Security Affairs

NOVEMBER 23, 2023

Threat actors spread Atomic Stealer (AMOS) macOS information stealer via a bogus web browser update as part of the ClearFake campaign. Atomic Stealer (AMOS) macOS information stealer is now being delivered via a fake browser update chain tracked as ClearFake, Malwarebytes researchers warn.

Social Engineering 114

Social Engineering Passwords Malware Engineering 114

Krebs on Security

FEBRUARY 28, 2024

But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems. It didn’t dawn on Doug until days later that the missed meeting with Mr. Lee might have been a malware attack. MacOS computers include X-Protect , Apple’s built-in antivirus technology.

Malware 269

Malware Cryptocurrency Software Scams 269

Bleeping Computer

DECEMBER 20, 2022

The PyPi python package repository is being bombarded by a wave of information-stealing malware hiding inside malicious packages uploaded to the platform to steal software developers' data. [.].

Malware 90

Malware Software 90

The Hacker News

DECEMBER 18, 2023

The developers of the information stealer malware known as Rhadamanthys are actively iterating on its features, broadening its information-gathering capabilities and also incorporating a plugin system to make it more customizable.

Malware 64

Malware 64

Graham Cluley

FEBRUARY 15, 2023

Towards the end of last year, malicious hackers broke into the systems of Pepsi Bottling Ventures, the largest privately-owned bottler of Pepsi-Cola beverages in the USA, and installed malware. For almost the month the malware secretly exfiltrated personally identifiable information (PII) from the company's network.

Malware 98

Malware Hacking Data breaches 98

The Hacker News

JANUARY 10, 2023

A new malware campaign has been observed targeting Italy with phishing emails designed to deploy an information stealer on compromised Windows systems.

Malware 87

Malware Phishing 87

Bleeping Computer

JUNE 8, 2022

Malware that steals your passwords, credit cards, and crypto wallets is being promoted through search results for a pirated copy of the CCleaner Pro Windows optimization program. [.].

Malware 145

Malware Passwords 145

Schneier on Security

JANUARY 14, 2022

Researchers have developed a malware detection system that uses EM waves: “ Obfuscation Revealed: Leveraging Electromagnetic Signals for Obfuscated Malware Classification.” We will present a novel approach of using side channel information to identify the kinds of threats that are targeting the device.

Malware 306

Malware IoT Firmware Internet 306

Bleeping Computer

MAY 1, 2024

A new malware named 'Cuttlefish' has been spotted infecting enterprise-grade and small office/home office (SOHO) routers to monitor data that passes through them and steal authentication information. [.]

Malware 140

Malware Authentication 140

SecureWorld News

JULY 27, 2023

A new study from Uptycs has uncovered an increase in the distribution of information stealing malware. The 17-page report has a wealth of information, including the impact of stealers, the lifecycle of a stealer, the workflow of a stealer, and statistics around the stealers trending in 2023.

Malware 67

Malware Social Engineering Passwords Spyware 67

SecureList

MARCH 20, 2024

Introduction Malware for mobile devices is something we come across very often. million malware, adware, and riskware attacks on mobile devices. Last month, we wrote a total of four private crimeware reports on Android malware, three of which are summarized below. Collects system information (e.g. and sends it to the C2.

Malware 84

Malware Mobile Firmware Spyware 84

Security Affairs

MARCH 18, 2024

Technology giant Fujitsu announced it had suffered a cyberattack that may have resulted in the theft of customer information. Japanese technology giant Fujitsu on Friday announced it had suffered a malware attack, threat actors may have stolen personal and customer information.

Data breaches 110

Data breaches Malware Technology Government 110

CyberSecurity Insiders

JANUARY 18, 2023

Many of you get confused with terms cybersecurity and Information Security and think that both these words are same and synonymous. As organizations face constant threats in cyberspace like DDoS, ransomware, malware and data breaches, cybersecurity helps track and mitigate threats to eliminate business risks.

Information Security 136

Information Security Cybersecurity DDOS Data breaches 136

The Hacker News

JANUARY 3, 2023

A new malware campaign has been observed using sensitive information stolen from a bank as a lure in phishing emails to drop a remote access trojan called BitRAT.

Banking 92

Banking Malware Phishing 92

The Hacker News

JANUARY 30, 2023

A new Golang-based information stealer malware dubbed Titan Stealer is being advertised by threat actors through their Telegram channel.

Malware 83

Malware Advertising 83

Security Affairs

APRIL 11, 2022

Cybersecurity researchers spotted a new Windows information-stealing malware, named FFDroider, designed to steal credentials and cookies. Cybersecurity researchers from Zscaler ThreatLabz warn of a new information-stealing malware, named FFDroider, that disguises itself as the popular instant messaging app Telegram.

Malware 81

Malware Media Firewall Advertising 81

Security Affairs

APRIL 27, 2024

ThreatFabric researchers identified a new Android malware called Brokewell, which implements a wide range of device takeover capabilities. ThreatFabric researchers uncovered a new mobile malware named Brokewell, which is equipped with sophisticated device takeover features. ” reads the report published by ThreatFabric.

Malware 108

Malware Spyware Authentication Mobile 108

Bleeping Computer

APRIL 23, 2024

A threat actor has been using a content delivery network cache to store information-stealing malware in an ongoing campaign targeting systems U.S., Germany, and Japan. [.]

Malware 116

Malware 116

Security Affairs

APRIL 15, 2024

The Ukrainian hacking group Blackjack used a destructive ICS malware dubbed Fuxnet in attacks against Russian infrastructure. The website ruexfil.com provided detailed information about the attacks against Moscollector, the hackers also published screenshots of monitoring systems, servers, and databases they claim to have compromised.

