Cybersecurity, Information Security and Malware

CEO of cybersecurity firm charged with installing malware on hospital systems

Security Affairs

APRIL 26, 2025

Veritaco CEO Jeffrey Bowie faces charges for allegedly installing malware on hospital computers, violating Oklahoma’s Computer Crimes Act. Jeffrey Bowie, CEO of the cybersecurity firm Veritaco, is facing two counts of violating Oklahoma’s Computer Crimes Act for allegedly infecting employee computers at the Oklahoma City St.

Malware

Malware Cybersecurity Healthcare Media

DeepSeek and AI-Generated Malware Pose New Danger for Cybersecurity

SecureWorld News

MARCH 13, 2025

The rapid advancement of generative AI has brought both innovation and concern to the cybersecurity landscape. A recent report from Tenable highlights how DeepSeek R1, an open-source AI model, can generate rudimentary malware, including keyloggers and ransomware.

Malware

Malware Cybersecurity Cyber threats Threat Detection

CISA warns of RESURGE malware exploiting Ivanti flaw

Security Affairs

MARCH 30, 2025

Cybersecurity and Infrastructure Security Agency (CISA) warns of RESURGE malware, targeting a vulnerability in Ivanti Connect Secure (ICS) appliances. Cybersecurity and Infrastructure Security Agency (CISA) published a Malware Analysis Report (MAR) on a new malware called RESURGE.

Malware

Malware Authentication Cybersecurity Encryption

FBI deleted China-linked PlugX malware from over 4,200 US computers

Security Affairs

JANUARY 14, 2025

The FBI has removed Chinese PlugX malware from over 4,200 computers in networks across the United States, the U.S. The Justice Department and FBI, along with international partners, announced they deleted PlugX malware from thousands of infected computers worldwide as part of a multi-month law enforcement operation.

Malware

Malware Government Hacking Cybersecurity

Esperts found new DoNot Team APT group’s Android malware

Security Affairs

JANUARY 20, 2025

Researchers linked the threat actor DoNot Teamto a new Android malware that was employed in highly targeted cyber attacks. CYFIRMA researchers linked a recently discovered Android malware to the Indian APT group known as DoNot Team. The group persistently employs similar techniques in their Android malware.”

Malware

Malware Cyber Attacks Mobile Phishing

JPCERT warns of DslogdRAT malware deployed in Ivanti Connect Secure

Security Affairs

APRIL 25, 2025

Researchers identified a new malware, named DslogdRAT, deployed after exploiting a now-patched flaw in Ivanti Connect Secure (ICS). JPCERT/CC researchers reported that a new malware, dubbed DslogdRAT, and a web shell were deployed by exploiting a zero-day vulnerability during attacks on Japanese organizations in December 2024.

Malware

Malware Hacking Authentication Cybersecurity

Don’t Let Encryption Become A Double-Edged Sword That Undermines Zero Trust CyberSecurity

Joseph Steinberg

APRIL 21, 2022

It is no secret that cybersecurity professionals universally recommend that people, businesses, and governments employ strong encryption as one of several methods of protecting sensitive information. You can learn more about VMware and its Zero Trust security solutions here.

Encryption

Encryption Cybersecurity Artificial Intelligence Backups

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

DECEMBER 18, 2024

Wojtasiak Mark Wojtasiak , VP of Research and Strategy, Vectra AI In the coming year, well see the initial excitement that surrounded AIs potential in cybersecurity start to give way due to a growing sense of disillusionment among security leaders. The SEC Cybersecurity Disclosure Rule highlights transparency in governance.

Cybersecurity

Cybersecurity CISO Risk Government

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

Security Affairs

MAY 1, 2025

Hive0117 targets Russian firms in multiple sectors with phishing attacks using a modified version of the DarkWatchman malware. A cybercrime group named Hive0117 is behind a fresh phishing campaign that targeted Russian organizations with a new version of the DarkWatchman malware, according to Russian cybersecurity firm F6.

Malware

Malware Phishing Telecommunications Retail

The Role and Benefits of AI in Cybersecurity

SecureWorld News

APRIL 13, 2025

Unlike traditional signature-based systems, AI excels at identifying new and unknown cyber threats, making security stronger and more adaptive. In this article, we'll explore how AI enhances cybersecurity, its key benefits, and why businesses are increasingly relying on AI-driven security solutions.

Cybersecurity

Cybersecurity Artificial Intelligence Threat Detection Cyber threats

The source code of Banshee Stealer leaked online

Security Affairs

NOVEMBER 26, 2024

Banshee Stealer, a MacOS Malware-as-a-Service, shut down after its source code leaked online. In August 2024, Russian hackers promoted BANSHEE Stealer, a macOS malware targeting x86_64 and ARM64, capable of stealing browser data, crypto wallets, and more. The code is now available on GitHub. concludes the report.

