting ScreenConnect flaws, particularly CVE-2024-1708 and CVE-2024-1709, to infect targets with a new malware variant dubbed ToddleShark. [.]

Malware 127

Malware Hacking 127

Heimadal Security

SEPTEMBER 28, 2022

Lazarus, a North Korean hacking group, now spreads macOS malware via fake Crypto.com job offers. The post Lazarus Hacking Group Spreads Malware Via Bogus Job Offers appeared first on Heimdal Security Blog. The goal is to steal as much cryptocurrency and NFTs as possible or even carry out corporate espionage […].

Hacking 108

Hacking Malware Cryptocurrency Cybersecurity 108

SecureBlitz

APRIL 11, 2024

Unfortunately, GetMonero site has been hacked. This malware, […] The post GetMonero Site has been hacked by an unknown hacker appeared first on SecureBlitz Cybersecurity. An unidentified hacker infiltrated the GetMonero website (GetMonero.com) and injected malicious code into the downloadable Linux and Windows binaries.

Hacking 91

Hacking Cryptocurrency Malware Software 91

Bleeping Computer

OCTOBER 31, 2022

The Chinese Cicada hacking group, tracked as APT10, was observed abusing security software to install a new version of the LODEINFO malware against Japanese organizations. [.].

Antivirus 99

Antivirus Software Hacking Malware 99

Bleeping Computer

MARCH 9, 2024

A financially motivated hacking group named Magnet Goblin uses various 1-day vulnerabilities to breach public-facing servers and deploy custom malware on Windows and Linux systems. [.]

Malware 139

Malware Hacking 139

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. ” reads the report published by NCC Group.

Malware 125

Malware Ransomware Banking Healthcare 125

Security Boulevard

DECEMBER 8, 2023

Newly discovered cracked applications being distributed by unauthorized websites are delivering Trojan-Proxy malware to macOS users who are looking for free or cheap versions of the software tools they want. The malware can be used by bad actors for a range of malicious activities, including hacking into systems or running phishing campaigns.

Software 136

Software Malware Phishing Hacking 136

Bleeping Computer

JANUARY 18, 2024

Google says the ColdRiver Russian-backed hacking group is pushing previously unknown backdoor malware using payloads masquerading as a PDF decryption tool. [.]

Malware 137

Malware Hacking 137

Bleeping Computer

JUNE 29, 2023

Security analysts have discovered a previously undocumented remote access trojan (RAT) named 'EarlyRAT,' used by Andariel, a sub-group of the Lazarus North Korean state-sponsored hacking group. [.]

Hacking 139

Hacking Malware 139

Security Affairs

MARCH 18, 2024

Japanese technology giant Fujitsu on Friday announced it had suffered a malware attack, threat actors may have stolen personal and customer information. The company revealed that multiple work computers were infected with malware, in response to the compromise the security staff disconnected impacted systems from the network. .

Data breaches 122

Data breaches Malware Technology Government 122

Bleeping Computer

MARCH 4, 2024

The North Korean APT hacking group Kimsuky is exploiting ScreenConnect flaws, particularly CVE-2024-1708 and CVE-2024-1709, to infect targets with a new malware variant dubbed ToddlerShark. [.]

Malware 106

Malware Hacking 106

Bleeping Computer

SEPTEMBER 20, 2022

American video game publisher 2K has confirmed that its help desk platform was hacked and used to target customers with fake support tickets pushing malware via embedded links. [.].

Hacking 99

Hacking Malware 99

The Hacker News

FEBRUARY 29, 2024

The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the goal of infecting developer systems with malware. The packages, now taken down, are pycryptoenv, pycryptoconf, quasarlib, and swapmempool.

Malware 130

Malware Accountability Hacking 130

Security Affairs

APRIL 24, 2024

A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners. Avast researchers discovered and analyzed a malware campaign that exploited the update mechanism of the eScan antivirus to distribute backdoors and crypto miners.

Antivirus 111

Antivirus Malware DNS Cryptocurrency 111

Malwarebytes

JULY 28, 2021

And while actual, measurable cyberrattacks and hacks surrounding The Olympics did not truly get rolling until 2008 in Beijing, The Olympic games have traditionally been quite the target for malicious acts of all kinds, dating back years. It was also the first major Olympics event where organizers braced for hacking related impact.

Scams 141

Scams Hacking Malware Mobile 141

Security Affairs

MARCH 4, 2021

FireEye researchers spotted a new sophisticated second-stage backdoor that was likely linked to threat actors behind the SolarWinds hack. The new malware is dubbed Sunshuttle , and it was “uploaded by a U.S.-based based entity to a public malware repository in August 2020.” SecurityAffairs – hacking, SolarWinds).

Malware 118

Malware Hacking Antivirus Information Security 118

Bleeping Computer

AUGUST 20, 2022

WordPress sites are being hacked to display fake Cloudflare DDoS protection pages to distribute malware that installs the NetSupport RAT and the RaccoonStealer password-stealing Trojan. [.].

DDOS 98

DDOS Hacking Malware Passwords 98

Security Boulevard

DECEMBER 13, 2023

The post Russia Hacks Ukraine, Ukraine Hacks Russia — Day#658 appeared first on Security Boulevard. When will it end? Russia takes down Kyivstar cellular system, Ukraine destroys Russian tax system.

Hacking 131

Hacking Digital transformation Social Engineering Data privacy 131

We Live Security

OCTOBER 6, 2021

The post To the moon and hack: Fake SafeMoon app drops malware to spy on you appeared first on WeLiveSecurity. Cryptocurrencies rise and fall, but one thing stays the same – cybercriminals attempt to cash in on the craze.

Malware 144

Malware Hacking Cryptocurrency 144

Penetration Testing

FEBRUARY 27, 2024

This attack, attributed to the infamous Lazarus hacking group, leverages a dangerous tactic: preying on developers’... The post Lazarus Hacking Group’s Malicious Python Packages Uncovered appeared first on Penetration Testing.

Hacking 144

Hacking Penetration Testing Malware 144

Bleeping Computer

NOVEMBER 2, 2023

A new macOS malware dubbed 'KandyKorn' has been spotted in a campaign attributed to the North Korean Lazarus hacking group, targeting blockchain engineers of a cryptocurrency exchange platform. [.]

Cryptocurrency 129

Cryptocurrency Engineering Malware Hacking 129

Security Boulevard

MAY 6, 2024

The post Germany Warns Russia: Hacking Will Have Consequences appeared first on Security Boulevard. War of the words: Fancy Bear actions are “intolerable and unacceptable,” complains German foreign minister Annalena Baerbock.

Hacking 87

Hacking Risk Government Malware 87

The Hacker News

FEBRUARY 27, 2023

A new ChromeLoader malware campaign has been observed being distributed via virtual hard disk (VHD) files, marking a deviation from the ISO optical disc image format.

Hacking 89

Hacking Malware 89

Heimadal Security

DECEMBER 5, 2022

Lazarus hacking group spreads malware using a fake cryptocurrency app called BloxHolder. This made-up brand pretends to offer cryptocurrency applications, tricking users to install AppleJeus malware. AppleJeus malware, identified in 2018, enables the threat actors to have initial access to a network and steal crypto assets.

Malware 84

Malware Hacking Cryptocurrency Cybersecurity 84

Security Affairs

JANUARY 30, 2024

Once the malware has escalated the privileges on a machine, the threat actors use a batch script to uninstall popular antivirus solutions installed on the machine. In early January, the Cactus ransomware group claimed to have hacked Coop, one of the largest retail and grocery providers in Sweden.

Ransomware 133

Ransomware Hacking Data breaches Digital transformation 133