Malware 123

Malware Firmware IoT Hacking 123

Security Boulevard

JANUARY 31, 2024

Permalink The post USENIX Security ’23 – Black-box Adversarial Example Attack Towards FCG Based Android Malware Detection Under Incomplete Feature Information appeared first on Security Boulevard. Originating from the conference’s events situated at the Anaheim Marriott ; and via the organizations YouTube channel.

Malware 69

Malware Architecture Education Information Security 69

The Hacker News

MARCH 20, 2024

Cybersecurity researchers have discovered an updated variant of a stealer and malware loader called BunnyLoader that modularizes its various functions as well as allow it to evade detection.

Malware 114

Malware Cryptocurrency Cybersecurity 114

Tech Republic Security

SEPTEMBER 29, 2023

We talked to Proofpoint researchers about this new malware threat and how it infects Windows systems to steal information.

Password Management 200

Password Management Malware Passwords Cybersecurity 200

Security Boulevard

JANUARY 23, 2024

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint Cybersecurity Advisory warning of the escalating threat posed by Androxgh0st malware. Read More The post FBI and CISA Warn of Androxgh0st Malware Attacks appeared first on Nuspire. Tell me more about.

Malware 131

Malware Cybersecurity 131

Bleeping Computer

JANUARY 15, 2024

A Phemedrone information-stealing malware campaign exploits a Microsoft Defender SmartScreen vulnerability (CVE-2023-36025) to bypass Windows security prompts when opening URL files. [.]

Malware 136

Malware 136

Security Affairs

APRIL 12, 2024

TA547 group is targeting dozens of German organizations with an information stealer called Rhadamanthys, Proofpoint warns. Proofpoint researchers observed a threat actor, tracked as TA547, targeting German organizations with an email campaign delivering the Rhadamanthys malware.

Malware 101

Malware Social Engineering Retail Engineering 101

Penetration Testing

MARCH 11, 2024

A dangerous new malware named Planet Stealer is making its rounds in the cybercriminal underworld, and security experts warn that your passwords, cryptocurrency wallets, and other sensitive information could be in its sights.

Passwords 119

Passwords Penetration Testing Malware Risk 119

The Hacker News

MARCH 18, 2024

Cybersecurity researchers have discovered a new malware campaign that leverages bogus Google Sites pages and HTML smuggling to distribute a commercial malware called AZORult in order to facilitate information theft. "It

Malware 127

Malware Cybersecurity 127

Penetration Testing

MAY 19, 2024

AhnLab Security Intelligence Center (ASEC) has uncovered a new tactic employed by the notorious ViperSoftX malware.

Penetration Testing 42

Penetration Testing Security Intelligence Engineering Malware 42

Bleeping Computer

JANUARY 16, 2024

CISA and the FBI warned today that threat actors using Androxgh0st malware are building a botnet focused on cloud credential theft and using the stolen information to deliver additional malicious payloads. [.]

Malware 131

Malware 131

CyberSecurity Insiders

MAY 14, 2023

Cloud storage services have become a target for hackers, and the theft of personal and sensitive information can have serious consequences. So, how is information stored in the cloud secured from hacks? One way to secure information in the cloud is through encryption. Antivirus software scans files for known viruses and malware.

Hacking 128

Hacking Antivirus Firewall Encryption 128

Security Affairs

MAY 3, 2024

This feature prevents malware execution outside the infected machine, a feature that had been abandoned by many malware variants that borrow the Zeus leaked source code. The malware implements this feature by checking a specific key/value in the Windows registry. ” reads the analysis published by Zscaler.

Malware 119

Malware Banking Hacking Cybercrime 119

Security Affairs

MAY 1, 2024

A new malware named Cuttlefish targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data. The malware creates a proxy or VPN tunnel on the compromised router to exfiltrate data, and then uses stolen credentials to access targeted resources.

Malware 101

Malware DNS Authentication Telecommunications 101

Bleeping Computer

DECEMBER 29, 2023

Multiple information-stealing malware families are abusing an undocumented Google OAuth endpoint named "MultiLogin" to restore expired authentication cookies and log into users' accounts, even if an account's password was reset. [.]

Accountability 144

Accountability Malware Authentication Passwords 144

Security Affairs

APRIL 24, 2024

A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners. Avast researchers discovered and analyzed a malware campaign that exploited the update mechanism of the eScan antivirus to distribute backdoors and crypto miners. ” concludes the report.

Antivirus 99

Antivirus Malware DNS Cryptocurrency 99

The Hacker News

MARCH 18, 2024

A new elaborate attack campaign has been observed employing PowerShell and VBScript malware to infect Windows systems and harvest sensitive information. The malware payloads used in the DEEP#GOSU represent a

Malware 112

Malware Cybersecurity 112

Bleeping Computer

NOVEMBER 20, 2023

The Lumma information-stealing malware is now using an interesting tactic to evade detection by security software - the measuring of mouse movements using trigonometry to determine if the malware is running on a real machine or an antivirus sandbox. [.]

Malware 131

Malware Antivirus Software 131

The Hacker News

MARCH 27, 2024

Indian government entities and energy companies have been targeted by unknown threat actors with an aim to deliver a modified version of an open-source information stealer malware called HackBrowserData and exfiltrate sensitive information in some cases by using Slack as command-and-control (C2).

Malware 113

Malware Phishing Government 113