CSO and Malware - Cyber Security Informer

Wave of native IIS malware hits Windows servers

CSO Magazine

AUGUST 11, 2021

Security researchers warn that multiple groups are compromising Windows web servers and are deploying malware programs that are designed to function as extensions for Internet Information Services (IIS). How well do you know these 9 types of malware and how to recognize them. Sign up for CSO newsletters !

Malware

Malware CSO Internet Internet

APT group hits IIS web servers with deserialization flaws and memory-resident malware

CSO Magazine

JULY 27, 2021

A sophisticated, likely government-sponsored threat actor has been compromising major public and private organizations over the past year by exploiting deserialization flaws in public-facing ASP.NET applications to deploy fileless malware. Sign up for CSO newsletters. ]. Sign up for CSO newsletters. ].

Malware

Malware CSO Internet Internet

Gootkit malware creators expand their distribution platform

CSO Magazine

MARCH 3, 2021

The cybercriminal gang behind the Gootkit Trojan is expanding its malware distribution activities and is improving its multi-stage distribution platform to deliver additional threats. How well do you know these 9 types of malware and how to recognize them. Sign up for CSO newsletters ! Sign up for CSO newsletters ! ].

Malware

Malware CSO Ransomware

Siloscape malware escapes Windows containers to backdoor Kubernetes clusters

CSO Magazine

JUNE 9, 2021

Malware attacks against cloud containers are nothing new, but these attacks have primarily focused on Linux deployments because they are the most common and where containers were born. How well do you know these 9 types of malware and how to recognize them. Sign up for CSO newsletters ! Sign up for CSO newsletters ! ]

Malware

Malware CSO

4 most dangerous emerging ransomware threat groups to watch

CSO Magazine

AUGUST 24, 2021

Learn how recent ransomware attacks define the malware's new age and 5 reasons why the cost of ransomware attacks is rising. | Get the latest from CSO by signing up for our newsletters. ] These are AvosLocker, Hive Ransomware, HelloKitty, and LockBit 2.0. To read this article in full, please click here

Ransomware

Ransomware CSO Malware

REvil gang suddenly goes silent leaving victims unable to recover systems

CSO Magazine

JULY 13, 2021

Learn how recent ransomware attacks define the malware's new age and 5 reasons why the cost of ransomware attacks is rising. | Get the latest from CSO by signing up for our newsletters. ] Meanwhile, victims and the security companies working for them to recover data have been put in a more difficult situation.

CSO

CSO Ransomware Government Malware

Ransomware recovery: 8 steps to successfully restore from backup

CSO Magazine

AUGUST 12, 2021

Learn how recent ransomware attacks define the malware's new age and 5 reasons why the cost of ransomware attacks is rising. | Get the latest from CSO by signing up for our newsletters. ] Part of the reason is the lack of backups—specifically, the lack of usable backups. To read this article in full, please click here

Backups

Backups Ransomware CSO Malware

7 steps to protect against ransomware-related lawsuits

CSO Magazine

AUGUST 18, 2021

Learn how recent ransomware attacks define the malware's new age and 5 reasons why the cost of ransomware attacks is rising. | Get the latest from CSO by signing up for our newsletters. ] To read this article in full, please click here

Ransomware

Ransomware CSO Malware

Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware

Security Affairs

NOVEMBER 23, 2020

Sonatype’s deep dive research allowed to identify a new family of Discord malware called CursedGrabber. This follows on the heels of last week’s news when Sonatype’s Nexus Intelligence engine and it’s release integrity algorithm discovered discord.dll : the successor to “ fallguys ” malware and 3 other components. and ac-addon.

Malware

Malware Antivirus Engineering Software

Unique TTPs link Hades ransomware to new threat group

CSO Magazine

JUNE 15, 2021

Learn how recent ransomware attacks define the malware's new age and 5 reasons why the cost of ransomware attacks is rising. | Get the latest from CSO by signing up for our newsletters. ] To read this article in full, please click here

Ransomware

Ransomware CSO Malware

The Week in Security: Former Uber CSO convicted over hack cover-up, supply chain attack targets media

Security Boulevard

NOVEMBER 10, 2022

This week: Former Uber CSO is convicted for his attempted cover-up of a 2016 hack of the company. Also: A software supply chain attack has pushed out malware to at least 250 media sites. .

CSO

CSO Media Hacking Software

Authentication bypass allows complete takeover of Modicon PLCs used across industries

CSO Magazine

JULY 12, 2021

According to researchers from security firm Armis, who found and reported the vulnerability, attackers with network access to impacted controllers could exploit the issue to install malware that alters the operation of the controllers and hides those malicious changes from the workstations and operators managing them.

