Security Affairs

JANUARY 10, 2025

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malware authors claimed it can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and around 100 browser extensions.

Malware 123

Malware Advertising Antivirus Cybercrime 123

Security Affairs

APRIL 24, 2024

A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners. Avast researchers discovered and analyzed a malware campaign that exploited the update mechanism of the eScan antivirus to distribute backdoors and crypto miners.

Antivirus 134

Antivirus Malware DNS Cryptocurrency 134

eSecurity Planet

OCTOBER 4, 2021

percent of all malware detected on networks of WatchGuard Technologies customers in the second quarter came over encrypted connections, raising the security risk for the 80 percent of such organizations that lack processes for decrypting and scanning HTTPS traffic for threats. Malware in Encrypted Traffic.

Encryption 145

Encryption Malware Ransomware Firewall 145

The Hacker News

JANUARY 9, 2025

Cybersecurity researchers have uncovered a new, stealthier version of a macOS-focused information-stealing malware called Banshee Stealer.

Encryption 122

Encryption Antivirus Malware Cybersecurity 122

Security Affairs

JUNE 6, 2025

The threat actors behind the operation use tools like AdFind and Grixba to gather network data and identify antivirus defenses, then disable security software using GMER, IOBit, or PowerTool. By stealing credentials with Mimikatz and escalating privileges with WinPEAS, they spread malware via Group Policy Objects.

Ransomware 97

Ransomware Encryption Antivirus Malware 97

Webroot

NOVEMBER 21, 2024

The five core components of a VPN are: Encryption : The conversion of information into a coded format that can only be read by someone who has the decryption key. Split tunneling: Allows you to choose which internet traffic goes through the VPN (with encryption) and which goes directly to the internet. How do VPNs work?

VPN 111

VPN Antivirus Internet Internet 111

Security Affairs

NOVEMBER 24, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Android Malware Detection Based on Behavioral-Level Features with Graph Convolutional Networks.

Malware 64

Malware Spyware Antivirus VPN 64

Krebs on Security

JANUARY 27, 2021

NetWalker is a ransomware-as-a-service crimeware product in which affiliates rent access to the continuously updated malware code in exchange for a percentage of any funds extorted from victims. million last summer in exchange for a digital key needed to unlock files encrypted by the ransomware. Powershell build.

Ransomware 351

Ransomware Cybercrime Antivirus Encryption 351

Security Affairs

FEBRUARY 16, 2021

Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware. Latin American trojans share the same modus operandi and even modules and blocks of code observed during the analysis of several malware samples. Background of Latin American Trojans.

Antivirus 135

Antivirus Malware Banking Internet 135

Krebs on Security

MAY 22, 2019

Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Here’s a look at a recent spam campaign that peppered more than 100,000 business email addresses with fake legal threats harboring malware. Please download and read the attached encrypted document carefully.

Phishing 280

Phishing Antivirus Scams Malware 280

Webroot

FEBRUARY 21, 2025

What began as antivirus product has expanded into a comprehensive portfolio to secure your entire digital life. Introducing Webroot Total Protection: Comprehensive security for the modern world When you think about cybersecurity, you probably think of antivirus protectionand rightly so. But as technology advances, so do the threats.

Antivirus 84

Antivirus Identity Theft Cyber threats Phishing 84

CSO Magazine

AUGUST 30, 2021

The threat uses what researchers from antivirus vendor Sophos call “intermittent encryption,” meaning it only encrypts chunks of data inside a file instead of its complete contents. Learn how recent ransomware attacks define the malware's new age and 5 reasons why the cost of ransomware attacks is rising. |

Encryption 125

Encryption Ransomware CSO Antivirus 125

Security Affairs

MARCH 10, 2025

Kaspersky researchers discovered a mass malware campaign spreading SilentCryptoMiner by disguising it as a tool to bypass internet restrictions. While investigating the increased use of Windows Packet Divert ( WPD ) tools by crooks to distribute malware under this pretense, the researchers spotted the campaign.

Cryptocurrency 93

Cryptocurrency Malware Social Engineering Antivirus 93

Security Affairs

OCTOBER 20, 2024

CISA adds Microsoft Windows Kernel, Mozilla Firefox and SolarWinds Web Help Desk bugs to its Known Exploited Vulnerabilities catalog GitHub addressed a critical vulnerability in Enterprise Server A new Linux variant of FASTCash malware targets financial systems WordPress Jetpack plugin critical flaw impacts 27 million sites Pokemon dev Game Freak discloses (..)

