Linux-Targeted Malware Increased by 35%

Schneier on Security

Crowdstrike is reporting that malware targeting Linux has increased considerably in 2021: Malware targeting Linux systems increased by 35% in 2021 compared to 2020. XorDDoS, Mirai and Mozi malware families accounted for over 22% of Linux-targeted threats observed by CrowdStrike in 2021.

Using EM Waves to Detect Malware

Schneier on Security

Researchers have developed a malware detection system that uses EM waves: “ Obfuscation Revealed: Leveraging Electromagnetic Signals for Obfuscated Malware Classification.” Uncategorized academic papers Internet of Things malware

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Hiding Malware in ML Models

Schneier on Security

Interesting research: “EvilModel: Hiding Malware Inside of Neural Network Models” Abstract: Delivering malware covertly and detection-evadingly is critical to advanced malware campaigns.

Drovorub Malware

Schneier on Security

The NSA and FBI have jointly disclosed Drovorub, a Russian malware suite that targets Linux. cyberespionage cybersecurity espionage fbi implants malware nsa russiaDetailed advisory. Fact sheet. News articles. Reddit thread.

Mysterious Macintosh Malware

Schneier on Security

This is weird : Once an hour, infected Macs check a control server to see if there are any new commands the malware should run or binaries to execute. The lack of a final payload suggests that the malware may spring into action once an unknown condition is met.

Cloud services now spreading Malware

CyberSecurity Insiders

Cybersecurity researchers from Cisco Talos have issued a warning that hackers are now taking help of cloud service platforms to spread malware Trojans such as Nanocore, Netwire, and AsyncRAT having ability to steal critical info from the victimized devices. Malware Moncler

Ramsey Malware

Schneier on Security

A new malware, called Ramsey, can jump air gaps : ESET said they've been able to track down three different versions of the Ramsay malware, one compiled in September 2019 (Ramsay v1), and two others in early and late March 2020 (Ramsay v2.a

System Update: New Android Malware

Schneier on Security

This is a sophisticated piece of malware. Uncategorized Android cyberweapons GPS malwareResearchers have discovered a new Android app called “System Update” that is a sophisticated Remote-Access Trojan (RAT).

Attackers More Successful at Delivering Malware Payloads

Security Boulevard

Cloud-delivered malware is now more prevalent than web-delivered malware. In 2021, malware downloads originating from cloud apps increased to 66% of all malware downloads when compared to traditional websites, up from 46% at the beginning of 2020.

Live Coronavirus Map Used to Spread Malware

Krebs on Security

In one scheme, an interactive dashboard of Coronavirus infections and deaths produced by John Hopkins University is being used in malicious Web sites (and possibly spam emails) to spread password-stealing malware.

Hackers Hide Software Skimmer in Social Media Sharing Icons

Security Affairs

Security researchers have uncovered a new technique to inject a software skimmer onto checkout pages, the malware hides in social media buttons. Sansec researchers were the first that discovered the new malware. “Of these 9 infected sites, only 1 had functional malware.

New Disk Wiping Malware Targets Israel

Schneier on Security

Apostle seems to be a new strain of malware that destroys data. Uncategorized data destruction Iran Israel malware ransomware

Ransomware Defense: Top 5 Things to do Right Now

Threatpost

InfoSec Insider MalwareMatt Bromiley, senior consultant with Mandiant Managed Defense, discusses the top tricks and tips for protecting enterprise environments from ransomware.

Redline malware stealing saved passwords from browsers

CyberSecurity Insiders

Because security researchers from a South Korean cybersecurity firm, AhnLab discovered that a new malware named Redline was seen lurking in the browsers and stealing saved passwords only to be transmitted to remote servers. Malware RedLine Malware

Vaccine for Emotet Malware

Schneier on Security

Interesting story of a vaccine for the Emotet malware: Through trial and error and thanks to subsequent Emotet updates that refined how the new persistence mechanism worked, Quinn was able to put together a tiny PowerShell script that exploited the registry key mechanism to crash Emotet itself.