Authentication

Authentication Energy and Utilities CSO Malware

Best new Windows 10 security features: Improvements to Intune, Windows Defender Application Guard

CSO Magazine

JUNE 15, 2021

Learn how to identify, block and remove malware from Windows PCs. | Get the latest from CSO by signing up for our newsletters. ]. Many of those changes will allow you to improve your security posture and offer more security choices. You no longer have to wait for a new operating system to deploy new security features. Windows 10 21H1.

CSO

CSO Malware

Critical flaw in Atlassian Confluence actively exploited

CSO Magazine

SEPTEMBER 3, 2021

Some of the attacks deploy cryptocurrency mining malware, but Atlassian products have also been targeted in the past by cyberespionage groups. Hackers have started exploiting a critical remote code execution vulnerability that was patched recently in Atlassian Confluence Server and Data Center.

CSO

CSO Cryptocurrency Malware

Biden Administration announces flurry of new anti-ransomware efforts

CSO Magazine

JULY 16, 2021

Learn how recent ransomware attacks define the malware's new age and 5 reasons why the cost of ransomware attacks is rising. | Get the latest from CSO by signing up for our newsletters. ] To read this article in full, please click here

Ransomware

Ransomware CSO Malware

TrickBot returns with campaign against legal and insurance firms

CSO Magazine

JANUARY 29, 2021

How well do you know these 9 types of malware and how to recognize them. Sign up for CSO newsletters ! ] Despite the security industry's efforts to disrupt the TrickBot botnet , its operators are trying to revive it with new infection campaigns. To read this article in full, please click here

Insurance

Insurance CSO Malware

Biden sanctions Suex cryptocurrency exchange to stifle ransomware payments

CSO Magazine

SEPTEMBER 21, 2021

Learn how recent ransomware attacks define the malware's new age and 5 reasons why the cost of ransomware attacks is rising. | Get the latest from CSO by signing up for our newsletters. ] To read this article in full, please click here

Cryptocurrency

Cryptocurrency Ransomware CSO Marketing

Amazon Sidewalk highlights network security visibility risks consumer services pose

CSO Magazine

AUGUST 17, 2021

The research also discovered a novel use of Houdini malware to spoof devices and exfiltrate data within the user agent field, a method often undetected by legacy security systems. Get the latest from CSO by signing up for our newsletters. ] Get the latest from CSO by signing up for our newsletters. ]

Consumer Services

Consumer Services Network Security Risk CSO

Yes, the FBI held back REvil ransomware keys

CSO Magazine

SEPTEMBER 22, 2021

Learn how recent ransomware attacks define the malware's new age and 5 reasons why the cost of ransomware attacks is rising. | Get the latest from CSO by signing up for our newsletters. ] What were they thinking? What were they protecting? To read this article in full, please click here

Ransomware

Ransomware CSO Malware

APT29 targets Active Directory Federation Services with stealthy backdoor

CSO Magazine

SEPTEMBER 30, 2021

How well do you know these 9 types of malware and how to recognize them. Sign up for CSO newsletters ! ]. In a new report , Microsoft attributes the malware program called FoggyWeb to a group the company tracks as NOBELIUM, but which is also known in the security industry as APT29 or Cozy Bear.

CSO

CSO Malware Government Hacking

9 types of computer virus and how they do their dirty work

CSO Magazine

JUNE 10, 2022

The human mind loves to categorize things, and malware is no exception.

Adware

Adware CSO Malware Ransomware

Chinese APT group IronHusky exploits zero-day Windows Server privilege escalation

CSO Magazine

OCTOBER 13, 2021

Get the latest from CSO by signing up for our newsletters. ]. The attack campaigns targeted IT companies, defense contractors and diplomatic entities. Discover Windows 11's best security features. |

CSO

CSO Malware

15 open source GitHub projects for security pros

CSO Magazine

APRIL 27, 2021

Whether you are a sysadmin, a threat intel analyst, a malware researcher, forensics expert, or even a software developer looking to build secure software, these 15 free tools from GitHub or GitLab can easily fit into your day-to-day work activities and provide added advantages. Get the latest from CSO by signing up for our newsletters. ].

CSO

CSO Malware Software

LockFile ransomware uses intermittent encryption to evade detection

CSO Magazine

AUGUST 30, 2021

Learn how recent ransomware attacks define the malware's new age and 5 reasons why the cost of ransomware attacks is rising. | Get the latest from CSO by signing up for our newsletters. ] To read this article in full, please click here

Encryption

Encryption Ransomware CSO Antivirus

CSO: Gigabyte firmware component can be abused as a backdoor

Security Boulevard

JUNE 5, 2023

Attackers can abuse the UEFI firmware to inject executable malware code into the Windows kernel, compromising systems. Read More > The post CSO: Gigabyte firmware component can be abused as a backdoor appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise.

