Malware

VPN Apps on Google Play Turn Android Devices Into Proxies

Android, Google Play, Malware, Malware & Threats /

VPN Apps on Google Play Turn Android Devices Into Proxies 2024-03-27 at 17:01 By Ionut Arghire Human Security identifies 28 VPN applications for Android and an SDK that turn devices into proxies. The post VPN Apps on Google Play Turn Android Devices Into Proxies appeared first on SecurityWeek. This article is an excerpt from SecurityWeek […]

React to this headline:

Loading spinner

VPN Apps on Google Play Turn Android Devices Into Proxies Read More »

Suspicious NuGet Package Harvesting Information From Industrial Systems

ICS, ICS malware, Malware, Malware & Threats /

Suspicious NuGet Package Harvesting Information From Industrial Systems 2024-03-26 at 17:01 By Ionut Arghire A suspicious NuGet package likely targets developers working with technology from Chinese firm Bozhon. The post Suspicious NuGet Package Harvesting Information From Industrial Systems appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Suspicious NuGet Package Harvesting Information From Industrial Systems Read More »

Over 100 Organizations Targeted in Recent ‘StrelaStealer’ Attacks

Malware, Malware & Threats /

Over 100 Organizations Targeted in Recent ‘StrelaStealer’ Attacks 2024-03-25 at 16:16 By Ionut Arghire More than 100 organizations in the US and EU have been targeted in recent StrelaStealer infostealer campaigns. The post Over 100 Organizations Targeted in Recent ‘StrelaStealer’ Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Over 100 Organizations Targeted in Recent ‘StrelaStealer’ Attacks Read More »

APT29 hit German political parties with bogus invites and malware

Don't miss, Germany, Hot stuff, Malware, Mandiant, News, phishing, Russian Federation, Zscaler /

APT29 hit German political parties with bogus invites and malware 2024-03-25 at 11:46 By Zeljka Zorz APT29 (aka Cozy Bear, aka Midnight Blizzard) has been spotted targeting German political parties for the first time, Mandiant researchers have shared. Phishing leading to malware The attack started in late February 2024, with phishing emails containing bogus invitations

React to this headline:

Loading spinner

APT29 hit German political parties with bogus invites and malware Read More »

US organizations targeted with emails delivering NetSupport RAT

Don't miss, Hot stuff, Malware, News, Perception Point, phishing, Remote Access Trojan, social engineering /

US organizations targeted with emails delivering NetSupport RAT 2024-03-22 at 15:08 By Helga Labus Employees at US-based organizations are being targeted with emails delivering NetSupport RAT malware via “nuanced” exploitation and by using an advanced detection evasion method. The malware campaign The campaign, dubbed PhantomBlu, takes the form of email messages purportedly coming from a

React to this headline:

Loading spinner

US organizations targeted with emails delivering NetSupport RAT Read More »

Attackers are targeting financial departments with SmokeLoader malware

Don't miss, finance, Government, Hot stuff, Malware, News, Palo Alto Networks, phishing, spear-phishing, Ukraine /

Attackers are targeting financial departments with SmokeLoader malware 2024-03-22 at 08:31 By Helga Labus Financially motivated hackers have been leveraging SmokeLoader malware in a series of phishing campaigns predominantly targeting Ukrainian government and administration organizations. The phishing campaign The Ukrainian SSSCIP State Cyber Protection Center (SCPC), together with the Palo Alto Networks Unit 42 research

React to this headline:

Loading spinner

Attackers are targeting financial departments with SmokeLoader malware Read More »

Attackers are exploiting JetBrains TeamCity flaw to deliver a variety of malware

Don't miss, exploit, Hot stuff, JetBrains, Malware, News, Ransomware, Remote Access Trojan, Trend Micro, vulnerability /

Attackers are exploiting JetBrains TeamCity flaw to deliver a variety of malware 2024-03-21 at 12:01 By Helga Labus Attackers are exploiting the recently patched JetBrains TeamCity auth bypass vulnerability (CVE-2024-27198) to deliver ransomware, cryptominers and remote access trojans (RATs), according to Trend Micro researchers. The CVE-2024-27198 timeline CVE-2024-27198, an authentication bypass vulnerability affecting the TeamCity