Blister malware using code signing certificates to evade anti malware detection

CyberSecurity Insiders

If you are in thinking that your PC or computing device is secure enough as it is loaded with an anti-malware solution, you better change your viewpoint. The post Blister malware using code signing certificates to evade anti malware detection appeared first on Cybersecurity Insiders.

Adware 105

2020 Oscar Nominees Used to Spread Malware

Adam Levin

Online scammers are using the 2020 Oscars to spread malware. The post 2020 Oscar Nominees Used to Spread Malware appeared first on Adam Levin. Data Security Technology featured malware oscars academy awards joker irishman

Emotat Malware Causes Physical Damage

Schneier on Security

Microsoft is reporting that an Emotat malware infection shut down a network by causing computers to overheat and then crash. authentication credentials malware microsoft phishing

How to Proactively Remove File-Based Malware

Security Boulevard

The post How to Proactively Remove File-Based Malware appeared first on Security Boulevard. There’s no question that the past 18 months have been challenging for technology and cybersecurity leaders.

New Android banking Malware targets Brazil’s Itaú Unibanco Bank

Security Affairs

Researchers analyzed a new Android banking malware that targets Brazil’s Itaú Unibanco that spreads through fake Google Play Store pages. Threat actors spread the malware using fake Google Play Store pages hosting malicious applications under the name ‘ sincronizador.apk.’

Finland Fending Off FluBot Malware, Again

Security Boulevard

The Finnish National Cyber Security Centre (NCSC-FI) has issued a warning to citizens about the current version of the FluBot malware campaign which is affecting “tens of thousands of people in Finland.”

Malware Goes Beyond Ancient Jigsaw

StaySafeOnline

The post Malware Goes Beyond Ancient Jigsaw appeared first on Stay Safe Online

Microsoft warns of dreaded data wiping malware campaign

CyberSecurity Insiders

Microsoft has issued an official warning to all IT and not-for-profit organizations, along with some critical government organizations across Ukraine, that their digital infrastructure could be targeted by a dreaded data wiping malware campaign. Malware Microsoft WhisperGate

Hackers exploit old Microsoft Vulnerability to drop Zloader Malware

CyberSecurity Insiders

Hackers are found inducing Zloader Malware into Windows machines since November last year and reports are in that the malicious software tool has already targeted over 2,848 victims from 111 countries so far. Malware Zloader Malware

‘Russian’ Wiper Malware: ‘Prelude to war’ in Ukraine

Security Boulevard

Ukraine is again under malware attack. The post ‘Russian’ Wiper Malware: ‘Prelude to war’ in Ukraine appeared first on Security Boulevard. And the tactics look strikingly similar to 2017’s NotPetya hack by the Russian GRU.

New RedLine malware version distributed as fake Omicron stat counter

Security Affairs

Experts warn of a new variant of the RedLine malware that is distributed via emails as fake COVID-19 Omicron stat counter app as a lure. The malicious code can also act as a first-stage malware. SecurityAffairs – hacking, RedLine malware).

How to Remove Malware from WordPress Site (Malware Cleanup Guide)

Security Boulevard

Wondering how to remove malware from WordPress site? Do not worry, we will help you clean malware from WordPress, determine the cause, and save you. The post How to Remove Malware from WordPress Site (Malware Cleanup Guide) appeared first on Malcare.

Hiding Malware in Social Media Buttons

Schneier on Security

Clever tactic : This new malware was discovered by researchers at Dutch cyber-security company Sansec that focuses on defending e-commerce websites from digital skimming (also known as Magecart) attacks. Uncategorized credit cards malware social engineering social media

Media 193

US Government Exposes North Korean Malware

Schneier on Security

US Cyber Command has uploaded North Korean malware samples to the VirusTotal aggregation repository, adding to the malware samples it uploaded in February. It's interesting to see the US government take a more aggressive stance on foreign malware.

