The Hacker News

FEBRUARY 17, 2021

Cybersecurity researchers have disclosed a new kind of Office malware distributed as part of a malicious email campaign that targeted more than 80 customers worldwide in an attempt to control victim machines and steal information remotely.

Malware 100

Malware Antivirus Software Cybersecurity 100

Krebs on Security

MAY 22, 2019

Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Here’s a look at a recent spam campaign that peppered more than 100,000 business email addresses with fake legal threats harboring malware. Please download and read the attached encrypted document carefully.

Phishing 278

Phishing Antivirus Scams Malware 278

The Last Watchdog

MARCH 13, 2019

Melissa was hidden in a weaponized Word document that arrived as an email attachment. The Defense Department, for instance, detects 36 million malware-infested emails arriving from hackers, terrorists and foreign adversaries every 24 hours. For a full drill down, please listen to the accompanying podcast. Effective attacks.

Malware 100

Malware CSO System Administration Financial Services 100

Security Affairs

JANUARY 16, 2023

Antivirus firm Avast released a free decryptor for the BianLian ransomware family that allows victims to recover locked files. Security firm Avast has released a free decryptor for the BianLian ransomware to allow victims of the malware to recover locked files. It is also recommendable to check the virus vault of your antivirus.

Ransomware 96

Ransomware Malware Antivirus Encryption 96

Security Affairs

FEBRUARY 22, 2021

Researchers spotted a new Office malware builder, tracked as APOMacroSploit, that was employed in a campaign targeting more than 80 customers worldwide. Researchers from security firm Check Point uncovered a new Office malware builder called APOMacroSploit, which was employed in attacks that targeted more than 80 customers worldwide.

Malware 119

Malware Antivirus Phishing Cryptocurrency 119

Malwarebytes

FEBRUARY 12, 2024

Today on the Lock and Code podcast … If your IT and security teams think malware is bad, wait until they learn about everything else. In fact, some attacks have gone so “quiet” that they involve no malware at all. ThreatDown can help.

Malware 75

Malware Ransomware Antivirus Information Security 75

Quick Heal Antivirus

FEBRUARY 21, 2023

Microsoft office documents are used worldwide by both corporates and home-users alike. The post Your Office Document is at Risk – XLL, A New Attack Vector appeared first on Quick Heal Blog | Latest computer security news, tips, and advice. It’s different office versions, whether.

Risk 69

Risk Spyware Malware Cybersecurity 69

Security Boulevard

MARCH 1, 2023

Attackers are increasingly using OneNote documents to distribute malware, due to the heightened security measures against macro-based attacks and the widespread adoption and popularity of the platform. Key Takeaways: Threat actors are increasingly using Microsoft OneNote documents to deliver malware via phishing emails.

Malware 78

Malware Phishing Threat Detection Encryption 78

eSecurity Planet

DECEMBER 2, 2021

Hacking groups linked to Russia, China and India are leveraging a novel attack technique that makes it easier for them to spread malware , steal data and evade detection, according to a report this week by security firm Proofpoint. ATP Phishing Campaigns. Also read: Top Secure Email Gateway Solutions for 2021. A Change from Office Files.

Malware 121

Malware Phishing Antivirus Cyber threats 121

Security Affairs

AUGUST 31, 2022

A malware campaign tracked as GO#WEBBFUSCATOR used an image taken from NASA’s James Webb Space Telescope (JWST) as a lure. Securonix Threat researchers uncovered a persistent Golang-based malware campaign tracked as GO#WEBBFUSCATOR that leveraged the deep field image taken from the James Webb telescope. Pierluigi Paganini.

Malware 90

Malware DNS Antivirus Encryption 90

SecureWorld News

AUGUST 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) released a joint Cybersecurity Advisory (CSA) providing details on the top malware strains of 2021. The top malware strains in 2021 included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware.

Malware 88

Malware Banking Penetration Testing Healthcare 88

Security Affairs

JUNE 11, 2021

Experts spotted a new mysterious malware that was used to collect a huge amount of data, including sensitive files, credentials, and cookies. Threat actors used custom malware to steal data from 3.2 NordLocker experts speculate the malware campaign leveraged tainted Adobe Photoshop versions, pirated games, and Windows cracking tools.

Malware 116

Malware Computers and Electronics Software Financial Services 116

Schneier on Security

MAY 8, 2019

Evil Clippy is a tool for creating malicious Microsoft Office macros: At BlackHat Asia we released Evil Clippy, a tool which assists red teamers and security testers in creating malicious MS Office documents. In the meantime, any tool analyzing the VBA source code (such as antivirus) is completely fooled.

