Malware

Network of 3,000 GitHub Accounts Used for Malware Distribution

GitHub, Malware, Malware & Threats, Stargazer Goblin /

Network of 3,000 GitHub Accounts Used for Malware Distribution 2024-07-25 at 14:16 By Ionut Arghire Stargazer Goblin has created a network of over 3,000 GitHub accounts to distribute malware through phishing repositories. The post Network of 3,000 GitHub Accounts Used for Malware Distribution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS […]

React to this headline:

Loading spinner

Network of 3,000 GitHub Accounts Used for Malware Distribution Read More »

Network of ghost GitHub accounts successfully distributes malware

automa, Check Point, Don't miss, GitHub, Hot stuff, Malware, News, phishing /

Network of ghost GitHub accounts successfully distributes malware 2024-07-24 at 17:31 By Zeljka Zorz Check Point researchers have unearthed an extensive network of GitHub accounts that they believe provides malware and phishing link Distribution-as-a-Service. Set up and operated by a threat group the researchers dubbed as Stargazer Goblin, the “Stargazers Ghost Network” is estimated encompass

React to this headline:

Loading spinner

Network of ghost GitHub accounts successfully distributes malware Read More »

Telegram Zero-Day Enabled Malware Delivery

Malware, Malware & Threats, Telegram, Zero-Day /

Telegram Zero-Day Enabled Malware Delivery 2024-07-23 at 15:16 By Ionut Arghire The EvilVideo zero-day vulnerability in Telegram for Android allowed threat actors to send malicious files disguised as videos. The post Telegram Zero-Day Enabled Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Telegram Zero-Day Enabled Malware Delivery Read More »

CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams

CrowdStrike, Malware, Malware & Threats, phishing, scam /

CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams 2024-07-22 at 13:47 By Eduard Kovacs The major IT outage caused by CrowdStrike is being leveraged by threat actors for phishing, scams, and malware delivery. The post CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams Read More »

Ad-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driver

browser, cybersecurity, drivers, ESET, Malware, News, report /

Ad-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driver 2024-07-22 at 06:01 By Help Net Security ESET Research has discovered a sophisticated Chinese browser injector: a signed, vulnerable, ad-injecting driver from a mysterious Chinese company. This threat, which ESET dubbed HotPage, comes self-contained in an executable file that installs its main driver and injects

React to this headline:

Loading spinner

Ad-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driver Read More »

Threat Actors Exploit Recent CrowdStrike Outage to Ramp Up Suspicious Domain Creation

CrowdStrike, Malware, Threat Actor, Windows /

Threat Actors Exploit Recent CrowdStrike Outage to Ramp Up Suspicious Domain Creation 2024-07-20 at 19:46 By dakshsharma16 On July 19th, 2024, CrowdStrike, a leading cybersecurity provider of advanced end-point security detection and protection solutions, released a sensor configuration update to Windows systems. This update contained a logic error that resulted in system crashes and Blue

React to this headline:

Loading spinner

Threat Actors Exploit Recent CrowdStrike Outage to Ramp Up Suspicious Domain Creation Read More »

FIN7 sells improved EDR killer tool

attack tools, backdoor, cybercrime, cybercriminals, Don't miss, Hot stuff, Malware, News, Ransomware, SentinelOne /

FIN7 sells improved EDR killer tool 2024-07-18 at 15:46 By Zeljka Zorz The cybercrime-focused enterprise known as FIN7 (aka the Carbanak group) has come up with yet another trick to assure the effectiveness of its “EDR killer” tool, dubbed AvNeutralizer (i.e., AuKill) by researchers. By leveraging Windows’ built-in driver TTD Monitor Driver (ProcLaunchMon.sys), in conjunction

React to this headline:

Loading spinner

FIN7 sells improved EDR killer tool Read More »

New Malware Campaign Abusing RDPWrapper and Tailscale to Target Cryptocurrency Users 

Malware /

New Malware Campaign Abusing RDPWrapper and Tailscale to Target Cryptocurrency Users  2024-07-17 at 18:46 By Neetha Key Takeaways  Summary  CRIL has discovered a multi-stage cyberattack campaign that starts with a Zip file containing a malicious shortcut file (.lnk). As of now, the source of this Zip file is unknown, but we suspect it to be

React to this headline:

Loading spinner

New Malware Campaign Abusing RDPWrapper and Tailscale to Target Cryptocurrency Users  Read More »

Investigating the New Jellyfish Loader 

All, Malware /

Investigating the New Jellyfish Loader  2024-07-15 at 17:33 By Neetha Key Takeaways  Overview  CRIL researchers came across a ZIP file, initially uploaded from Poland. This file contains a Windows shortcut (.lnk). When executed, the .lnk file opens a clean PDF and subsequently downloads and executes a new .NET-based shellcode loader, JellyfishLoader.  The new Jellyfish Loader

React to this headline:

Loading spinner

Investigating the New Jellyfish Loader  Read More »

