Krebs on Security

MAY 22, 2019

Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Here’s a look at a recent spam campaign that peppered more than 100,000 business email addresses with fake legal threats harboring malware. Please download and read the attached encrypted document carefully.

Phishing 280

Phishing Antivirus Scams Malware 280

Krebs on Security

NOVEMBER 14, 2024

That investigation detailed how the 38-year-old Shefel adopted the nickname Rescator while working as vice president of payments at ChronoPay , a Russian financial company that paid spammers to advertise fake antivirus scams, male enhancement drugs and knockoff pharmaceuticals. “I’m also godfather of his second son.”

Retail 274

Retail Advertising Cryptocurrency Cybercrime 274

Security Affairs

MARCH 26, 2025

New ReaderUpdate malware variants, now written in Crystal, Nim, Rust, and Go, targets macOS users, SentinelOne warns. SentinelOne researchers warn that multiple versions of the ReaderUpdate malware written in Crystal, Nim, Rust, and Go programming languages, are targeting macOS users. The malware maintains persistence via a.plist file.

Malware 73

Malware Adware Antivirus Marketing 73

Schneier on Security

NOVEMBER 28, 2022

Devices belonging to females were more likely to be snooped on, and that snooping tended to seek more sensitive data, including both sexually revealing and non-sexual pictures, documents, and financial information. […]. ” The researchers received no explanation in the other case. […]. A few notes.

Antivirus 360

Antivirus Cryptocurrency Accountability Malware 360

Security Affairs

FEBRUARY 16, 2021

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware. Latin American trojans share the same modus operandi and even modules and blocks of code observed during the analysis of several malware samples. Background of Latin American Trojans.

Antivirus 135

Antivirus Malware Banking Internet 135

SecureList

MARCH 10, 2025

We continued to monitor the group throughout the rest of the year, observing intense activity that included updates to SideWinder’s toolset and the creation of a massive new infrastructure to spread malware and control compromised systems. The documents used various themes to deceive victims into believing they are legitimate.

Energy and Utilities 116

Energy and Utilities Malware Government Phishing 116

Krebs on Security

JUNE 7, 2021

In the process of doing so, I encountered a small snag: The FSB’s website said in order to communicate with them securely, I needed to download and install an encryption and virtual private networking (VPN) appliance that is flagged by at least 20 antivirus products as malware. The FSB headquarters at Lubyanka Square, Moscow.

Antivirus 331

Antivirus VPN Encryption Malware 331

Schneier on Security

MAY 8, 2019

Evil Clippy is a tool for creating malicious Microsoft Office macros: At BlackHat Asia we released Evil Clippy, a tool which assists red teamers and security testers in creating malicious MS Office documents. In the meantime, any tool analyzing the VBA source code (such as antivirus) is completely fooled.

Antivirus 272

Antivirus Engineering Malware 272

eSecurity Planet

NOVEMBER 7, 2022

Kaspersky researchers recently found evidence of an advanced threat group continuously updating its malware to evade security products, similar to a release cycle for developers. The sophisticated malware was hidden in malicious Word file attachments. However, the same also goes for antivirus software and other anti-malware solutions.

Antivirus 117

Antivirus Software Malware Security Awareness 117

Quick Heal Antivirus

JULY 1, 2021

The post WARZONE RAT – Beware Of The Trojan Malware Stealing Data Triggering From Various Office Documents appeared first on Quick Heal Blog | Latest computer security news, tips, and advice. Warzone RAT is part of an APT campaign named “Confucius.” Confucius APT is known to target government sectors.

Malware 131

Malware Government Cybersecurity 131

eSecurity Planet

JULY 31, 2024

Endpoint protection solutions safeguard network endpoints against cyberthreats using a selection of management tools, including endpoint detection and response (EDR), endpoint protection platform (EPP), and antivirus (AV). AV software blocks malware, EPP passively prevents threats, and EDR actively mitigates network attacks.

Antivirus 117

Antivirus Threat Detection Malware Software 117

SecureList

OCTOBER 29, 2024

Check the consultant’s laptop for malware. Run a keyword-based search to identify potential leaked documents. During one project, we reviewed third-party antivirus logs and identified multiple webshell detections on the same server for several days. Outdated malware signatures. aspx Backdoor.ASP.WEBS HELL.SM

Risk 111

Risk Antivirus Accountability Malware 111

SecureList

APRIL 23, 2025

We found that the malware was running in the memory of a legitimate SyncHost. Although the exact method by which Cross EX was exploited to deliver malware remains unclear, we believe that the attackers escalated their privileges during the exploitation process as we confirmed the process was executed with high integrity level in most cases.

