Security Affairs

APRIL 11, 2022

Cybersecurity researchers spotted a new Windows information-stealing malware, named FFDroider, designed to steal credentials and cookies. Cybersecurity researchers from Zscaler ThreatLabz warn of a new information-stealing malware, named FFDroider, that disguises itself as the popular instant messaging app Telegram.

Malware 80

Malware Media Firewall Advertising 80

Security Affairs

APRIL 27, 2024

ThreatFabric researchers identified a new Android malware called Brokewell, which implements a wide range of device takeover capabilities. ThreatFabric researchers uncovered a new mobile malware named Brokewell, which is equipped with sophisticated device takeover features. ” reads the report published by ThreatFabric.

Malware 107

Malware Spyware Authentication Mobile 107

Security Affairs

APRIL 15, 2024

The Ukrainian hacking group Blackjack used a destructive ICS malware dubbed Fuxnet in attacks against Russian infrastructure. The website ruexfil.com provided detailed information about the attacks against Moscollector, the hackers also published screenshots of monitoring systems, servers, and databases they claim to have compromised.

Malware 122

Malware Firmware IoT Hacking 122

Security Boulevard

JANUARY 31, 2024

Permalink The post USENIX Security ’23 – Black-box Adversarial Example Attack Towards FCG Based Android Malware Detection Under Incomplete Feature Information appeared first on Security Boulevard. Originating from the conference’s events situated at the Anaheim Marriott ; and via the organizations YouTube channel.

Malware 69

Malware Architecture Education Information Security 69

CSO Magazine

MAY 1, 2023

At this year's RSA Conference, information security experts appeared on a panel entitled "Misinformation Is the New Malware" to hammer out the distinctions. As both types of threats escalate and frequently appear simultaneously in threat actors' campaigns, the lines between the two are getting fuzzy.

Malware 118

Malware Ransomware Information Security Cybersecurity 118

Security Affairs

APRIL 12, 2024

TA547 group is targeting dozens of German organizations with an information stealer called Rhadamanthys, Proofpoint warns. Proofpoint researchers observed a threat actor, tracked as TA547, targeting German organizations with an email campaign delivering the Rhadamanthys malware.

Malware 100

Malware Social Engineering Retail Engineering 100

Security Affairs

MAY 20, 2024

Researchers discovered a sophisticated cybercriminal campaign by Russian-speaking threat actors that used GitHub to distribute malware. The campaign shows how attackers exploit trusted internet services to carry out cyberattacks that steal personal information. This tactic allows them to avoid detection.

Malware 98

Malware Banking Software Advertising 98

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. ” According to Kilmer, AVrecon is the malware that gives SocksEscort its proxies.

Malware 209

Malware VPN Internet Internet 209

Security Affairs

MAY 3, 2024

This feature prevents malware execution outside the infected machine, a feature that had been abandoned by many malware variants that borrow the Zeus leaked source code. The malware implements this feature by checking a specific key/value in the Windows registry. ” reads the analysis published by Zscaler.

Malware 118

Malware Banking Hacking Cybercrime 118

Security Affairs

APRIL 24, 2024

A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners. Avast researchers discovered and analyzed a malware campaign that exploited the update mechanism of the eScan antivirus to distribute backdoors and crypto miners. ” concludes the report.

Antivirus 97

Antivirus Malware DNS Cryptocurrency 97

Security Affairs

APRIL 13, 2024

Researchers warn threat actors are manipulating GitHub search results to target developers with persistent malware. Checkmarx researchers reported that t hreat actors are manipulating GitHub search results to deliver persistent malware to developers systems. Merely checking for known vulnerabilities is insufficient.

Malware 118

Malware Cryptocurrency Encryption Hacking 118

Security Affairs

MAY 1, 2024

A new malware named Cuttlefish targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data. The malware creates a proxy or VPN tunnel on the compromised router to exfiltrate data, and then uses stolen credentials to access targeted resources.

Malware 99

Malware DNS Authentication Telecommunications 99

Security Affairs

MAY 26, 2024

The government experts reported that the group carried out at least two massive campaigns since May 20, threat actors aimed at distributing SmokeLoader malware via email. “Starting from May 20th, hackers have launched at least two massive campaigns with emails containing the SmokeLoader malware.”