React to this headline:

Loading spinner

Attackers are exploiting JetBrains TeamCity flaw to deliver a variety of malware Read More »

Growing AceCryptor attacks in Europe

cybercrime, cybersecurity, Email, ESET, EU, Europe, Malware, News, Remote Access Trojan /

Growing AceCryptor attacks in Europe 2024-03-20 at 13:01 By Help Net Security ESET Research has recorded a considerable increase in AceCryptor attacks, with detections tripling between the first and second halves of 2023. In recent months, researchers registered a significant change in how AceCryptor is used, namely that the attackers spreading Rescoms (also known as

React to this headline:

Loading spinner

Growing AceCryptor attacks in Europe Read More »

Fujitsu finds malware on company systems, investigates possible data breach

cyberattack, data breach, data theft, Don't miss, Fujitsu, Hot stuff, Japan, Malware, News /

Fujitsu finds malware on company systems, investigates possible data breach 2024-03-18 at 22:27 By Helga Labus Fujitsu Limited, the largest Japanese IT services provider, has announced that several of the company’s computers have been compromised with malware, leading to a possible data breach. Known details about the Fujitsu data breach The company published the security

React to this headline:

Loading spinner

Fujitsu finds malware on company systems, investigates possible data breach Read More »

Keyloggers, spyware, and stealers dominate SMB malware detections

cybercrime, cybersecurity, data theft, Malware, malware detection, News, report, Sophos, survey /

Keyloggers, spyware, and stealers dominate SMB malware detections 2024-03-13 at 06:06 By Help Net Security In 2023, 50% of malware detections for SMBs were keyloggers, spyware and stealers, malware that attackers use to steal data and credentials, according to Sophos. Attackers subsequently use this stolen information to gain unauthorized remote access, extort victims, deploy ransomware,

React to this headline:

Loading spinner

Keyloggers, spyware, and stealers dominate SMB malware detections Read More »

Hackers leverage 1-day vulnerabilities to deliver custom Linux malware

backdoor, Check Point, Don't miss, exploit, Hot stuff, Linux, Malware, News, vulnerability, Windows /

Hackers leverage 1-day vulnerabilities to deliver custom Linux malware 2024-03-12 at 11:01 By Helga Labus A financially motivated threat actor is using known vulnerabilities to target public-facing services and deliver custom malware to unpatched Windows and Linux systems. Among the exploited vulnerabilities are also two recently discovered Ivanti Connect Secure VPN flaws that are widely

React to this headline:

Loading spinner

Hackers leverage 1-day vulnerabilities to deliver custom Linux malware Read More »

Chinese Cyberspies Target Tibetans via Watering Hole, Supply Chain Attacks

China, espionage, Malware, Malware & Threats, Tibet /

Chinese Cyberspies Target Tibetans via Watering Hole, Supply Chain Attacks 2024-03-08 at 15:02 By Ionut Arghire Chinese APT Evasive Panda compromises a software developer’s supply chain to target Tibetans with malicious downloaders. The post Chinese Cyberspies Target Tibetans via Watering Hole, Supply Chain Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Chinese Cyberspies Target Tibetans via Watering Hole, Supply Chain Attacks Read More »

Web-based PLC malware: A new potential threat to critical infrastructure

Don't miss, Hot stuff, ICS/SCADA, Malware, News, PLC, research, web application security /

Web-based PLC malware: A new potential threat to critical infrastructure 2024-03-07 at 13:47 By Zeljka Zorz A group of researchers from Georgia Tech’s College of Engineering have developed web-based programmable logic controller (PLC) malware able to target most PLCs produced by major manufacturers. “Our Web-Based (WB) PLC malware resides in PLC memory, but ultimately gets

React to this headline:

Loading spinner

Web-based PLC malware: A new potential threat to critical infrastructure Read More »