Malware

Malware Cryptocurrency Encryption Passwords

Malwarebytes Premium Security awarded “Product of the Year” from AVLab

Malwarebytes

MARCH 10, 2025

Malwarebytes Premium Security has once again been awarded Product of the Year after successfully blocking 100% of in-the-wild malware samples. The samples were deployed in multiple, consecutive third-party tests conducted by the AVLab Cybersecurity Foundation. secondsalmost 26 seconds faster than the industry average.

Malware

Malware Cybersecurity Information Security

International law enforcement operation dismantled RedLine and Meta infostealers

Security Affairs

OCTOBER 29, 2024

RedLine and META targeted millions of victims worldwide, according to Eurojust it was one of the largest malware platforms globally. “Investigations into RedLine and Meta started after victims came forward and a security company notified authorities about possible servers in the Netherlands linked to the software.

Identity Theft

Identity Theft Passwords Malware Banking

Banshee macOS stealer supports new evasion mechanisms

Security Affairs

JANUARY 10, 2025

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malware authors claimed it can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and around 100 browser extensions.

Malware

Malware Advertising Antivirus Cybercrime

SHARED INTEL: From airbags to malware: vehicle cyber safety arises in the age of connected cars

The Last Watchdog

MAY 15, 2023

The physical safety of things like airbags, rearview mirrors, and brakes is well accounted for; yet cybersecurity auto safety concerns are rising to the fore. What used to be a focus on physical safety has now shifted to cybersecurity due to the widened attack surface that connected cars present.

Malware

Malware Manufacturing IoT Software

New Triada Trojan comes preinstalled on Android devices

Security Affairs

APRIL 2, 2025

The malware was discovered on counterfeit Android devices mimicking popular smartphone models. “The malware has broad functionality and gives attackers almost unlimited control over the gadget” The malware, embedded in the system framework, provides attackers full control over the device. 231 banking malware.

Malware

Malware Cryptocurrency Mobile Firmware

New advanced FIN7’s Anubis backdoor allows to gain full system control on Windows

Security Affairs

APRIL 2, 2025

The threat actor FIN7 , also known as Savage Ladybug, has developed a new Python-based malware, named Anubis Backdoor, which allows attackers to gain full remote control over infected Windows systems. “The malware is distributed as a ZIP package, which includes a single Python script alongside multiple Python executables.

Antivirus

Antivirus Cybercrime Malware Encryption

Coyote Banking Trojan targets Brazilian users, stealing data from 70+ financial apps and websites

Security Affairs

FEBRUARY 4, 2025

Threat actors target Brazilian users by stealing financial data, the malware can harvest sensitive information from over 70 financial applications and numerous websites. The script retrieved from the remote server contains encoded data segments, which are decoded and executed to advance the malware’s operation.

Banking

Banking Malware Antivirus Cyber threats

Texas oilfield supplier Newpark Resources suffered a ransomware attack

Security Affairs

NOVEMBER 8, 2024

Texas oilfield supplier Newpark Resources revealed that a ransomware attack on October 29 disrupted access to some of its information systems and business applications. The company immediately activated its cybersecurity response plan and launched an investigation into the incident with the help of external experts.

Ransomware

Ransomware Manufacturing Malware Hacking

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 20, 2024

CISA adds Microsoft Windows Kernel, Mozilla Firefox and SolarWinds Web Help Desk bugs to its Known Exploited Vulnerabilities catalog GitHub addressed a critical vulnerability in Enterprise Server A new Linux variant of FASTCash malware targets financial systems WordPress Jetpack plugin critical flaw impacts 27 million sites Pokemon dev Game Freak discloses (..)

Data breaches

Data breaches Cybercrime Cyber Insurance Marketing

U.S. CISA adds Ivanti Connect Secure, Policy Secure and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 7, 2025

Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Connect Secure, Policy Secure and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog. Early this month, Ivanti released security updates to address a critical Connect Secure remote code execution vulnerability tracked as CVE-2025-22457.

Malware

Malware Cybersecurity Hacking Software

Digital nomads and risk associated with the threat of infiltred employees

Security Affairs

MARCH 4, 2025

In a report, cybersecurity firm Secureworks exposed a tactic employed by the North Korean hacker group known as Nickel Tapestry. Last summer, finally, North Korean hackers allegedly attempted another hiring scheme, this time targeting a well-known cybersecurity company based in the United States.

