Malware

Threat Actors Adopt, Modify Open Source ‘SapphireStealer’ Information Stealer

Malware, Malware & Threats, source code /

Threat Actors Adopt, Modify Open Source ‘SapphireStealer’ Information Stealer 01/09/2023 at 14:04 By Ionut Arghire Cisco has observed multiple threat actors adopting the SapphireStealer information stealer after its source code was released on GitHub. The post Threat Actors Adopt, Modify Open Source ‘SapphireStealer’ Information Stealer appeared first on SecurityWeek. This article is an excerpt from […]

React to this headline:

Loading spinner

Threat Actors Adopt, Modify Open Source ‘SapphireStealer’ Information Stealer Read More »

Five Eyes Report: New Russian Malware Targeting Ukrainian Military Android Devices

Android trojan, Cyberwarfare, Featured, Five Eyes, Malware, Mobile & Wireless, Russia, Ukraine /

Five Eyes Report: New Russian Malware Targeting Ukrainian Military Android Devices 31/08/2023 at 15:46 By Eduard Kovacs Five Eyes report details ‘Infamous Chisel’ malware used by Russian state-sponsored hackers to target the Ukrainian military’s Android devices.  The post Five Eyes Report: New Russian Malware Targeting Ukrainian Military Android Devices appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Five Eyes Report: New Russian Malware Targeting Ukrainian Military Android Devices Read More »

Trojanized Signal, Telegram apps found on Google Play, Samsung Galaxy Store

Android, cyber espionage, cybercrime, cybercriminals, cybersecurity, data, Don't miss, ESET, Google, Google Play, Malware, News, Signal, smartphones, software, Telegram /

Trojanized Signal, Telegram apps found on Google Play, Samsung Galaxy Store 31/08/2023 at 12:18 By Help Net Security ESET researchers have identified two active campaigns targeting Android users, where the threat actors behind the tools for Telegram and Signal are attributed to the China-aligned APT group GREF. Most likely active since July 2020 and since

React to this headline:

Loading spinner

Trojanized Signal, Telegram apps found on Google Play, Samsung Galaxy Store Read More »

DreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency Miner

exploited, Malware, Malware & Threats /

DreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency Miner 30/08/2023 at 14:17 By Eduard Kovacs The DreamBus botnet has resurfaced and it has been exploiting a recently patched Apache RocketMQ vulnerability to deliver a Monero miner. The post DreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency Miner appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

DreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency Miner Read More »

Qakbot botnet disrupted, malware removed from 700,000+ victim computers

botnet, Don't miss, Europe, Government, Hot stuff, Justice Department, Malware, News, USA /

Qakbot botnet disrupted, malware removed from 700,000+ victim computers 29/08/2023 at 21:19 By Zeljka Zorz The Qakbot botnet has been crippled by the US Department of Justice (DOJ): 52 of its servers have been seized and the popular malware loader has been removed from over 700,000 victim computers around the world. “To disrupt the botnet,

React to this headline:

Loading spinner

Qakbot botnet disrupted, malware removed from 700,000+ victim computers Read More »

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure

Cisco, critical infrastructure, Don't miss, Europe, healthcare, Hot stuff, Malware, ManageEngine, News, North Korea, trojan, USA, vulnerability /

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure 25/08/2023 at 15:36 By Helga Labus North Korean state-sponsored hackers Lazarus Group have been exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) to target internet backbone infrastructure and healthcare institutions in Europe and the US. The group leveraged the vulnerability to deploy QuiteRAT, downloaded from an IP address

React to this headline:

Loading spinner

Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure Read More »

WinRAR patches zero-day bug that targeted stock and crypto traders

cybersecurity, exploit, hackers, Malware, vulnerability, WinRAR /

WinRAR patches zero-day bug that targeted stock and crypto traders 25/08/2023 at 08:04 By Cointelegraph By Martin Young According to cybersecurity firm Group-IB, weaponized ZIP file archives were being shared on crypto trading forums, with each one containing a nasty surprise. This article is an excerpt from Cointelegraph.com News View Original Source React to this

React to this headline:

Loading spinner

WinRAR patches zero-day bug that targeted stock and crypto traders Read More »

Ransomware dwell time hits new low

Active Directory, attack, cybercrime, cybersecurity, Incident Response, Malware, News, Ransomware, report, Sophos, threats /

Ransomware dwell time hits new low 25/08/2023 at 06:34 By Help Net Security Median attacker dwell time—the time from when an attack starts to when it’s detected—shrunk from 10 to eight days for all attacks, and to five days for ransomware attacks during the first half of 2023, according to Sophos. In 2022, the median

React to this headline:

Loading spinner

Ransomware dwell time hits new low Read More »

Mysterious Malware Uses Wi-Fi Scanning to Get Location of Infected Device

Malware, Malware & Threats, Wi-Fi /

Mysterious Malware Uses Wi-Fi Scanning to Get Location of Infected Device 24/08/2023 at 18:31 By Eduard Kovacs Mysterious Whiffy Recon malware scans for nearby Wi-Fi access points to obtain the location of the infected device. The post Mysterious Malware Uses Wi-Fi Scanning to Get Location of Infected Device appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Mysterious Malware Uses Wi-Fi Scanning to Get Location of Infected Device Read More »