Data breaches 120

Data breaches Cybercrime Cyber Insurance Marketing 120

SecureList

APRIL 23, 2025

We found that the malware was running in the memory of a legitimate SyncHost. Although the exact method by which Cross EX was exploited to deliver malware remains unclear, we believe that the attackers escalated their privileges during the exploitation process as we confirmed the process was executed with high integrity level in most cases.

Malware 144

Malware Software Encryption Internet 144

Security Affairs

AUGUST 31, 2021

Recently emerged LockFile ransomware family LockFile leverages a novel technique called intermittent encryption to speed up encryption. Sophos researchers discovered that the group is now leveraging a new technique called “intermittent encryption” to speed up the encryption process.

Encryption 143

Encryption Ransomware Financial Services Antivirus 143

eSecurity Planet

OCTOBER 24, 2023

Malware attacks pose a significant risk to both individuals and businesses, infiltrating computer systems, compromising sensitive data and disrupting operations, leading to financial and data loss — and even extortion. Here are 15 important controls and best practices for preventing malware.

Malware 122

Malware Antivirus Software Passwords 122

Security Affairs

MARCH 31, 2025

CoffeeLoader is a sophisticated malware that uses numerous techniques to bypass security solutions, Zscaler ThreatLabz warns. Zscaler ThreatLabz discovered CoffeeLoader, a malware family active since September 2024, that uses multiple techniques to evade endpoint security while downloading second-stage payloads. exe (0x93).

Malware 82

Malware Encryption Antivirus Marketing 82

SecureWorld News

JUNE 3, 2025

Fowler's analysis suggests that the data was harvested using InfoStealer malware, a malicious software designed to extract sensitive information from infected systems. This malware can siphon off credentials, autofill data, cookies, and even crypto wallet details, often without the user's knowledge.

Malware 65

Malware Passwords Identity Theft Phishing 65

Security Affairs

JANUARY 8, 2021

Multiple threat actors have recently started using the Ezuri memory loader as a loader to executes malware directly into the victims’ memory. According to researchers from AT&T’s Alien Labs, malware authors are choosing the Ezuri memory loader for their malicious codes. ” concludes the report.

Malware 145

Malware Encryption Passwords Antivirus 145

Security Affairs

DECEMBER 7, 2024

Researchers fromthe First Department and the Citizen Lab discovered that the Russian intelligence agency installed the malware on the programmer’s Android device after he was detained for 15 days. These extended capabilities suggest that the malware aims for comprehensive surveillance of the target device.

Spyware 128

Spyware Passwords Encryption Surveillance 128

Security Affairs

MAY 25, 2020

Ransomware encrypts from virtual machines to evade antivirus. Ragnar Locker deploys Windows XP virtual machines to encrypt victim’s files, the trick allows to evaded detection from security software. Mounting all the shared drives to encrypt. Custom Ragnar Locker ransom note (Source: Sophos).

Encryption 138

Encryption Ransomware Energy and Utilities Advertising 138

Webroot

MARCH 12, 2025

Backing up your data simply means creating copies of your important files and storing them in secure, encrypted locations. This can be caused by software bugs, hardware failures, viruses and malware , resulting in system crashes or data corruption. Ensures that your valuable data is encrypted, secure, and accessible when you need it.

Backups 91

Backups Encryption Antivirus Data preservation 91

SecureList

MARCH 5, 2025

They started distributing malware under the guise of restriction bypass programs and injecting malicious code into existing programs. The most commonly used malware families were NJRat, XWorm, Phemedrone and DCRat. This technique is used to hinder automatic analysis by antivirus solutions and sandboxes.

Malware 118

Malware Cryptocurrency Antivirus Technology 118

SecureList

NOVEMBER 6, 2024

It also uses stealer malware to extract the victim’s credit card data as well as details about the infected device. Technical Details Background In August 2024, we stumbled upon a massive infection caused by an unknown bundle consisting of miner and stealer malware. SteelFox.gen , Trojan.Win64.SteelFox.*. SteelFox.*.