Antivirus 231

Antivirus Engineering Malware 231

Hacker Combat

AUGUST 6, 2021

The disclosure cantered on the Mail-O malware when the attackers attempted to access Russian federal officials’ emails. Then, SentinelOne thought it was related to a malware variant called manager or PhantomNet created by TA428. This included classified documents and emails of top federal executives.

Government 111

Government Malware Energy and Utilities Cyber Attacks 111

Malwarebytes

AUGUST 3, 2022

This advanced custom Rat is mainly the work of a threat actor that targets Russian entities by using lures in archive file format and more recently Office documents leveraging the Follina vulnerability. The earliest versions of this Rat was typically archived into a zip file pretending to be a document specific to a Russian group.

Malware 114

Malware Encryption Antivirus Architecture 114

SecureList

DECEMBER 27, 2022

We continue to track the group’s activities and this October we observed the adoption of new malware strains in its arsenal. The group usually takes advantage of Word documents and uses shortcut files for the initial intrusion. However, it has recently started to adopt new methods of malware delivery. Remote URL: [link].

Malware 132

Malware Banking Passwords Antivirus 132

Webroot

MAY 9, 2024

Your personal devices—laptops, smartphones, and tablets—hold a wealth of sensitive information that cybercriminals target through malware , ransomware , and other cyber threats. From important resumes and portfolios to personal documents, your digital footprint needs robust protection.

Identity Theft 54

Identity Theft VPN Password Management Antivirus 54

Security Boulevard

SEPTEMBER 8, 2022

The Persistence of Abusive Certificates in Malware. Certificates are used to cryptographically sign executable code, documents and even websites. Trusted applications will not be stopped by antivirus or anti-malware technologies. Attackers can create fake websites to steal credentials and/or deliver malware.

Malware 52

Malware Antivirus Encryption Software 52

eSecurity Planet

JANUARY 21, 2022

Government and private entities in Ukraine have been targeted this month by a barrage of malware that has defaced websites and wiped or corrupted data from Windows- and Linux-based systems. 15, outlined the malware operation that began hitting Ukrainian organizations days before. Malware Designed to Destroy.

Malware 140

Malware Government Backups Ransomware 140

Security Affairs

AUGUST 23, 2020

A bug in Google Drive could be exploited by threat actors to distribute malicious files disguised as legitimate documents or images. An unpatched weakness in Google Drive could be exploited by threat actors to distribute weaponized files disguised as legitimate documents or images. Pierluigi Paganini.

Malware 138

Malware Phishing Advertising Antivirus 138

Security Affairs

MARCH 13, 2021

Kaspersky researchers spotted a new variant of the XCSSET Mac malware that compiled for devices running on Apple M1 chips. The malware also allows attackers to capture screenshots and exfiltrate stolen documents to the attackers’ server. Experts believe that this malware is the result of advanced and sophisticated adversaries.

Malware 108

Malware Adware Architecture Antivirus 108

Security Affairs

JUNE 17, 2021

Russian national Oleg Koshkin was convicted for operating a “crypting” service used to obfuscate the Kelihos bot from antivirus software. Russian national Oleg Koshkin was convicted for charges related to the operation of a malware crypting service used by the Kelihos botnet to obfuscate malware and evade detection.

Antivirus 105

Antivirus Malware Cryptocurrency Software 105

Security Affairs

APRIL 29, 2021

Cybersecurity firm Kaspersky discovered a new strain of malware that is believed to be part of the arsenal of theUS Central Intelligence Agency (CIA). Cybersecurity firm Kaspersky has discovered a new malware that experts attribute to the US Central Intelligence Agency. We therefore named this malware Purple Lambert.”

Malware 111

Malware Hacking Government Telecommunications 111

CSO Magazine

MARCH 15, 2022

According to an official document from the Unites States District Court, Western District of Texas Waco Division, Webroot is seeking damages for lost sales, profits, and market share. The complaint has raised eyebrows within the sector and on social media. To read this article in full, please click here

Marketing 126

Marketing Antivirus Media Technology 126

Security Affairs

FEBRUARY 19, 2024

The gang also published several pictures of passports and company documents as proof of the hack. Once the malware has escalated the privileges on a machine, the threat actors use a batch script to uninstall popular antivirus solutions installed on the machine. Cactus Ransomware has just posted Schneider Electric.