Bogus OfficeNote app delivers XLoader macOS malware

botnet, consumer, Don't miss, enterprise, Hot stuff, macOS, Malware, News, SentinelOne /

Bogus OfficeNote app delivers XLoader macOS malware 23/08/2023 at 14:33 By Helga Labus A new macOS-specific variant of the well known XLoader malware is being delivered disguised as the “OfficeNote” app. “Multiple submissions of this sample have appeared on VirusTotal throughout July, indicating that the malware has been widely distributed in the wild,” SentinelOne researchers

React to this headline:

Loading spinner

Bogus OfficeNote app delivers XLoader macOS malware Read More »

Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer

cybercrime, Malware, Malware & Threats, RAT /

Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer 21/08/2023 at 17:18 By Ionut Arghire Cyfirma security researchers uncover the real identity of the CypherRAT and CraxsRAT malware developer and MaaS operator. The post Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer Read More »

Thousands of Systems Turned Into Proxy Exit Nodes via Malware

Malware, Malware & Threats /

Thousands of Systems Turned Into Proxy Exit Nodes via Malware 17/08/2023 at 16:18 By Ionut Arghire Threat actors have been observed deploying a proxy application on Windows and macOS systems that were infected with malware. The post Thousands of Systems Turned Into Proxy Exit Nodes via Malware appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Thousands of Systems Turned Into Proxy Exit Nodes via Malware Read More »

Macs are getting compromised to act as proxy exit nodes

Accenture, adware, AT&T, botnet, Don't miss, Hot stuff, macOS, Malware, News, Proxy /

Macs are getting compromised to act as proxy exit nodes 14/08/2023 at 14:01 By Zeljka Zorz AdLoad, well-known malware that has been targeting systems running macOS for over half a decade, has been observed delivering a new payload that – unbeknown to the owners – enlisted their systems into a residential proxy botnet. According to

React to this headline:

Loading spinner

Macs are getting compromised to act as proxy exit nodes Read More »

APTs use of lesser-known TTPs are no less of a headache

APT, attacks, Don't miss, Expert analysis, Expert corner, Hot stuff, Malware, opinion, strategy, WithSecure /

APTs use of lesser-known TTPs are no less of a headache 14/08/2023 at 08:32 By Help Net Security APT (advanced persistent threat) attacks were once considered to be primarily a problem for large corporations, but the number of these (often state-sponsored) attacks against small- and medium-sized businesses has increased significantly. Everyone is fair game, and

React to this headline:

Loading spinner

APTs use of lesser-known TTPs are no less of a headache Read More »

Threat intelligence’s key role in mitigating malware threats

cybersecurity, Malware, News, OPSWAT, report, survey, Threat Intelligence /

Threat intelligence’s key role in mitigating malware threats 11/08/2023 at 07:02 By Help Net Security Malware, being one of the most prevalent and pervasive initial threat vectors, continues to adapt and become more sophisticated, according to OPSWAT. Crucial role of threat intelligence Threat actors leverage malware as an initial foothold to infiltrate targeted infrastructures and

React to this headline:

Loading spinner

Threat intelligence’s key role in mitigating malware threats Read More »

AgentTesla Malware Targets Users with Malicious Control Panel File

AgentTesla, infostealer, Malware /

AgentTesla Malware Targets Users with Malicious Control Panel File 09/08/2023 at 22:02 By cybleinc Cyble Research and Intelligence Labs analyzes the distribution method of AgentTesla malware using malicious control panel files. The post AgentTesla Malware Targets Users with Malicious Control Panel File appeared first on Cyble. This article is an excerpt from Cyble View Original

React to this headline:

Loading spinner

AgentTesla Malware Targets Users with Malicious Control Panel File Read More »

The ransomware rollercoaster continues as criminals advance their business models

Black Hat USA 2023, CVE, cybercrime, cybersecurity, Endpoint Security, Fortinet, Malware, MITRE, News, Ransomware, report, survey /

The ransomware rollercoaster continues as criminals advance their business models 09/08/2023 at 06:02 By Help Net Security Ransomware shows no signs of slowing, with ransomware activity ending 13 times higher than at the start of 2023 as a proportion of all malware detections, according to Fortinet. Ransomware detections 1H 2023 FortiGuard Labs has documented substantial

React to this headline:

Loading spinner

The ransomware rollercoaster continues as criminals advance their business models Read More »

Navigating the gray zone of ransomware payment practices

CISO, cybercrime, cybercriminals, cybersecurity, Don't miss, Hot stuff, how-to, Malware, Ransomware, strategy, tips, Video /

Navigating the gray zone of ransomware payment practices 07/08/2023 at 06:33 By Help Net Security Ransomware remains a lucrative tool for cybercriminals as attackers continue to target a wide array of businesses. In response to this growing threat, an increasing number of organizations are compelled to meet ransom demands, perceiving it as their only viable

React to this headline:

Loading spinner

Navigating the gray zone of ransomware payment practices Read More »

Scroll to Top