CSO

CSO Firmware Malware

Over 60,000 Android apps infected with adware-pushing malware

CSO Magazine

JUNE 7, 2023

Bitdefender has uncovered a hidden malware campaign living undetected on mobile devices worldwide for more than six months. The campaign is designed to push adware to Android devices with the purpose of driving revenue.

Adware

Adware Malware Banking Mobile

The Prometheus traffic direction system is a major player in malware distribution

CSO Magazine

JANUARY 19, 2022

There are the malware developers, the access brokers, the spammers, the private information sellers, the botnet operators, the malvertizers and more. One service that is often overlooked but still plays an important role in malware delivery are so-called traffic direction systems (TDS).

Malware

Malware Cybercrime Phishing Ransomware

Detecting anomalies with TLS fingerprints could pinpoint supply chain compromises

CSO Magazine

OCTOBER 21, 2021

Sign up for CSO newsletters. ]. The premise is that malware programs, regardless of how they're delivered, often come with their own TLS libraries or TLS configuration and their HTTPS handshakes would be identifiable in traffic logs when compared to TLS client hashes of pre-approved applications.

CSO

CSO Software Malware Cybersecurity

Law enforcement takes over Emotet, one of the biggest botnets

CSO Magazine

JANUARY 27, 2021

How well do you know these 9 types of malware and how to recognize them. Sign up for CSO newsletters ! ] Whether this disruption to the botnet will be permanent remains to be seen, but it's a promising development according to security experts. [ To read this article in full, please click here

CSO

CSO Malware

MITRE ATT&CK, VERIS frameworks integrate for better incident insights

CSO Magazine

SEPTEMBER 27, 2021

. | Sign up for CSO newsletters. ]. One recent example comes from McAfee, which used ATT&CK in a case that initially started as an investigation into a suspected malware infection but ended up as a surprise discovery of a long-term cyberattack by two Chinese threat groups, APT27 and APT4.

CSO

CSO Malware

Iranian APT targets aerospace and telecom firms with stealthy ShellClient Trojan

CSO Magazine

OCTOBER 6, 2021

How well do you know these 9 types of malware and how to recognize them. Sign up for CSO newsletters ! ] The goal of the attacks is the theft of information about the victims' infrastructure, technology and critical assets. [ To read this article in full, please click here

CSO

CSO Technology Malware

Egregor ransomware group explained: And how to defend against it

CSO Magazine

FEBRUARY 19, 2021

Although descriptions of the malware vary from security firm to security firm, the consensus is that Egregor is a variant of the Sekhmet ransomware family. Sign up for CSO newsletters. ]. Learn 12 tips for effectively presenting cybersecurity to the board and 6 steps for building a robust incident response plan.

Ransomware

Ransomware CSO Malware Cybersecurity

Spike in encrypted malware poses dual challenge for CISOs

CSO Magazine

NOVEMBER 16, 2021

Without proper inspection, encrypted data can be a significant security threat as the volume of malware in encrypted traffic grows. That’s the takeaway from two sets of new research into the threat malware hidden in encrypted traffic poses to organizations. To read this article in full, please click here (Insider Story)

Encryption

Encryption Malware CISO

The Microsoft Exchange Server hack: A timeline

CSO Magazine

MAY 6, 2021

Over the next few days, over 30,000 organizations in the US were attacked as hackers used several Exchange vulnerabilities to gain access to email accounts and install web shell malware , giving the cybercriminals ongoing administrative access to the victims' servers.

Hacking

Hacking CSO Accountability Malware

Is misinformation the newest malware?

CSO Magazine

MAY 1, 2023

At this year's RSA Conference, information security experts appeared on a panel entitled "Misinformation Is the New Malware" to hammer out the distinctions. As both types of threats escalate and frequently appear simultaneously in threat actors' campaigns, the lines between the two are getting fuzzy.

Malware

Malware Information Security Ransomware Cybersecurity

Ryuk ransomware explained: A targeted, devastatingly effective attack

CSO Magazine

MARCH 19, 2021

The group behind the malware is known for using manual hacking techniques and open-source tools to move laterally through private networks and gain administrative access to as many systems as possible before initiating the file encryption. Get the latest from CSO by signing up for our newsletters. ]

Ransomware

Ransomware CSO Encryption Government

New cryptomining malware targets AWS Lambda

CSO Magazine

APRIL 6, 2022

Malware authors are keeping with the times and when it comes to server-oriented malware. Specifically, attackers will adopt the same technologies their target organizations are using. To read this article in full, please click here

Malware

Malware Cryptocurrency Technology Software

Hard-to-detect malware loader distributed via AI-generated YouTube videos

CSO Magazine

APRIL 18, 2023

Security researchers warn of a new malware loader that's used as part of the infection chain for the Aurora information stealer. The Aurora infostealer is written in Go and is operated as a malware-as-a-service platform that's advertised on Russian-language cybercrime forums.