Software 125

Software Cryptocurrency Malware DNS 125

Security Affairs

FEBRUARY 28, 2025

In September 2024, Doctor Web researchers uncovered a malware, tracked as Vo1d , that infected nearly 1.3 In August 2024, several users reported that Dr.Web antivirus detected changes in their TV box system files. Researchers at the Chinese cybersecurity firm QiAnXin (QAX) recently discovered 89 new malware samples.

Antivirus 66

Antivirus Firmware Encryption Manufacturing 66

Krebs on Security

APRIL 22, 2019

The owner of a Swedish company behind a popular remote administration tool (RAT) implicated in thousands of malware attacks shares the same name as a Swedish man who pleaded guilty in 2015 to co-creating the Blackshades RAT , a similar product that was used to infect more than half a million computers with malware, KrebsOnSecurity has learned.

Advertising 257

Advertising Antivirus Software Malware 257

Malwarebytes

NOVEMBER 16, 2021

This Android app, purported as a secure messaging application that uses end-to-end encryption, is the latest ruse cybercriminals put upon smartphone users, particularly those based in India, to infect their devices with GravityRAT, a piece of malicious software that is known to spy on people and steal their data.

Malware 143

Malware Encryption Media Marketing 143

Hacker Combat

OCTOBER 25, 2021

Google has reported that it disrupted the phishing attacks where threat actors had tried to hijack various YouTube accounts using cookie theft malware. When the victims clicked on the link, it would redirect the victim to some malware landing page. . The malware has the ability to steal passwords and cookies.

Accountability 126

Accountability Malware Scams Antivirus 126

SecureList

APRIL 7, 2025

Schematic of DLL proxying However, this is not enough to launch malware. ToddyCat created the TCESB DLL on its basis, modifying the original code to extend the malware’s functionality. Our analysis of the tool code found that the data in the payload file is encrypted using AES-128. EDRSandblast.a.

Software 105

Software Encryption Malware Firmware 105

Security Affairs

JUNE 11, 2021

Experts spotted a new mysterious malware that was used to collect a huge amount of data, including sensitive files, credentials, and cookies. Threat actors used custom malware to steal data from 3.2 NordLocker experts speculate the malware campaign leveraged tainted Adobe Photoshop versions, pirated games, and Windows cracking tools.

Malware 132

Malware Computers and Electronics Software Financial Services 132

SecureWorld News

JANUARY 16, 2025

Regularly updating and patching systems, including antivirus software, firewalls, and SCADA networks, can mitigate this risk. Hackers used compromised credentials to gain access to Colonial Pipeline's network, deploying ransomware that encrypted critical systems.

Energy and Utilities 109

Energy and Utilities IoT Artificial Intelligence Backups 109

eSecurity Planet

FEBRUARY 4, 2022

Malware is one of the biggest threats businesses face, and with nearly a third of all malware coming through the internet and email, businesses and consumers alike need ways to protect themselves. Antivirus Software. Also Read: 4 Best Antivirus Software of 2022. Key Features of Antivirus Software. Back to top.

Internet 144

Internet Internet Software Antivirus 144

Krebs on Security

MARCH 28, 2021

New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name. Oddly, none of the several dozen antivirus tools available to scan the file at Virustotal.com currently detect it as malicious.

Hacking 363

Hacking Cybercrime DNS Internet 363

Malwarebytes

AUGUST 3, 2022

Before initialization, the malware effectively suppresses all error reporting by calling SetErrorMode with 0x8007 as parameter. As we will see later, that malware uses multiple threads and so it allocates a global object and assigns a mutex to it to make sure no two clashing operations can take place at the same time. main function.

Malware 137

Malware Encryption Antivirus Architecture 137

Security Affairs

APRIL 29, 2023

A new variant of the information-stealing malware ViperSoftX implements sophisticated techniques to avoid detection. Trend Micro researchers observed a new ViperSoftX malware campaign that unlike previous attacks relies on DLL sideloading for its arrival and execution technique. c2 arrowlchat[.]com c2 arrowlchat[.]com

Encryption 98

Encryption Malware Cryptocurrency Software 98

Security Affairs

JANUARY 16, 2023

Antivirus firm Avast released a free decryptor for the BianLian ransomware family that allows victims to recover locked files. Security firm Avast has released a free decryptor for the BianLian ransomware to allow victims of the malware to recover locked files. It is also recommendable to check the virus vault of your antivirus.

Ransomware 98

Ransomware Malware Encryption Antivirus 98