Malware 143

Malware Software Encryption Internet 143

Security Affairs

FEBRUARY 22, 2021

Researchers spotted a new Office malware builder, tracked as APOMacroSploit, that was employed in a campaign targeting more than 80 customers worldwide. Researchers from security firm Check Point uncovered a new Office malware builder called APOMacroSploit, which was employed in attacks that targeted more than 80 customers worldwide.

Malware 144

Malware Antivirus Phishing Cryptocurrency 144

Malwarebytes

MAY 20, 2021

For those not in the know, Federighi, as part of his testimony relating to the security of Apple’s mobile device operating system, iOS, stated that “we have a level of malware on the Mac that we don’t find acceptable.” All this and more shows very clearly that Apple has been aware of the malware issue for a long time.

Malware 145

Malware Antivirus Software Mobile 145

SecureWorld News

JUNE 3, 2025

Fowler's analysis suggests that the data was harvested using InfoStealer malware, a malicious software designed to extract sensitive information from infected systems. This malware can siphon off credentials, autofill data, cookies, and even crypto wallet details, often without the user's knowledge.

Malware 65

Malware Passwords Identity Theft Phishing 65

Krebs on Security

APRIL 18, 2022

” On April 13, Microsoft said it executed a legal sneak attack against Zloader , a remote access trojan and malware platform that multiple ransomware groups have used to deploy their malware inside victim networks.

Healthcare 348

Healthcare Ransomware Cybersecurity Malware 348

Webroot

MARCH 3, 2025

Antivirus protection Software that protects against viruses and malware. Document disposal Shred sensitive documents. How to protect yourself and your data Smart ways to secure your devices Strong passwords – Make them long, random, and unique. Password managers Automatically generate and store strong passwords.

Consumer Protection 99

Consumer Protection Identity Theft Scams Social Engineering 99

The Hacker News

FEBRUARY 17, 2021

Cybersecurity researchers have disclosed a new kind of Office malware distributed as part of a malicious email campaign that targeted more than 80 customers worldwide in an attempt to control victim machines and steal information remotely.

Malware 103

Malware Antivirus Software Cybersecurity 103

Krebs on Security

JUNE 15, 2022

Three of the bugs tackled this month earned Microsoft’s most dire “critical” label, meaning they can be exploited remotely by malware or miscreants to seize complete control over a vulnerable system. “Most malicious Word documents leverage the macro feature of the software to deliver their malicious payload. .

Architecture 300

Architecture Internet Internet Software 300

eSecurity Planet

OCTOBER 4, 2022

Malicious programs or malware are common and dangerous threats in the digital space for both individual users and organizations alike. German IT-Security Institute AV-TEST has recorded over 1 billion malicious programs as of this writing, with over 450,000 new instances of malware being recorded every day. Malvertising.

Malware 125

Malware Phishing Ransomware Mobile 125

Webroot

MARCH 12, 2025

This can be caused by software bugs, hardware failures, viruses and malware , resulting in system crashes or data corruption. Malware and ransomware attacks : Cybercriminals also deploy malware to lock, steal, or destroy your files. “I solemnly swear to backup my important documents and precious memories on March 31st.”

Backups 91

Backups Encryption Antivirus Data preservation 91

Security Affairs

AUGUST 23, 2020

A bug in Google Drive could be exploited by threat actors to distribute malicious files disguised as legitimate documents or images. An unpatched weakness in Google Drive could be exploited by threat actors to distribute weaponized files disguised as legitimate documents or images. Pierluigi Paganini.

Malware 145

Malware Phishing Advertising Antivirus 145

Security Affairs

MARCH 31, 2025

” Threat actor distributes LNK files compressed inside ZIP archives as part of the recent phishing campaign, usually disguising the file as an Office document and uses names related to the military invasion. The PowerShell code avoids antivirus detection by using Get-Command to execute the payload.

Phishing 114

Phishing Antivirus Encryption Hacking 114

Security Affairs

JUNE 11, 2021

Experts spotted a new mysterious malware that was used to collect a huge amount of data, including sensitive files, credentials, and cookies. Threat actors used custom malware to steal data from 3.2 NordLocker experts speculate the malware campaign leveraged tainted Adobe Photoshop versions, pirated games, and Windows cracking tools.