Malware

Malware Cryptocurrency Cybercrime Advertising

Linux malware is on the rise—6 types of attacks to look for

CSO Magazine

MAY 30, 2022

Linux malware has been massively overlooked," says Giovanni Vigna, senior director of threat intelligence at VMware. It is the host operating system for numerous application backends and servers and powers a wide variety of internet of things (IoT) devices. Still, not enough is done to protect the machines running it.

Malware

Malware IoT Internet Internet

Malware variability explained: Changing behavior for stealth and persistence

CSO Magazine

DECEMBER 6, 2021

If it is, the malware simply fails to install. Groups like REvil or DarkSide put kill switches inside their malicious code, checking if the language on the machine it lands on is Russian, Ukrainian, Georgian, Armenian, or Romanian. To read this article in full, please click here (Insider Story)

Malware

DNS data shows one in 10 organizations have malware traffic on their networks

CSO Magazine

MARCH 14, 2023

During every quarter last year, between 10% and 16% of organizations had DNS traffic originating on their networks towards command-and-control (C2) servers associated with known botnets and various other malware threats, according to a report from cloud and content delivery network provider Akamai.

DNS

DNS Malware Ransomware

White House international ransomware initiative outlines hopes and challenges

CSO Magazine

OCTOBER 18, 2021

Learn how recent ransomware attacks define the malware's new age and 5 reasons why the cost of ransomware attacks is rising. | Get the latest from CSO by signing up for our newsletters. ] Present were ministers and representatives from more than 30 countries and the European Union. To read this article in full, please click here

Ransomware

Ransomware CSO Malware

Recorded Future closes acquisition of malware analysis firm Hatching

CSO Magazine

JULY 8, 2022

The addition of Hatching—whose specialty is malware sandboxing and analysis—broadens the company's portfolio substantially. To read this article in full, please click here

Malware

Malware Cybersecurity

Russian cyberspies hit NATO and EU organizations with new malware toolset

CSO Magazine

APRIL 13, 2023

The Polish government warns that a cyberespionage group linked to Russia's intelligence services is targeting diplomatic and foreign ministries from NATO and EU member states in an ongoing campaign that uses previously undocumented malware payloads.

Malware

Malware Government Software

Wave of native IIS malware hits Windows servers

APT group hits IIS web servers with deserialization flaws and memory-resident malware

Trending Sources

Gootkit malware creators expand their distribution platform

Siloscape malware escapes Windows containers to backdoor Kubernetes clusters

4 most dangerous emerging ransomware threat groups to watch

REvil gang suddenly goes silent leaving victims unable to recover systems

Ransomware recovery: 8 steps to successfully restore from backup

7 steps to protect against ransomware-related lawsuits

Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware

Unique TTPs link Hades ransomware to new threat group

The Week in Security: Former Uber CSO convicted over hack cover-up, supply chain attack targets media

Authentication bypass allows complete takeover of Modicon PLCs used across industries

Best new Windows 10 security features: Improvements to Intune, Windows Defender Application Guard

Critical flaw in Atlassian Confluence actively exploited

Biden Administration announces flurry of new anti-ransomware efforts

TrickBot returns with campaign against legal and insurance firms

Biden sanctions Suex cryptocurrency exchange to stifle ransomware payments

Amazon Sidewalk highlights network security visibility risks consumer services pose

Yes, the FBI held back REvil ransomware keys

APT29 targets Active Directory Federation Services with stealthy backdoor

9 types of computer virus and how they do their dirty work

Chinese APT group IronHusky exploits zero-day Windows Server privilege escalation

15 open source GitHub projects for security pros

LockFile ransomware uses intermittent encryption to evade detection

CSO: Gigabyte firmware component can be abused as a backdoor

Over 60,000 Android apps infected with adware-pushing malware

The Prometheus traffic direction system is a major player in malware distribution

Detecting anomalies with TLS fingerprints could pinpoint supply chain compromises

Law enforcement takes over Emotet, one of the biggest botnets

MITRE ATT&CK, VERIS frameworks integrate for better incident insights

Iranian APT targets aerospace and telecom firms with stealthy ShellClient Trojan

Egregor ransomware group explained: And how to defend against it

Spike in encrypted malware poses dual challenge for CISOs

The Microsoft Exchange Server hack: A timeline

Is misinformation the newest malware?

Ryuk ransomware explained: A targeted, devastatingly effective attack

New cryptomining malware targets AWS Lambda

Hard-to-detect malware loader distributed via AI-generated YouTube videos

Linux malware is on the rise—6 types of attacks to look for

Malware variability explained: Changing behavior for stealth and persistence

DNS data shows one in 10 organizations have malware traffic on their networks

White House international ransomware initiative outlines hopes and challenges

Recorded Future closes acquisition of malware analysis firm Hatching

Russian cyberspies hit NATO and EU organizations with new malware toolset

Stay Connected