Malware 104

Malware Banking Accountability Phishing 104

Security Affairs

MAY 22, 2024

A threat actor is targeting organizations in Africa and the Middle East by exploiting Microsoft Exchange Server flaws to deliver malware. According to the researchers, the malware campaign targeting MS Exchange Server has been active since at least 2021. The keylogger was used to collect account credentials.

Malware 116

Malware Accountability Technology Internet 116

Security Affairs

APRIL 24, 2024

The individuals launched spear-phishing and malware attacks. The four Iranian nationals are Hossein Harooni, Reza Kazemifar, Komeil Baradaran Salmani, and Alireza Shafie Nasab — are accused of participating in a malware operation using spear-phishing and other hacking techniques to harvest hundreds of thousands of corporate employee accounts.

Government 88

Government Phishing Social Engineering Hacking 88

SecureWorld News

FEBRUARY 23, 2023

In a breach that's making headlines, hackers managed to steal data from the company, including sensitive employee information and upcoming game content. The news was first reported by cybersecurity and malware research group vx-underground, which posted screenshots of data purportedly stolen from the company.

Hacking 82

Hacking Phishing Data breaches Information Security 82

Security Affairs

OCTOBER 3, 2023

Cybersecurity researchers spotted a new malware-as-a-service (MaaS) called BunnyLoader that’s appeared in the threat landscape. Zscaler ThreatLabz researchers discovered a new malware-as-a-service (MaaS) that is called BunnyLoader, which has been advertised for sale in multiple cybercrime forums since September 4, 2023.

Advertising 116

Advertising Cybercrime Malware Cryptocurrency 116

Security Affairs

AUGUST 31, 2023

Russia-linked threat actors have been targeting Android devices of the Ukrainian military with a new malware dubbed Infamous Chisel. The GCHQ’s National Cyber Security Centre (NCSC) and agencies in the United States, Australia, Canada, and New Zealand have published an analysis of the Android malware.

Malware 107

Malware Authentication Threat Detection Government 107

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. ” reads the report published by NCC Group.

Malware 113

Malware Ransomware Banking Healthcare 113

Security Affairs

DECEMBER 1, 2022

Redigo is a new Go-based malware employed in attacks against Redis servers affected by the CVE-2022-0543 vulnerability. Researchers from security firm AquaSec discovered a new Go-based malware that is used in a campaign targeting Redis servers. ” reads the analysis published by AquaSec. .” Pierluigi Paganini.

Malware 142

Malware DDOS Architecture Cryptocurrency 142

Security Affairs

NOVEMBER 15, 2020

Russian-speaking threat actors have been using a piece of malware, dubbed Jupyter malware, to steal information from their victims. Researchers at Morphisec have spotted Russian-speaking threat actors that have been using a piece of.NET infostealer, tracked as Jupyter, to steal information from their victims.

Malware 114

Malware Hacking Software Information Security 114

Malwarebytes

FEBRUARY 12, 2024

Today on the Lock and Code podcast … If your IT and security teams think malware is bad, wait until they learn about everything else. In fact, some attacks have gone so “quiet” that they involve no malware at all. But not every organization has that at hand. What, then, are IT-constrained businesses to do?

Malware 80

Malware Ransomware Antivirus Information Security 80

Security Affairs

DECEMBER 29, 2023

Ukraine’s CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. The group employed previously undetected malware such as OCEANMAP, MASEPIE, and STEELHOOK to steal sensitive information from target networks. file classified as MASEPIE.

Phishing 114

Phishing Malware Computers and Electronics Internet 114

Security Affairs

DECEMBER 27, 2023

Researchers discovered a new Android malware dubbed Xamalicious that can take full control of the device and perform fraudulent actions. The malware has been implemented with Xamarin, an open-source framework that allows building Android and iOS apps with.NET and C#. Google promptly removed the malware-laced apps from Google Play.

Malware 102

Malware Encryption Social Engineering Marketing 102

Security Affairs

OCTOBER 16, 2023

Researchers uncovered an ongoing campaign abusing popular messaging platforms Skype and Teams to distribute the DarkGate malware. The threat actors abused popular messaging platforms such as Skype and Teams to deliver a script used as a loader for a second-stage payload, which was an AutoIT script containing the DarkGate malware.