Ukrainian Sentenced to Prison in US for Role in Zeus, IcedID Malware Operations

Malware, Malware & Threats, sentenced, Tracking & Law Enforcement, Zeus /

Ukrainian Sentenced to Prison in US for Role in Zeus, IcedID Malware Operations 2024-07-15 at 14:31 By Ionut Arghire Vyacheslav Igorevich Penchukov was sentenced to nine years in prison for his role in the Zeus and IcedID malware operations. The post Ukrainian Sentenced to Prison in US for Role in Zeus, IcedID Malware Operations appeared

React to this headline:

Loading spinner

Ukrainian Sentenced to Prison in US for Role in Zeus, IcedID Malware Operations Read More »

Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)

Censys, CVE, Don't miss, email security, Exim, Hot stuff, Malware, News, vulnerability /

Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929) 2024-07-15 at 14:20 By Zeljka Zorz The maintainers of the Exim mail transfer agent (MTA) have fixed a critical vulnerability (CVE-2024-39929) that currently affects around 1.5 million public-facing servers and can help attackers deliver malware to users. About CVE-2024-39929 The vulnerability stems from a bug in RFC 2231

React to this headline:

Loading spinner

Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929) Read More »

Infostealing malware masquerading as generative AI tools

cybercrime, ESET, generative AI, Malware, News, report, survey /

Infostealing malware masquerading as generative AI tools 2024-07-05 at 08:01 By Help Net Security Over the past six months, there has been a notable surge in Android financial threats – malware targeting victims’ mobile banking funds, whether in the form of ‘traditional’ banking malware or, more recently, cryptostealers, according to ESET. Vidar infostealer targets Windows

React to this headline:

Loading spinner

Infostealing malware masquerading as generative AI tools Read More »

US offers $10 million for information on indicted WhisperGate malware suspect

Government, government-backed attacks, Justice Department, law enforcement, Malware, News, Russian Federation, Ukraine, USA /

US offers $10 million for information on indicted WhisperGate malware suspect 2024-06-27 at 10:36 By Help Net Security A federal grand jury in Maryland returned an indictment charging a Russian citizen with conspiracy to hack into and destroy computer systems and data. If convicted, he faces a maximum penalty of five years in prison. The

React to this headline:

Loading spinner

US offers $10 million for information on indicted WhisperGate malware suspect Read More »

New ransomware, infostealers pose growing risk in 2024

BlackBerry, cybercrime, cybersecurity, Malware, News, report, survey /

New ransomware, infostealers pose growing risk in 2024 2024-06-27 at 07:01 By Help Net Security BlackBerry detected and stopped 3.1 million cyberattacks (37,000 per day) in the first quarter of 2024. Between January and March 2024, BlackBerry detected 630,000 malicious hashes, representing a 40% increase from its previous reporting period. 60% of attacks targeting industry

React to this headline:

Loading spinner

New ransomware, infostealers pose growing risk in 2024 Read More »

Malware peddlers experimenting with BPL sideloading and masking malicious payloads as PGP keys

Don't miss, Hot stuff, Kroll, Malware, malware detection, News /

Malware peddlers experimenting with BPL sideloading and masking malicious payloads as PGP keys 2024-06-26 at 15:46 By Zeljka Zorz A newly spotted campaign is leveraging BPL sideloading and other uncommon tricks to deliver the IDAT Loader (aka HijackLoader) malware and prevent its detection. The campaign Spotted by Kroll’s incident responders and analyzed by the company’s

React to this headline:

Loading spinner

Malware peddlers experimenting with BPL sideloading and masking malicious payloads as PGP keys Read More »

P2Pinfect Worm Now Dropping Ransomware on Redis Servers

Malware, Malware & Threats, Redis /

P2Pinfect Worm Now Dropping Ransomware on Redis Servers 2024-06-26 at 15:16 By Ionut Arghire The P2Pinfect worm targeting Redis servers has been updated with ransomware and cryptocurrency mining payloads. The post P2Pinfect Worm Now Dropping Ransomware on Redis Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

P2Pinfect Worm Now Dropping Ransomware on Redis Servers Read More »

UAC-0184 Abuses Python in DLL Sideloading for XWORM Distribution 

Malware /

UAC-0184 Abuses Python in DLL Sideloading for XWORM Distribution  2024-06-25 at 13:46 By Neetha Key Takeaways  Overview  CRIL recently observed a malware campaign targeting Ukraine using the Remote Access Trojan (RAT) known as XWorm. Upon investigation, it was found that this campaign is associated with the Threat Actor (TA) group UAC-0184. Previously, UAC-0184 has targeted

React to this headline:

Loading spinner

UAC-0184 Abuses Python in DLL Sideloading for XWORM Distribution  Read More »

Long-Running Chinese Espionage Campaign Targets Telecom Firms in Asian Country

China APT, Malware, Malware & Threats /

Long-Running Chinese Espionage Campaign Targets Telecom Firms in Asian Country 2024-06-20 at 19:01 By Ionut Arghire A years-long espionage campaign has targeted telecoms companies in Asia with tools associated with Chinese groups. The post Long-Running Chinese Espionage Campaign Targets Telecom Firms in Asian Country appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Long-Running Chinese Espionage Campaign Targets Telecom Firms in Asian Country Read More »

Scroll to Top