Meet the new Flagpro malware developed by Chinese

CyberSecurity Insiders

A new malware developed by China is on the prowl on the web and is seen targeting Japanese companies for now. First it sneaks into the network to evaluate the target defense-line and then a second stage malware is then induced and executed to conduct espionage, data steal and such.

What is fileless malware?

Malwarebytes

Unlike traditional malware, which relies on a file being written to a disk, fileless malware is intended to be memory resident only, ideally leaving no trace after its execution. Which makes fileless malware a step forward in the arms race between malware and security products.

Mysterious Macintosh Malware

Security Boulevard

This is weird : Once an hour, infected Macs check a control server to see if there are any new commands the malware should run or binaries to execute. The lack of a final payload suggests that the malware may spring into action once an unknown condition is met.

Anatomy of native IIS malware

We Live Security

The post Anatomy of native IIS malware appeared first on WeLiveSecurity. MalwareESET researchers publish a white paper putting IIS web server threats under the microscope.

New Malware Hijacks Cryptocurrency Mining

Schneier on Security

After gaining control of the coin-mining software, the malware replaces the wallet address the computer owner uses to collect newly minted currency with an address controlled by the attacker. botnets cryptocurrency hacking malware scamsThis is a clever attack. From then on, the attacker receives all coins generated, and owners are none the wiser unless they take time to manually inspect their software configuration.

Some details about PhoneSpy Malware

CyberSecurity Insiders

A new malware has been uncovered recently and has been dubbed as PhoneSpy. And reports are in that the developers of such malware could be those funded by North Korea government found always spying on populace of various countries across the world. Malware PhoneSpy

How Malware Gets On Your Website

Security Boulevard

Almost since the Internet’s inception malware infections have kept pace to be the biggest nuisance a site owner experiences. With an ever growing amount of sites making up the World Wide Web, malware infections only become more common. What is Malware?

Researchers used electromagnetic signals to classify malware infecting IoT devices

Security Affairs

Cybersecurity researchers demonstrate how to use electromagnetic field emanations from IoT devices to detect malware. The researchers proposed a novel approach of using side channel information to identify malware targeting IoT systems.

IoT 103

Beware of this Crypto wallet draining Echelon Malware

CyberSecurity Insiders

Information is out that some hackers in the name of ‘Smokes Night’ are stealing cryptocurrency from the users’ wallets by spreading Echelon Malware on Telegram. The post Beware of this Crypto wallet draining Echelon Malware appeared first on Cybersecurity Insiders.

FontOnLake: Previously unknown malware family targeting Linux

We Live Security

ESET researchers discover a malware family with tools that show signs they’re used in targeted attacks. The post FontOnLake: Previously unknown malware family targeting Linux appeared first on WeLiveSecurity. Malware backdoor Linux rootkit

Signed Malware

Schneier on Security

Stuxnet famously used legitimate digital certificates to sign its malware. Now, researchers have presented proof that digitally signed malware is much more common than previously believed. The researchers said they found 189 malware samples bearing valid digital signatures that were created using compromised certificates issued by recognized certificate authorities and used to sign legitimate software. The forgeries also allow malware to evade antivirus protections.

‘Fully Undetected’ SysJoker Backdoor Malware Targets Windows, Linux & macOS

Threatpost

The malware establishes initial access on targeted machines, then waits for additional code to execute. Malware

Wiper Malware Grows More Malicious

Security Boulevard

The use of wiper malware—a tool used by nation-states under the guise of ransomware to inflict as much damage as possible and completely disrupt operations—as a malicious attack is not new, but recent changes have made the threat more dangerous.

Operation Reacharound – Emotet malware is back

Security Affairs

The FBI collected millions of email addresses used by Emotet operators in their malware campaigns as part of the cleanup operation. Malware tracking non-profit organization Abuse.ch The post Operation Reacharound – Emotet malware is back appeared first on Security Affairs.