Malware 104

Malware Cryptocurrency Accountability Cybercrime 104

Security Affairs

JUNE 25, 2023

Researchers observed threat actors spreading a trojanized Super Mario Bros game installer to deliver multiple malware. “When “java.exe” is executed, the malware establishes a connection with a mining server “gulf[.]moneroocean[.]stream” However, an XMR (Monero) miner and a SupremeBot mining client are executed in the background.

Malware 95

Malware Cryptocurrency Passwords Hacking 95

Security Affairs

MAY 3, 2023

Threat actors are using the promise of generative AI like ChatGPT to deliver malware, Facebook parent Meta warned. Threat actors are taking advantage of the huge interest in generative AI like ChatGPT to trick victims into installing malware, Meta warns. ” reads the Meta’s Q1 2023 Security Reports.

Malware 94

Malware Education Accountability Media 94

Security Affairs

MARCH 6, 2024

A new Linux malware campaign campaign is targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances. Researchers from Cado Security observed a new Linux malware campaign targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances.

Malware 138

Malware Cryptocurrency Engineering Internet 138

Security Affairs

SEPTEMBER 14, 2023

Researchers discovered a free download manager site that has been compromised to serve Linux malware to users for more than three years. Researchers from Kaspersky discovered a free download manager site that has been compromised to serve Linux malware. org domain and they were not containing any malware. org subdomain.

Malware 115

Malware Software Cryptocurrency Passwords 115

Security Affairs

AUGUST 10, 2023

Experts warn that a new info-stealer named Statc Stealer is infecting Windows devices to steal a broad range of sensitive information. Zscaler ThreatLabz researchers discovered a new information stealer malware, called Statc Stealer, that can steal a broad range of info from Windows devices. ” concludes the report.

Malware 85

Malware Encryption Advertising Cryptocurrency 85

Security Affairs

JULY 25, 2022

Operators behind the Amadey Bot malware use the SmokeLoader to distribute a new variant via software cracks and keygen sites. Amadey Bot is a data-stealing malware that was first spotted in 2018, it also allows operators to install additional payloads. Then the malware contacts the C2 and sends system information (i.e.

Software 116

Software Malware Cybercrime VPN 116

Security Affairs

MARCH 11, 2024

The financially motivated hacking group Magnet Goblin uses various 1-day flaws to deploy custom malware on Windows and Linux systems. The group focuses on internet-facing services, in at least one instance the group exploited the vulnerability CVE-2024-21887 in Ivanti Connect Secure VPN. 4 Run a Linux command in a separate thread.

Malware 98

Malware VPN Encryption Hacking 98

Tech Republic Security

MAY 19, 2024

Antivirus software is critical to ensure information security of organizational networks and resources. By establishing an antivirus policy, organizations can quickly identify and address malware and virus threats, as well as detect and appropriately respond to incidents.

Antivirus 84

Antivirus Information Security Malware Software 84

Security Affairs

MARCH 23, 2024

A large-scale malware campaign, tracked as Sign1, has already compromised 39,000 WordPress sites in the last six months. Sucurity researchers at Sucuri spotted a malware campaign, tracked as Sign1, which has already compromised 39,000 WordPress sites in the last six months. Malware uses this difference to try and stay hidden.

Malware 130

Malware Engineering Hacking Cybercrime 130

Security Affairs

MARCH 17, 2024

The malware exfiltrates gathered data to two Telegram channels. “The malware collects a variety of valuable information. RisePro is a C++ info-stealer that has been active since at least 2022, it allows to gathering sensitive data from the infected system. All unique passwords are stored in a file named “brute.txt”.

Malware 104

Malware Passwords Software Hacking 104

Security Affairs

JANUARY 12, 2022

Experts warn of a new variant of the RedLine malware that is distributed via emails as fake COVID-19 Omicron stat counter app as a lure. The malicious code can also act as a first-stage malware. SecurityAffairs – hacking, RedLine malware). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Malware 131

Malware Manufacturing Cryptocurrency Cybercrime 131

Security Affairs

MARCH 27, 2023

A new MacStealer macOS malware allows operators to steal iCloud Keychain data and passwords from infected systems. Uptycs researchers team discovered a new macOS information stealer, called MacStealer, which allows operators to steal iCloud Keychain data and passwords from infected systems.

Cybercrime 90

Cybercrime Malware Passwords Advertising 90