Ransomware 110

Ransomware Digital transformation Retail Antivirus 110

SiteLock

AUGUST 27, 2021

Among the many great questions we received both during the talk’s Q&A and at our sponsor booth, one common theme kept reoccurring from attendees: How does malware detection really work? Over the next few weeks, I’m going to explain different aspects of malware analysis, starting here…. Let’s talk shop. Signature-Based Analysis.

Malware 52

Malware Antivirus Software 52

Security Affairs

DECEMBER 12, 2021

Russian national Oleg Koshkin was convicted in January for charges related to the operation of a malware crypting service used by the Kelihos botnet to obfuscate malware and evade detection. For years, Koshkin and his co-conspirators worked to evade our most basic cyber defenses in order to spread malware on a truly global scale.

Antivirus 94

Antivirus Malware Cybercrime Cyber threats 94

Security Affairs

APRIL 30, 2021

The spear-phishing messages used a malicious Rich Text File (RTF) document that included descriptions of an autonomous underwater vehicle. The RTF documents were uncovered by Cybereason Nocturnus Team while investigating recent developments in the RoyalRoad weaponizer, also known as the 8.t t Dropper/RTF exploit builder.

Phishing 132

Phishing Malware Antivirus Encryption 132

Security Affairs

FEBRUARY 1, 2019

Security experts at Cybaze – Yoroi ZLab have analyzed a new sample of the AdvisorsBot malware, a downloader that was first spotted in August 2018. As usual, the malware looks like a legitimate e-mail attachment, named as “invoice.doc”. Figure 2 – Document view inviting to enable macro. DLL Analysis.

Malware 89

Malware DNS Social Engineering Advertising 89

Security Affairs

OCTOBER 11, 2018

ESET researchers have spotted a new strain of malware tracked as Exaramel that links the dreaded not Petya wiper to the Industroyer ICS malware. A few months ago, researchers from ESET discovered a new piece of malware that further demonstrates the existence of a link between Industroyer and the NotPetya wiper.

Malware 93

Malware Passwords Advertising Antivirus 93

Krebs on Security

JULY 20, 2021

A federal judge in Connecticut today handed down a sentence of time served to spam kingpin Peter “Severa” Levashov , a prolific purveyor of malicious and junk email, and the creator of malware strains that infected millions of Microsoft computers globally.

Antivirus 293

Antivirus Cybercrime Identity Theft Scams 293

Malwarebytes

AUGUST 16, 2021

What do you do if you’ve run all the scans , checked all the files, and everything says the PC is malware free? Some types of malware try very hard to go unnoticed, but others can be CPU hogs capable of turning your keyboard into a waffle iron. Plenty of malware files make PCs restart or trigger the dreaded blue screen of death (BSOD).

Malware 106

Malware Software Antivirus Backups 106

Malwarebytes

AUGUST 3, 2022

This advanced custom Rat is mainly the work of a threat actor that targets Russian entities by using lures in archive file format and more recently Office documents leveraging the Follina vulnerability. The earliest versions of this Rat was typically archived into a zip file pretending to be a document specific to a Russian group.

Malware 65

Malware Encryption Antivirus Architecture 65

Security Affairs

NOVEMBER 3, 2022

It focused on deploying POS malware and launching targeted spear-phishing attacks against organizations worldwide. The Sentinel Labs’s analysis revealed that Black Basta ransomware operators develop and maintain their own toolkit, they documented only collaboration with a limited and trusted set of affiliates.

Cybercrime 101

Cybercrime Ransomware Antivirus Malware 101

Security Affairs

MARCH 28, 2019

The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. At the time, North Korea-linked Lazarus APT group leveraged for the first time on a MacOS variant of the Fallchill malware.

Cryptocurrency 93

Cryptocurrency Malware Advertising Antivirus 93

eSecurity Planet

APRIL 8, 2022

The MITRE ATT&CK framework is one of the best knowledge bases available, as it documents in detail how attackers behave and think. More advanced attackers may modify a few lines in the source code to lower the detection rate, and most antivirus software will fail to detect it. Start with the MITRE ATT&CK Framework.

Antivirus 129

Antivirus Identity Theft Malware Software 129

Security Affairs

MARCH 20, 2023

Adobe Acrobat Sign allows registered users to sign documents online and send a document signature request to anyone. The message includes a link to the document that that will be hosted on Adobe itself. This latter process consists of generating an email that is sent to the intended recipients. ” concludes the report. .

Antivirus 82

Antivirus Malware Engineering Hacking 82