Risk

Risk Education Scams VPN

BlackLock Ransomware Targeted by Cybersecurity Firm

Security Affairs

MARCH 26, 2025

Cybersecurity experts were able to exploit misconfiguration in vulnerable web-app used by ransomware operators to publish victims data – leading to clearnet IP addresses disclosure related to their network infrastructure behind TOR hidden services (hosting them) and additional service information acquired from server-side.

Ransomware

Ransomware Cybersecurity Healthcare Accountability

U.S. CISA adds Fortinet FortiManager flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 23, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiManager flaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the Fortinet FortiManager missing authentication vulnerability CVE-2024-47575 (CVSS v4 score: 9.8)

Authentication

Authentication Malware Risk Cybersecurity

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 14

Security Affairs

OCTOBER 6, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware

Malware Architecture Cryptocurrency Cyber Attacks

Carbanak malware returned in ransomware attacks

Security Affairs

DECEMBER 26, 2023

Researchers at NCC Group reported that in November they observed the return of the infamous banking malware Carbanak in ransomware attacks. The cybersecurity firm NCC Group reported that in November the banking malware Carbanak was observed in ransomware attacks. ” reads the report published by NCC Group.

Malware

Malware Ransomware Banking Healthcare

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Security Affairs

NOVEMBER 10, 2024

Intelligence and cybersecurity experts warn that Chinese nation-state actors have shifted from stealing secrets to infiltrate critical U.S. In July, Cisco fixed an actively exploited NX-OS zero-day that was exploited to install previously unknown malware as root on vulnerable switches. and around the globe.”

Hacking

Hacking Internet Internet Government

Dark Gate malware campaign uses Samba file shares

Security Affairs

JULY 14, 2024

A Dark Gate malware campaign from March-April 2024 demonstrates how attackers exploit legitimate tools and services to distribute malware. Palo Alto Networks Unit 42 researchers shared details about a DarkGate malware campaign from March-April 2024. The malware is considered a sophisticated threat and is continuously improved.

Malware

Malware Cybercrime Software Phishing

The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs

Security Affairs

DECEMBER 17, 2024

The FBI warned of a fresh wave of HiatusRAT malware attacks targeting internet-facing Chinese-branded web cameras and DVRs. The Federal Bureau of Investigation (FBI) released a Private Industry Notification (PIN) to warn of HiatusRAT malware campaigns targeting Chinese-branded web cameras and DVRs. ” reads the PIN report.

Architecture

Architecture Internet Internet Malware

Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency

Cryptocurrency Hacking Phishing Cyber Attacks

CERT-UA warns of malware campaign conducted by threat actor UAC-0006

Security Affairs

MAY 26, 2024

The government experts reported that the group carried out at least two massive campaigns since May 20, threat actors aimed at distributing SmokeLoader malware via email. “Starting from May 20th, hackers have launched at least two massive campaigns with emails containing the SmokeLoader malware.”

Malware

Malware Banking Accountability Phishing

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

Cybersecurity and Infrastructure Security Agency (CISA) has started a campaign to increase awareness of these risks to U.S. Educate your employees on threats and risks such as phishing and malware. About the essayist: Don Boian is the Chief Information Security Officer at Hound Labs, Inc., The efficacy of hygiene.

Cybersecurity

Cybersecurity Cybercrime Education Government

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 19, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Veeam Backup and Replication vulnerability to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8) reads the advisory.

Backups

Backups VPN Ransomware Authentication

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Security Affairs

NOVEMBER 21, 2024

Mexico is investigating a ransomware attack targeting its legal affairs office, as confirmed by the president amidst growing cybersecurity concerns. The malware targets multiple platforms, including Windows, Linux, macOS, ESXi, and Android. Today they are going to send me a report on the supposed hacking.”

Government

Government Hacking Ransomware Insurance

Banshee Stealer, a new macOS malware with a monthly subscription price of $3,000

Security Affairs

AUGUST 16, 2024

Russian cybercriminals are advertising a new macOS malware called Banshee Stealer with a monthly subscription price of $3,000. In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. ” concludes the report.

Malware

Malware Cryptocurrency Advertising Architecture

2024 Cybersecurity Laws & Regulations

eSecurity Planet

SEPTEMBER 21, 2024

Understanding and adhering to cybersecurity regulations is crucial for any organization as cyber threats evolve and become more sophisticated. The landscape of cybersecurity laws and regulations today is set to undergo significant changes, impacting businesses, government entities, and individuals alike.

Cybersecurity

Cybersecurity Computers and Electronics Cyber threats Healthcare

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Krebs on Security

OCTOBER 8, 2020

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” ” Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in.