Securing software repositories leads to better OSS security

CISA, Don't miss, framework, GitHub, Hot stuff, Malware, News, open source, OpenSSF, PyPI /

Securing software repositories leads to better OSS security 2024-03-04 at 14:03 By Zeljka Zorz Malicious software packages are found on public software repositories such as GitHub, PyPI and the npm registry seemingly every day. Attackers use a number of tricks to fool developers or systems into downloading them, or they simply compromise the package developer’s

React to this headline:

Loading spinner

Securing software repositories leads to better OSS security Read More »

Cybercriminals harness AI for new era of malware development

APT, Artificial Intelligence, cybercriminals, cybersecurity, dark web, Data leak, Group-IB, Malware, News, Ransomware, report, social engineering /

Cybercriminals harness AI for new era of malware development 2024-03-01 at 08:31 By Help Net Security The alliance between ransomware groups and initial access brokers (IABs) is still the powerful engine for cybercriminal industry, as evidenced by the 74% year-on-year increase in the number of companies that had their data uploaded on dedicated leak sites

React to this headline:

Loading spinner

Cybercriminals harness AI for new era of malware development Read More »

Cryptojacking is no longer the sole focus of cloud attackers

Cado Security, Cloud, cybercrime, cybersecurity, Malware, News, report, survey /

Cryptojacking is no longer the sole focus of cloud attackers 2024-02-29 at 06:31 By Help Net Security As commercial adoption of cloud technologies continues, cloud-focused malware campaigns have increased in sophistication and number – a collective effort to safeguard both large and small enterprises is critical, according to Cado Security. Docker remains the most frequently

React to this headline:

Loading spinner

Cryptojacking is no longer the sole focus of cloud attackers Read More »

Pikabot returns with new tricks up its sleeve

Don't miss, Elastic, Hot stuff, Malware, News, phishing, Zscaler /

Pikabot returns with new tricks up its sleeve 2024-02-26 at 15:32 By Helga Labus After a short hiatus, Pikabot is back, with significant updates to its capabilities and components and a new delivery campaign. About the Pikabot loader Pikabot is a loader – a type of malware whose primary function is to serve as a

React to this headline:

Loading spinner

Pikabot returns with new tricks up its sleeve Read More »

ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708)

ConnectWise, Don't miss, enterprise, exploit, Hot stuff, Huntress, Malware, Mandiant, News, Ransomware, remote access, remote management, Sophos, vulnerability /

ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708) 2024-02-26 at 13:36 By Zeljka Zorz The recently patched vulnerabilities (CVE-2024-1709, CVE-2024-1708) in ConnectWise ScreenConnect software are being exploited by numerous attackers to deliver a variety of malicious payloads. About ConnectWise ScreenConnect ConnectWise ScreenConnect is a remote desktop solution consisting of server and client

React to this headline:

Loading spinner

ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708) Read More »

Russian Turla Cyberspies Target Polish NGOs With New Backdoor

backdoor, Malware, Malware & Threats, Nation-State, Russia, Turla /

Russian Turla Cyberspies Target Polish NGOs With New Backdoor 2024-02-22 at 18:01 By Ionut Arghire Russian state-sponsored threat actor Turla has been using a new backdoor in recent attacks targeting Polish NGOs. The post Russian Turla Cyberspies Target Polish NGOs With New Backdoor appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Russian Turla Cyberspies Target Polish NGOs With New Backdoor Read More »

Threat Actors Quick to Abuse ‘SSH-Snake’ Worm-Like Tool

Malware, Malware & Threats, worm /

Threat Actors Quick to Abuse ‘SSH-Snake’ Worm-Like Tool 2024-02-22 at 18:01 By Ionut Arghire Threat actors are actively deploying the recently released self-replicating and self-propagating SSH-Snake worm. The post Threat Actors Quick to Abuse ‘SSH-Snake’ Worm-Like Tool appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Threat Actors Quick to Abuse ‘SSH-Snake’ Worm-Like Tool Read More »

Scroll to Top