Malware 131

Malware Computers and Electronics Software Financial Services 131

Security Affairs

NOVEMBER 23, 2020

Sonatype’s deep dive research allowed to identify a new family of Discord malware called CursedGrabber. This follows on the heels of last week’s news when Sonatype’s Nexus Intelligence engine and it’s release integrity algorithm discovered discord.dll : the successor to “ fallguys ” malware and 3 other components. and ac-addon.

Malware 144

Malware Engineering Antivirus Software 144

Security Affairs

FEBRUARY 1, 2019

Security experts at Cybaze – Yoroi ZLab have analyzed a new sample of the AdvisorsBot malware, a downloader that was first spotted in August 2018. As usual, the malware looks like a legitimate e-mail attachment, named as “invoice.doc”. Figure 2 – Document view inviting to enable macro. DLL Analysis.

Malware 109

Malware DNS Social Engineering Advertising 109

Security Affairs

APRIL 10, 2019

Decades of adversarial coevolution with the Anti-Virus industry led the malware threats to develop the ability to evade detection, bypassing security boundaries and staying silent until the proper time. This battle, against malware, is huge. Yomi: The Malware Hunter” main interface. The Malware Hunter. For fun and profit.

Malware 110

Malware Encryption Engineering Advertising 110

Security Affairs

OCTOBER 11, 2018

ESET researchers have spotted a new strain of malware tracked as Exaramel that links the dreaded not Petya wiper to the Industroyer ICS malware. A few months ago, researchers from ESET discovered a new piece of malware that further demonstrates the existence of a link between Industroyer and the NotPetya wiper.

Malware 111

Malware Passwords Advertising Antivirus 111

Krebs on Security

MAY 16, 2019

Law enforcement agencies in the United States and Europe today unsealed charges against 11 alleged members of the GozNym malware network, an international cybercriminal syndicate suspected of stealing $100 million from more than 41,000 victims with the help of a stealthy banking trojan by the same name. Prosecutors say Nikolov, a.k.a.

Cybercrime 232

Cybercrime Banking Small Business Computers and Electronics 232

eSecurity Planet

FEBRUARY 17, 2025

Microsoft Defender (previously called Windows Defender) and McAfee are device security solutions designed to protect devices from viruses, malware, and security threats. Simply put, they are antivirus solutions. In fact, it is one of the most popular antivirus solutions. 5 Pricing: 5/5 Core features: 3.5/5 5 Pricing: 4.7/5

Antivirus 67

Antivirus Identity Theft VPN Spyware 67

Malwarebytes

AUGUST 3, 2022

This advanced custom Rat is mainly the work of a threat actor that targets Russian entities by using lures in archive file format and more recently Office documents leveraging the Follina vulnerability. The earliest versions of this Rat was typically archived into a zip file pretending to be a document specific to a Russian group.

Malware 134

Malware Encryption Antivirus Architecture 134

eSecurity Planet

DECEMBER 2, 2021

Hacking groups linked to Russia, China and India are leveraging a novel attack technique that makes it easier for them to spread malware , steal data and evade detection, according to a report this week by security firm Proofpoint. ATP Phishing Campaigns. Also read: Top Secure Email Gateway Solutions for 2021. A Change from Office Files.

Malware 123

Malware Phishing Antivirus Cyber threats 123

eSecurity Planet

JANUARY 21, 2022

Government and private entities in Ukraine have been targeted this month by a barrage of malware that has defaced websites and wiped or corrupted data from Windows- and Linux-based systems. 15, outlined the malware operation that began hitting Ukrainian organizations days before. Malware Designed to Destroy.

Malware 140

Malware Government Ransomware Backups 140

Security Affairs

MARCH 13, 2021

Kaspersky researchers spotted a new variant of the XCSSET Mac malware that compiled for devices running on Apple M1 chips. The malware also allows attackers to capture screenshots and exfiltrate stolen documents to the attackers’ server. Experts believe that this malware is the result of advanced and sophisticated adversaries.

Malware 121

Malware Adware Architecture Antivirus 121

Security Affairs

APRIL 29, 2021

Cybersecurity firm Kaspersky discovered a new strain of malware that is believed to be part of the arsenal of theUS Central Intelligence Agency (CIA). Cybersecurity firm Kaspersky has discovered a new malware that experts attribute to the US Central Intelligence Agency. We therefore named this malware Purple Lambert.”

Malware 127

Malware Hacking Government Telecommunications 127

Security Affairs

MARCH 28, 2019

The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. At the time, North Korea-linked Lazarus APT group leveraged for the first time on a MacOS variant of the Fallchill malware.

Cryptocurrency 111

Cryptocurrency Malware Advertising Antivirus 111