Cybercrime

Cybercrime Malware VPN Ransomware

GUEST ESSAY: In pursuit of smarter cybersecurity — to overcome complex risks and grow revenue

The Last Watchdog

JANUARY 8, 2023

And when malware, ransomware, or other cyber threats get in the way, the focus shifts from forward progress to focused co-operation. A security strategy should clear obstacles and enable every part of a business operation to run smoothly. In golf there’s a popular saying: play the course, not your opponent.

Risk

Risk Cybersecurity Technology CISO

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Security Affairs

APRIL 15, 2024

The Ukrainian hacking group Blackjack used a destructive ICS malware dubbed Fuxnet in attacks against Russian infrastructure. Team82 and Claroty have been unable to verify the attackers’ claims, however, they conducted a detailed analysis of the Fuxnet malware relying on information provided by the attackers.

Malware

Malware Firmware IoT Hacking

Phishers abuse CrowdStrike brand targeting job seekers with cryptominer

Security Affairs

JANUARY 10, 2025

The cybersecurity firm discovered the campaign on January 7, 2025, the company discovered that threat actors used false offers of employment with CrowdStrike. “On January 7, 2025, CrowdStrike identified a phishing campaign exploiting its recruitment branding to deliver malware disguised as an “employee CRM application.”

Phishing

Phishing Scams Malware Authentication

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

Ransomware attackers often spend weeks or months inside of a target’s network before attempting to deploy malware across the network that encrypts servers and desktop systems unless and until a ransom demand is met. In some cases, this allows the intruders to profit even if their malware somehow fails to do its job. ”

Hacking

Hacking Ransomware Banking Accountability

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches

Data breaches Cryptocurrency Cybercrime Artificial Intelligence

Multiple malware families delivered exploiting GeoServer GeoTools flaw CVE-2024-36401

Security Affairs

SEPTEMBER 8, 2024

Multiple threat actors actively exploited the recently disclosed OSGeo GeoServer GeoTools flaw CVE-2024-36401 in malware-based campaigns. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability has been addressed in versions 2.23.6,

Malware

Malware Telecommunications Encryption DDOS

Multiple malware used in attacks exploiting Ivanti VPN flaws

Security Affairs

FEBRUARY 1, 2024

Mandiant spotted new malware used by a China-linked threat actor UNC5221 targeting Ivanti Connect Secure VPN and Policy Secure devices. Mandiant researchers discovered new malware employed by a China-linked APT group known as UNC5221 and other threat groups targeting Ivanti Connect Secure VPN and Policy Secure devices.

VPN

VPN Malware Authentication Hacking

CEO of cybersecurity firm charged with installing malware on hospital systems

DeepSeek and AI-Generated Malware Pose New Danger for Cybersecurity

Trending Sources

CISA warns of RESURGE malware exploiting Ivanti flaw

FBI deleted China-linked PlugX malware from over 4,200 US computers

Esperts found new DoNot Team APT group’s Android malware

JPCERT warns of DslogdRAT malware deployed in Ivanti Connect Secure

Don’t Let Encryption Become A Double-Edged Sword That Undermines Zero Trust CyberSecurity

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

The Role and Benefits of AI in Cybersecurity

The source code of Banshee Stealer leaked online

Malwarebytes Premium Security awarded “Product of the Year” from AVLab

International law enforcement operation dismantled RedLine and Meta infostealers

Banshee macOS stealer supports new evasion mechanisms

SHARED INTEL: From airbags to malware: vehicle cyber safety arises in the age of connected cars

New Triada Trojan comes preinstalled on Android devices

New advanced FIN7’s Anubis backdoor allows to gain full system control on Windows

Coyote Banking Trojan targets Brazilian users, stealing data from 70+ financial apps and websites

Texas oilfield supplier Newpark Resources suffered a ransomware attack

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

U.S. CISA adds Ivanti Connect Secure, Policy Secure and ZTA Gateways flaw to its Known Exploited Vulnerabilities catalog

Digital nomads and risk associated with the threat of infiltred employees

BlackLock Ransomware Targeted by Cybersecurity Firm

U.S. CISA adds Fortinet FortiManager flaw to its Known Exploited Vulnerabilities catalog

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 14

Carbanak malware returned in ransomware attacks

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Dark Gate malware campaign uses Samba file shares

The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs

Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION

CERT-UA warns of malware campaign conducted by threat actor UAC-0006

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Banshee Stealer, a new macOS malware with a monthly subscription price of $3,000

2024 Cybersecurity Laws & Regulations

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

GUEST ESSAY: In pursuit of smarter cybersecurity — to overcome complex risks and grow revenue

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Phishers abuse CrowdStrike brand targeting job seekers with cryptominer

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Multiple malware families delivered exploiting GeoServer GeoTools flaw CVE-2024-36401

Multiple malware used in attacks exploiting Ivanti VPN flaws

Stay Connected